Skip to content
CI

CI #5868

Sign in to view logs

CI

CI #5868

Workflow file for this run

.github/workflows/CI.yml at ce47d4b
name: CI
on:
push:
branches: [main]
tags:
- "v*"
pull_request:
branches: [main]
schedule:
- cron: "0 7 * * *"
workflow_dispatch:
permissions:
contents: read
jobs:
build:
permissions:
contents: read
actions: write
security-events: write
strategy:
fail-fast: false
matrix:
runner-os: [windows-latest, ubuntu-latest, macos-latest]
language: [ csharp, actions ]
runs-on: ${{ matrix.runner-os }}
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
# e33e0265a09d6d736e2ee1e0eb685ef1de4669ff is tag v3, pinned to avoid supply chain attacks
- uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff
- name: Initialize CodeQL
if: matrix.runner-os == 'ubuntu-latest'
uses: github/codeql-action/init@v4
with:
languages: ${{ matrix.language }}
queries: +security-and-quality
config-file: ./.github/codeql/codeql-config.yml
- name: Setup .NET
uses: actions/setup-dotnet@v5
with:
global-json-file: global.json
- name: dotnet format
run: just format-check
- name: Restore dependencies
run: just restore
- name: Build
run: just build
- name: Unit Test
run: just test-coverage
- name: Copy Coverage To Predictable Location
if: always() && matrix.runner-os == 'ubuntu-latest' && matrix.language == 'csharp'
run: cp coverage/**/coverage.cobertura.xml coverage/coverage.cobertura.xml
- name: Code Coverage Summary Report
# 51cc3a756ddcd398d447c044c02cb6aa83fdae95 is tag v1.3.0, pinned to avoid supply chain attacks
uses: irongut/CodeCoverageSummary@51cc3a756ddcd398d447c044c02cb6aa83fdae95
if: always() && matrix.runner-os == 'ubuntu-latest' && matrix.language == 'csharp'
with:
filename: coverage/coverage.cobertura.xml
badge: true
format: "markdown"
output: "both"
# This is used by the subsequent publish-test-results.yml
- name: Upload Unit Test Results
if: always() && matrix.runner-os == 'ubuntu-latest' && matrix.language == 'csharp'
uses: actions/upload-artifact@v6
with:
name: Unit Test Results
path: src/OctoshiftCLI.Tests/unit-tests.xml
# This is used by the subsequent publish-test-results.yml
- name: Upload Code Coverage Report
if: always() && matrix.runner-os == 'ubuntu-latest' && matrix.language == 'csharp'
uses: actions/upload-artifact@v6
with:
name: Code Coverage Report
path: code-coverage-results.md
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4
if: matrix.runner-os == 'ubuntu-latest'
upload-event-file:
permissions:
contents: read
actions: write
runs-on: ubuntu-latest
steps:
# This is used by the subsequent publish-test-results.yaml
- name: Upload Event File
uses: actions/upload-artifact@v6
with:
name: Event File
path: ${{ github.event_path }}
build-for-e2e-test:
permissions:
contents: read
actions: write
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.owner.login == 'github'
strategy:
fail-fast: false
matrix:
target-os: [windows-latest, ubuntu-latest, macos-latest]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
# e33e0265a09d6d736e2ee1e0eb685ef1de4669ff is tag v3, pinned to avoid supply chain attacks
- uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff
- name: Setup .NET
uses: actions/setup-dotnet@v5
with:
global-json-file: global.json
- name: Build Artifacts (Linux)
if: matrix.target-os == 'ubuntu-latest'
run: just publish-linux
- name: Build Artifacts (Windows)
if: matrix.target-os == 'windows-latest'
run: just publish-windows
- name: Build Artifacts (MacOS)
if: matrix.target-os == 'macos-latest'
run: just publish-macos
- name: Upload Binaries
uses: actions/upload-artifact@v6
with:
name: binaries-${{ matrix.target-os }}
path: |
dist/linux-x64/ado2gh-linux-amd64
dist/linux-x64/bbs2gh-linux-amd64
dist/linux-x64/gei-linux-amd64
dist/osx-x64/ado2gh-darwin-amd64
dist/osx-x64/bbs2gh-darwin-amd64
dist/osx-x64/gei-darwin-amd64
dist/win-x64/ado2gh-windows-amd64.exe
dist/win-x64/bbs2gh-windows-amd64.exe
dist/win-x64/gei-windows-amd64.exe
e2e-test:
permissions:
contents: read
actions: write
