wonderking/continuity
2
0
Fork 0
Code Issues Pull requests 16 Projects 1 Releases Packages 1 Wiki Activity Actions
continuity/.gitea/workflows/server_pr.yaml
renovate-bot 44fc75aa5f
Some checks failed
PR Workflow / preprocess (pull_request) Successful in 4s
Details
PR Workflow / build (pull_request) Successful in 42s
Details
PR Workflow / sbom-scan (pull_request) Failing after 53s
Details
PR Workflow / container-build (pull_request) Successful in 1m54s
Details
PR Workflow / generate-licences (pull_request) Successful in 1m33s
Details
PR Workflow / container-sbom-scan (pull_request) Failing after 50s
Details
chore(deps): update actions/setup-dotnet action to v4 
Signed-off-by: noreply@rainote.dev
2024-04-25 16:01:53 +00:00

170 lines
6.2 KiB
YAML
Raw Permalink Blame History

name: PR Workflow
run-name: ${{ gitea.actor }} PR related workflow
on:
pull_request:
paths-ignore:
- Wiki/**
- Benchmarks/**
- .run/**
jobs:
preprocess:
runs-on: ubuntu-latest
outputs:
sanitized_branch_name: ${{ steps.sanitize.outputs.sanitized_branch_name }}
steps:
- name: Sanitize branch name
id: sanitize
run: echo "::set-output name=sanitized_branch_name::$(echo ${{ github.ref_name }} | sed 's/\//-/g')"
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup dotnet
uses: https://github.com/actions/setup-dotnet@v4
with:
global-json-file: global.json
- name: Install dependencies
run: dotnet restore
- name: Build
run: |
dotnet build Continuity.AuthServer -c Release
sbom-scan:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup dotnet
uses: https://github.com/actions/setup-dotnet@v4
with:
global-json-file: global.json
- name: Install dependencies
run: |
dotnet restore
echo "::add-path::$HOME/.dotnet/tools"
- name: Setup Dependency Track Dependencies
run: |
dotnet tool install --global CycloneDX
- name: Generate SBOM
run: |
dotnet CycloneDX Continuity.AuthServer/Continuity.AuthServer.csproj -o . -dgl
- name: Upload SBOM
uses: https://github.com/DependencyTrack/gh-upload-sbom@v2.0.1
with:
apiKey: ${{ secrets.DEPENDENCY_TRACK_API_KEY }}
serverHostname: ${{ secrets.DEPENDENCY_TRACK_URL }}
projectName: ${{ secrets.DEPENDENCY_TRACK_PROJECT_NAME }}
autoCreate: true
# set projectversion to be the branch name
projectVersion: ${{ github.ref_name }}
bomFilename: ${{ github.workspace }}/bom.xml
container-build:
runs-on: ubuntu-latest
container: catthehacker/ubuntu:act-latest@sha256:5f2ff408985b10de9da4a8ea735b7f07d4f98c61608180ebb8964deb37f7580a
needs: [ build, preprocess ]
steps:
- uses: actions/checkout@v4
- name: Setup dotnet
uses: https://github.com/actions/setup-dotnet@v4
with:
global-json-file: global.json
# Add support for more platforms with QEMU (optional)
# https://github.com/docker/setup-qemu-action
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
registry: ${{ github.server_url }}
username: ${{ github.actor }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
file: Continuity.AuthServer/Dockerfile
push: true
tags: forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }}
platforms: linux/amd64,linux/arm64
- name: Build and push to latest
if: github.ref_name == 'master'
uses: docker/build-push-action@v5
with:
context: .
file: Continuity.AuthServer/Dockerfile
push: true
tags: forge.rainote.dev/${{ github.repository }}:latest
platforms: linux/amd64, linux/arm64
container-sbom-scan:
needs: [ container-build, preprocess ]
runs-on: ubuntu-latest
container: catthehacker/ubuntu:act-latest@sha256:5f2ff408985b10de9da4a8ea735b7f07d4f98c61608180ebb8964deb37f7580a
steps:
- uses: actions/checkout@v4
- name: Setup dotnet
uses: https://github.com/actions/setup-dotnet@v4
with:
global-json-file: global.json
- name: Install dependencies
run: |
dotnet restore
echo "::add-path::$HOME/.dotnet/tools"
- name: Setup Dependency Track Dependencies
run: |
mkdir ~/.docker
curl -sSfL https://raw.githubusercontent.com/docker/sbom-cli-plugin/main/install.sh | sh -s --
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
registry: ${{ github.server_url }}
username: ${{ github.actor }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Generate SBOM
run: |
echo forge.rainote.dev/${{ github.repository }}
echo forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }}
docker pull forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }}
docker sbom -D forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }} --format cyclonedx-json --output container-bom.json
- name: Upload SBOM
uses: https://github.com/DependencyTrack/gh-upload-sbom@v2.0.1
with:
apiKey: ${{ secrets.DEPENDENCY_TRACK_API_KEY }}
serverHostname: ${{ secrets.DEPENDENCY_TRACK_URL }}
projectName: ${{ secrets.DEPENDENCY_TRACK_PROJECT_NAME }}-container
autoCreate: true
# set projectversion to be the branch name
projectVersion: ${{ github.ref_name }}
bomFilename: ${{ github.workspace }}/container-bom.json
generate-licences:
needs: [ build, preprocess ]
runs-on: ubuntu-latest
container: catthehacker/ubuntu:act-latest@sha256:5f2ff408985b10de9da4a8ea735b7f07d4f98c61608180ebb8964deb37f7580a
steps:
- uses: actions/checkout@v4
- name: Setup dotnet
uses: https://github.com/actions/setup-dotnet@v4
with:
dotnet-version: |
7.0
8.0
- name: Install dependencies
run: |
dotnet restore
echo "::add-path::$HOME/.dotnet/tools"
- name: Install nuget-license
run: dotnet tool install --global dotnet-project-licenses
- name: Export licenses
run: dotnet-project-licenses -i . -u --projects-filter projects_ignore_licenses.json -m -j -e -f licenses
- name: Upload licenses
uses: actions/upload-artifact@v3
with:
name: licenses
path: licenses
retention-days: 31
View git blame Copy permalink