-
Notifications
You must be signed in to change notification settings - Fork 39
210 lines (204 loc) · 6.99 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
name: Publish
on:
pull_request:
push:
branches:
- master
tags:
- v*
jobs:
vulnerability-scan:
timeout-minutes: 10
strategy:
fail-fast: false
matrix:
framework: [ net6.0, net7.0, net8.0 ]
os: [ ubuntu-latest, windows-latest ]
runs-on: ${{ matrix.os }}
name: scan-vulnerabilities/${{ matrix.os }}/${{ matrix.framework }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Install dotnet SDKs
uses: actions/setup-dotnet@v3
with:
dotnet-version: |
6.0.x
7.0.x
8.0.x
- name: Scan for Vulnerabilities
shell: bash
run: |
dotnet nuget list source
dotnet restore
dotnet list package --vulnerable --include-transitive --framework ${{ matrix.framework }} | tee vulnerabilities.txt
! cat vulnerabilities.txt | grep -q "has the following vulnerable packages"
build-samples:
timeout-minutes: 5
name: build-samples/${{ matrix.framework }}
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
framework: [ net8.0 ]
services:
esdb:
image: docker.eventstore.com/eventstore-ce/eventstoredb-ce:lts
env:
EVENTSTORE_INSECURE: true
EVENTSTORE_MEM_DB: false
EVENTSTORE_RUN_PROJECTIONS: all
EVENTSTORE_START_STANDARD_PROJECTIONS: true
ports:
- 2113:2113
options: --health-cmd "exit 0"
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Install dotnet SDKs
uses: actions/setup-dotnet@v3
with:
dotnet-version: |
8.0.x
- name: Compile
shell: bash
run: |
dotnet build samples
- name: Run
shell: bash
run: |
find samples/ -type f -iname "*.csproj" -print0 | xargs -0L1 dotnet run --framework ${{ matrix.framework }} --project
generate-certificates:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Generate certificates
run: |
mkdir -p certs
docker run --rm --user root --volume "$PWD/certs:/tmp" docker.eventstore.com/eventstore-utils/es-gencert-cli:latest create-ca -out /tmp/ca
docker run --rm --user root --volume "$PWD/certs:/tmp" docker.eventstore.com/eventstore-utils/es-gencert-cli:latest create-node -ca-certificate /tmp/ca/ca.crt -ca-key /tmp/ca/ca.key -out /tmp/node -ip-addresses 127.0.0.1 -dns-names localhost
docker run --rm --user root --volume "$PWD/certs:/tmp" docker.eventstore.com/eventstore-utils/es-gencert-cli:latest create-user -username admin -ca-certificate /tmp/ca/ca.crt -ca-key /tmp/ca/ca.key -out /tmp/user-admin
docker run --rm --user root --volume "$PWD/certs:/tmp" docker.eventstore.com/eventstore-utils/es-gencert-cli:latest create-user -username invalid -ca-certificate /tmp/ca/ca.crt -ca-key /tmp/ca/ca.key -out /tmp/user-invalid
- name: Set permissions on certificates
run: |
sudo chown -R $USER:$USER certs
sudo chmod -R 755 certs
- name: Upload certificates
uses: actions/upload-artifact@v2
with:
name: certs
path: certs
test:
needs: generate-certificates
timeout-minutes: 20
strategy:
fail-fast: false
matrix:
framework: [ net6.0, net7.0, net8.0 ]
os: [ ubuntu-latest, windows-latest ]
configuration: [ release ]
runs-on: ${{ matrix.os }}
name: test/EventStore.Client/${{ matrix.os }}/${{ matrix.framework }}
steps:
- name: Checkout
uses: actions/checkout@v3
- shell: bash
run: |
git fetch --prune --unshallow
- name: Install dotnet SDKs
uses: actions/setup-dotnet@v3
with:
dotnet-version: |
6.0.x
7.0.x
8.0.x
- name: Compile
shell: bash
run: |
dotnet build --configuration ${{ matrix.configuration }} --framework ${{ matrix.framework }} src/EventStore.Client
- name: Download certificates
uses: actions/download-artifact@v2
with:
name: certs
path: certs
- name: Import certificates (Linux)
if: runner.os == 'Linux'
shell: bash
run: |
sudo cp certs/ca/ca.crt /usr/local/share/ca-certificates/eventstore_ca.crt
sudo update-ca-certificates
- name: Import certificates (Windows)
if: runner.os == 'Windows'
shell: pwsh
run: |
Import-Certificate -FilePath "certs\ca\ca.crt" -CertStoreLocation "Cert:\LocalMachine\Root"
- name: Run Tests (Linux)
if: runner.os == 'Linux'
shell: bash
run: |
dotnet test --configuration ${{ matrix.configuration }} --blame \
--logger:"GitHubActions;report-warnings=false" --logger:"console;verbosity=normal" \
--framework ${{ matrix.framework }} \
test/EventStore.Client.Tests
- name: Run Tests (Windows)
if: runner.os == 'Windows'
shell: pwsh
run: |
dotnet test --configuration ${{ matrix.configuration }} --blame `
--logger:"GitHubActions;report-warnings=false" --logger:"console;verbosity=normal" `
--framework ${{ matrix.framework }} `
test/EventStore.Client.Tests
publish:
timeout-minutes: 5
needs: [ vulnerability-scan, test, build-samples ]
runs-on: ubuntu-latest
name: publish
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Get Version
id: get_version
run: |
echo "branch=${GITHUB_REF:10}" >> $GITHUB_OUTPUT
dotnet nuget list source
dotnet tool restore
version=$(dotnet tool run minver -- --tag-prefix=v)
echo "version=${version}" >> $GITHUB_OUTPUT
- shell: bash
run: |
git fetch --prune --unshallow
- name: Install dotnet SDKs
uses: actions/setup-dotnet@v3
with:
dotnet-version: |
6.0.x
7.0.x
8.0.x
- name: Dotnet Pack
shell: bash
run: |
mkdir -p packages
dotnet pack /p:Version=${{ steps.get_version.outputs.version }} --configuration=Release \
/p:PublishDir=./packages \
/p:NoWarn=NU5105 \
/p:RepositoryUrl=https://github.com/EventStore/EventStore-Client-Dotnet \
/p:RepositoryType=git
- name: Publish Artifacts
uses: actions/upload-artifact@v1
with:
path: packages
name: nuget-packages
- name: Dotnet Push to Github Packages
shell: bash
if: github.event_name == 'push'
run: |
dotnet tool restore
find . -name "*.nupkg" | xargs -n1 dotnet nuget push --api-key=${{ secrets.github_token }} --source https://nuget.pkg.github.com/EventStore/index.json --skip-duplicate
- name: Dotnet Push to Nuget.org
shell: bash
if: contains(steps.get_version.outputs.branch, 'v')
run: |
dotnet nuget list source
dotnet tool restore
find . -name "*.nupkg" | xargs -n1 dotnet nuget push --api-key=${{ secrets.nuget_key }} --source https://api.nuget.org/v3/index.json --skip-duplicate