Skip to content

Bump the net-nuget-packages group with 13 updates #10

Bump the net-nuget-packages group with 13 updates

Bump the net-nuget-packages group with 13 updates #10

Workflow file for this run

on:
push:
branches:
- main
pull_request:
branches:
- main
permissions:
contents: read
security-events: write
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
env:
DOTNET_NOLOGO: true
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: 17
distribution: zulu
- name: Setup .NET 8.0.x
uses: actions/setup-dotnet@v3
with:
dotnet-version: 8.0.100-rc.1.23455.8
- name: Setup NuGet 6.x
uses: nuget/setup-nuget@v1
with:
nuget-version: 6.x
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Cache SonarCloud packages
uses: actions/cache@v3
with:
path: ~\sonar\cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache SonarCloud scanner
id: cache-sonar-scanner
uses: actions/cache@v3
with:
path: .\.sonar\scanner
key: ${{ runner.os }}-sonar-scanner
restore-keys: ${{ runner.os }}-sonar-scanner
- name: Install SonarCloud scanner
if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
shell: pwsh
run: |
New-Item -Path ./.sonar/scanner -ItemType Directory
dotnet tool update dotnet-sonarscanner --tool-path ./.sonar/scanner
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: csharp
- name: Build and analyze
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
./.sonar/scanner/dotnet-sonarscanner begin /k:"smokedlinq_aemediator" /o:"smokedlinq-github" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths=**/*.opencover.xml
dotnet build
dotnet test /property:CollectCoverage=true /property:CoverletOutputFormat=opencover /property:CoverletOutput=./coverage/
./.sonar/scanner/dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: "/language:csharp"
- uses: snyk/actions/dotnet@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: >-
--all-projects
--detection-depth=8
--sarif-file-output=snyk.sarif
command: test
- uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: snyk.sarif