gewuyou/GFramework
1
0
Fork 0
mirror of https://github.com/GeWuYou/GFramework.git synced 2026-03-22 19:03:29 +08:00
Code Issues Packages Projects Releases Wiki Activity
GFramework/.github/workflows/ci.yml
GeWuYou edef111ce7 perf(ci): 优化CI工作流配置以提升构建性能 
- 为MegaLinter添加缓存机制以加速代码质量检查
- 为TruffleHog添加缓存机制以提升安全扫描效率
- 扩展NuGet包缓存路径并包含更多依赖目录
- 添加.NET工具缓存以减少重复下载时间
- 将CodeQL构建模式从自动改为手动控制
- 更新.NET版本配置仅保留8.0.x版本支持
- 调整仓库检出深度设置以优化拉取速度
2026-02-09 11:27:10 +08:00

167 lines
5.1 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# CI/CD工作流配置构建和测试.NET项目
# 该工作流在push到main/master分支或创建pull request时触发
name: CI - Build & Test
on:
push:
branches: [ main, master ]
pull_request:
branches: [ main, master ]
permissions:
contents: read
security-events: write
jobs:
test:
name: Build and Test
runs-on: ubuntu-latest
steps:
# 检出源代码设置fetch-depth为0以获取完整的git历史
- name: Checkout code
uses: actions/checkout@v6
with:
fetch-depth: 0
# 缓存MegaLinter
- name: Cache MegaLinter
uses: actions/cache@v5
with:
path: ~/.cache/megalinter
key: ${{ runner.os }}-megalinter-v9
restore-keys: |
${{ runner.os }}-megalinter-
# MegaLinter扫描步骤
# 执行代码质量检查和安全扫描生成SARIF格式报告
- name: MegaLinter
uses: oxsecurity/megalinter@v9.3.0
continue-on-error: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
FAIL_ON_ERROR: ${{ github.ref == 'refs/heads/main' }}
# 上传SARIF格式的安全和代码质量问题报告到GitHub安全中心
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v4
with:
sarif_file: megalinter-reports/sarif
# 缓存TruffleHog
- name: Cache TruffleHog
uses: actions/cache@v5
with:
path: ~/.cache/trufflehog
key: ${{ runner.os }}-trufflehog
# TruffleHog OSS 扫描步骤
# 使用 TruffleHog 工具扫描代码库中的敏感信息泄露如API密钥、密码等
# 该步骤会比较基础分支和当前提交之间的差异,检测新增内容中是否包含敏感数据
- name: TruffleHog OSS
uses: trufflesecurity/trufflehog@v3.93.0
with:
# 扫描路径,. 表示扫描整个仓库
path: .
# 基础提交哈希,用于与当前提交进行比较
base: ${{ github.event.before }}
# 当前提交哈希,作为扫描的目标版本
head: ${{ github.sha }}
# 安装和配置.NET SDK版本
- name: Setup .NET 8
uses: actions/setup-dotnet@v5
with:
dotnet-version: 8.0.x
- name: Setup .NET 9
uses: actions/setup-dotnet@v5
with:
dotnet-version: 9.0.x
- name: Setup .NET 10
uses: actions/setup-dotnet@v5
with:
dotnet-version: 10.0.x
# 配置NuGet包缓存以加速后续构建
- name: Cache NuGet packages
uses: actions/cache@v5
with:
path: |
~/.nuget/packages
~/.local/share/NuGet
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj', '**/nuget.config') }}
# 配置.NET本地工具缓存以加速后续构建
- name: Cache dotnet tools
uses: actions/cache@v5
with:
path: ~/.dotnet/tools
key: ${{ runner.os }}-dotnet-tools-${{ hashFiles('.config/dotnet-tools.json') }}
# 执行NuGet包恢复操作
- name: Restore
run: dotnet restore
# 恢复.NET本地工具
- name: Restore .NET tools
run: dotnet tool restore
# 构建项目使用Release配置且跳过恢复步骤
- name: Build
run: dotnet build -c Release --no-restore
# 运行单元测试输出TRX格式结果到TestResults目录
- name: Test - Core
run: |
dotnet test GFramework.Core.Tests \
-c Release \
--no-build \
--logger "trx;LogFileName=core-$RANDOM.trx" \
--results-directory TestResults
- name: Test - SourceGenerators
run: |
dotnet test GFramework.SourceGenerators.Tests \
-c Release \
--no-build \
--logger "trx;LogFileName=sg-$RANDOM.trx" \
--results-directory TestResults
- name: Generate CTRF report
run: |
mkdir -p ctrf
for trx in TestResults/*.trx; do
name=$(basename "$trx" .trx)
echo "Processing $trx -> ctrf/$name.json"
dotnet tool run DotnetCtrfJsonReporter \
-p "$trx" \
-t nunit \
-d ctrf \
-f "$name.json"
done
# 生成并发布测试报告,无论测试成功或失败都会执行
- name: Test Report
uses: dorny/test-reporter@v2
if: always()
with:
name: .NET Test Results
path: TestResults/*.trx
reporter: dotnet-trx
- name: Publish Test Report
uses: ctrf-io/github-test-reporter@v1
with:
report-path: './ctrf/*.json'
github-report: true
pull-request-report: true
summary-delta-report: true
insights-report: true
flaky-rate-report: true
fail-rate-report: true
slowest-report: true
upload-artifact: true
fetch-previous-results: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: always()
Reference in New Issue View Git Blame Copy Permalink