checks: write
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.owner.login == 'github'
needs: [build-for-e2e-test]
strategy:
fail-fast: false
matrix:
runner-os: [windows-latest, ubuntu-latest, macos-latest]
source-vcs: [AdoBasic, AdoCsv, Bbs, Ghes, Github]
runs-on: ${{ matrix.runner-os }}
concurrency: integration-test-${{ matrix.source-vcs }}-${{ matrix.runner-os }}
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
- name: Setup .NET
uses: actions/setup-dotnet@v5
with:
global-json-file: global.json
- name: Download Binaries
uses: actions/download-artifact@v7
with:
name: binaries-${{ matrix.runner-os }}
path: dist
- name: Copy binary to root (linux)
if: matrix.runner-os == 'ubuntu-latest'
run: |
New-Item -Path "./" -Name "gh-gei" -ItemType "directory"
New-Item -Path "./" -Name "gh-ado2gh" -ItemType "directory"
New-Item -Path "./" -Name "gh-bbs2gh" -ItemType "directory"
Copy-Item ./dist/linux-x64/gei-linux-amd64 ./gh-gei/gh-gei
Copy-Item ./dist/linux-x64/ado2gh-linux-amd64 ./gh-ado2gh/gh-ado2gh
Copy-Item ./dist/linux-x64/bbs2gh-linux-amd64 ./gh-bbs2gh/gh-bbs2gh
shell: pwsh
- name: Copy binary to root (windows)
if: matrix.runner-os == 'windows-latest'
run: |
New-Item -Path "./" -Name "gh-gei" -ItemType "directory"
New-Item -Path "./" -Name "gh-ado2gh" -ItemType "directory"
New-Item -Path "./" -Name "gh-bbs2gh" -ItemType "directory"
Copy-Item ./dist/win-x64/gei-windows-amd64.exe ./gh-gei/gh-gei.exe
Copy-Item ./dist/win-x64/ado2gh-windows-amd64.exe ./gh-ado2gh/gh-ado2gh.exe
Copy-Item ./dist/win-x64/bbs2gh-windows-amd64.exe ./gh-bbs2gh/gh-bbs2gh.exe
shell: pwsh
- name: Copy binary to root (macos)
if: matrix.runner-os == 'macos-latest'
run: |
New-Item -Path "./" -Name "gh-gei" -ItemType "directory"
New-Item -Path "./" -Name "gh-ado2gh" -ItemType "directory"
New-Item -Path "./" -Name "gh-bbs2gh" -ItemType "directory"
Copy-Item ./dist/osx-x64/gei-darwin-amd64 ./gh-gei/gh-gei
Copy-Item ./dist/osx-x64/ado2gh-darwin-amd64 ./gh-ado2gh/gh-ado2gh
Copy-Item ./dist/osx-x64/bbs2gh-darwin-amd64 ./gh-bbs2gh/gh-bbs2gh
shell: pwsh
- name: Set execute permissions
run: |
chmod +x ./gh-gei/gh-gei
chmod +x ./gh-ado2gh/gh-ado2gh
chmod +x ./gh-bbs2gh/gh-bbs2gh
- name: Install gh-gei extension
run: gh extension install .
shell: pwsh
working-directory: ./gh-gei
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install gh-ado2gh extension
run: gh extension install .
shell: pwsh
working-directory: ./gh-ado2gh
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install gh-bbs2gh extension
run: gh extension install .
shell: pwsh
working-directory: ./gh-bbs2gh
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Integration Test
env:
ADO_PAT: ${{ secrets.ADO_PAT }}
GHEC_PAT: ${{ secrets.GHEC_PAT }}
GHES_PAT: ${{ secrets.GHES_PAT }}
ADO_SERVER_PAT: ${{ secrets.ADO_SERVER_PAT }}
BBS_USERNAME: ${{ secrets.BBS_USERNAME }}
BBS_PASSWORD: ${{ secrets.BBS_PASSWORD }}
SSH_KEY_BBS: ${{ secrets.SSH_KEY_BBS }}
SSH_PORT_BBS: ${{ secrets.SSH_PORT_BBS }}
SMB_PASSWORD: ${{ secrets.SMB_PASSWORD }}
AZURE_STORAGE_CONNECTION_STRING_BBS_LINUX: ${{ secrets.AZURE_STORAGE_CONNECTION_STRING_BBS_LINUX }}
AZURE_STORAGE_CONNECTION_STRING_BBS_MACOS: ${{ secrets.AZURE_STORAGE_CONNECTION_STRING_BBS_MACOS }}
AZURE_STORAGE_CONNECTION_STRING_BBS_WINDOWS: ${{ secrets.AZURE_STORAGE_CONNECTION_STRING_BBS_WINDOWS }}
AZURE_STORAGE_CONNECTION_STRING_GHES_LINUX: ${{ secrets.AZURE_STORAGE_CONNECTION_STRING_GHES_LINUX }}
AZURE_STORAGE_CONNECTION_STRING_GHES_MACOS: ${{ secrets.AZURE_STORAGE_CONNECTION_STRING_GHES_MACOS }}
AZURE_STORAGE_CONNECTION_STRING_GHES_WINDOWS: ${{ secrets.AZURE_STORAGE_CONNECTION_STRING_GHES_WINDOWS }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }}
LD_LIBRARY_PATH: "$LD_LIBRARY_PATH:${{ github.workspace }}/src/OctoshiftCLI.IntegrationTests/bin/Debug/net8.0/runtimes/ubuntu.18.04-x64/native"
run: dotnet test src/OctoshiftCLI.IntegrationTests/OctoshiftCLI.IntegrationTests.csproj --filter "${{ matrix.source-vcs }}ToGithub" --logger:"junit;LogFilePath=integration-tests.xml" --logger "console;verbosity=normal" /p:VersionPrefix=9.9
- name: Publish Integration Test Results
# 6e8f8c55b476f977d1c58cfbd7e337cbf86d917f is tag v2, pinned to avoid supply chain attacks
uses: EnricoMi/publish-unit-test-result-action@34d7c956a59aed1bfebf31df77b8de55db9bbaaf
if: always() && matrix.runner-os == 'ubuntu-latest' && github.actor != 'dependabot[bot]'
with:
files: "**/*-tests.xml"
check_name: "Integration Test Results - ${{ matrix.source-vcs }}"
comment_mode: off
- name: Upload test logs
uses: actions/upload-artifact@v6
if: always()
with:
name: integration-test-logs-${{ matrix.source-vcs }}-${{ matrix.runner-os }}
path: dist/**/*.log
- name: Test Logs
if: always()
run: Get-ChildItem . -Filter *.octoshift.log -Recurse | ForEach-Object { Get-Content -Path $_.FullName }
working-directory: ./dist
shell: pwsh
- name: Test Logs (Verbose)
if: always()
run: Get-ChildItem . -Filter *.octoshift.verbose.log -Recurse | ForEach-Object { Get-Content -Path $_.FullName }
working-directory: ./dist
shell: pwsh
publish:
permissions:
contents: write
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/v')
needs: [build, e2e-test]
environment: PUBLISH_RELEASE
steps:
- uses: actions/checkout@v6
with:
token: ${{ secrets.RELEASE_NOTES_PAT }}
fetch-depth: 0
- name: Validate tag on main
shell: pwsh
run: |
git checkout main
$mainsha = $(git show-ref refs/heads/main --hash)
$tagsha = $(git show-ref ${{ github.ref }} --hash)
Write-Output "refs/heads/main: $mainsha"
Write-Output "${{ github.ref }}: $tagsha"
if ($mainsha -ne $tagsha) {
Write-Error "tag must match HEAD of main"
exit 1
}
- name: Setup .NET
uses: actions/setup-dotnet@v5
with:
global-json-file: global.json
- name: Build Artifacts
run: ./publish.ps1
shell: pwsh
env:
CLI_VERSION: ${{ github.ref }}
- name: Create gh-gei Release
# a06a81a03ee405af7f2048a818ed3f03bbf83c7b is tag v2, pinned to avoid supply chain attacks
uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b
with:
body_path: ./RELEASENOTES.md
files: |
./dist/ado2gh.*.win-x64.zip
./dist/ado2gh.*.win-x86.zip
./dist/ado2gh.*.linux-x64.tar.gz
./dist/ado2gh.*.linux-arm64.tar.gz
./dist/ado2gh.*.osx-x64.tar.gz
./dist/win-x64/gei-windows-amd64.exe
./dist/win-x86/gei-windows-386.exe
./dist/linux-x64/gei-linux-amd64
./dist/linux-arm64/gei-linux-arm64
./dist/osx-x64/gei-darwin-amd64
- name: Create gh-ado2gh Release
# a06a81a03ee405af7f2048a818ed3f03bbf83c7b is tag v2, pinned to avoid supply chain attacks
uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b
with:
body_path: ./RELEASENOTES.md
repository: github/gh-ado2gh
token: ${{ secrets.PUBLISH_ADO2GH_TOKEN }}
files: |
./dist/win-x86/ado2gh-windows-386.exe
./dist/win-x64/ado2gh-windows-amd64.exe
./dist/linux-x64/ado2gh-linux-amd64
./dist/linux-arm64/ado2gh-linux-arm64
./dist/osx-x64/ado2gh-darwin-amd64
- name: Create gh-bbs2gh Release
# a06a81a03ee405af7f2048a818ed3f03bbf83c7b is tag v2, pinned to avoid supply chain attacks
uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b
with:
body_path: ./RELEASENOTES.md
repository: github/gh-bbs2gh
token: ${{ secrets.PUBLISH_BBS2GH_TOKEN }}
files: |
./dist/win-x86/bbs2gh-windows-386.exe
./dist/win-x64/bbs2gh-windows-amd64.exe
./dist/linux-x64/bbs2gh-linux-amd64
./dist/linux-arm64/bbs2gh-linux-arm64
./dist/osx-x64/bbs2gh-darwin-amd64
- name: Archive Release Notes
shell: pwsh
run: |
$TAG_NAME = "${{ github.ref }}".Substring(10)
Get-Content ./RELEASENOTES.md | Out-File -FilePath ./releasenotes/$TAG_NAME.md
"" | Out-File ./RELEASENOTES.md
- name: Update LATEST-VERSION.TXT
shell: pwsh
run: |
$TAG_NAME = "${{ github.ref }}".Substring(10)
$TAG_NAME | Out-File ./LATEST-VERSION.txt
- name: Commit Release Notes and Version
uses: stefanzweifel/git-auto-commit-action@28e16e81777b558cc906c8750092100bbb34c5e3
with:
commit_message: Automated commit of archived release notes and version file [skip ci]
file_pattern: RELEASENOTES.md releasenotes/*.md LATEST-VERSION.txt
branch: main