gewuyou/GFramework
1
0
Fork 0
mirror of https://github.com/GeWuYou/GFramework.git synced 2026-03-22 10:34:30 +08:00
Code Issues Packages Projects Releases Wiki Activity
GFramework/.github/workflows/ci.yml
GeWuYou 22eebb6e2d chore(ci): 更新许可证检查工作流配置 
- 在许可证检查步骤中启用详细输出模式
- 保持现有的许可证类型和失败策略设置不变
- 维持主分支推送时的徽章更新功能
2026-02-02 19:25:09 +08:00

157 lines
5.0 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# CI/CD工作流配置构建和测试.NET项目
# 该工作流在push到main/master分支或创建pull request时触发
name: CI - Build & Test
on:
push:
branches: [ main, master ]
pull_request:
branches: [ main, master ]
permissions:
contents: write
security-events: write
jobs:
test:
name: Build and Test
runs-on: ubuntu-latest
steps:
# 检出源代码设置fetch-depth为0以获取完整的git历史
- name: Checkout code
uses: actions/checkout@v6
with:
fetch-depth: 0
# MegaLinter扫描步骤
# 执行代码质量检查和安全扫描生成SARIF格式报告
- name: MegaLinter
uses: oxsecurity/megalinter@v9.3.0
continue-on-error: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
FAIL_ON_ERROR: ${{ github.ref == 'refs/heads/main' }}
# 上传SARIF格式的安全和代码质量问题报告到GitHub安全中心
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: megalinter-reports/sarif
# TruffleHog OSS 扫描步骤
# 使用 TruffleHog 工具扫描代码库中的敏感信息泄露如API密钥、密码等
# 该步骤会比较基础分支和当前提交之间的差异,检测新增内容中是否包含敏感数据
- name: TruffleHog OSS
uses: trufflesecurity/trufflehog@v3.92.5
with:
# 扫描路径,. 表示扫描整个仓库
path: .
# 基础提交哈希,用于与当前提交进行比较
base: ${{ github.event.before }}
# 当前提交哈希,作为扫描的目标版本
head: ${{ github.sha }}
# 安装和配置.NET SDK版本
- name: Setup .NET 8
uses: actions/setup-dotnet@v5
with:
dotnet-version: 8.0.x
- name: Setup .NET 9
uses: actions/setup-dotnet@v5
with:
dotnet-version: 9.0.x
- name: Setup .NET 10
uses: actions/setup-dotnet@v5
with:
dotnet-version: 10.0.x
# 配置NuGet包缓存以加速后续构建
- name: Cache NuGet packages
uses: actions/cache@v5
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj') }}
# 执行NuGet包恢复操作
- name: Restore
run: dotnet restore
# 恢复.NET本地工具
- name: Restore .NET tools
run: dotnet tool restore
# 使用Feluda许可证扫描器检查项目依赖的许可证合规性
# 配置参数:
# - project-license: 设置项目许可证为Apache-2.0
# - fail-on-restrictive: 发现限制性许可证时失败
# - fail-on-incompatible: 发现不兼容许可证时失败
# - update-badge: 自动更新许可证徽章
- name: Feluda License Scanner
uses: anistark/feluda@v1.11.1
with:
project-license: 'Apache-2.0'
fail-on-restrictive: true
fail-on-incompatible: true
verbose: true
update-badge: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
# 构建项目使用Release配置且跳过恢复步骤
- name: Build
run: dotnet build -c Release --no-restore
# 运行单元测试输出TRX格式结果到TestResults目录
- name: Test - Core
run: |
dotnet test GFramework.Core.Tests \
-c Release \
--no-build \
--logger "trx;LogFileName=core-$RANDOM.trx" \
--results-directory TestResults
- name: Test - SourceGenerators
run: |
dotnet test GFramework.SourceGenerators.Tests \
-c Release \
--no-build \
--logger "trx;LogFileName=sg-$RANDOM.trx" \
--results-directory TestResults
- name: Generate CTRF report
run: |
mkdir -p ctrf
for trx in TestResults/*.trx; do
name=$(basename "$trx" .trx)
echo "Processing $trx -> ctrf/$name.json"
dotnet tool run DotnetCtrfJsonReporter \
-p "$trx" \
-t nunit \
-d ctrf \
-f "$name.json"
done
# 生成并发布测试报告,无论测试成功或失败都会执行
- name: Test Report
uses: dorny/test-reporter@v2
if: always()
with:
name: .NET Test Results
path: TestResults/*.trx
reporter: dotnet-trx
- name: Publish Test Report
uses: ctrf-io/github-test-reporter@v1
with:
report-path: './ctrf/*.json'
github-report: true
pull-request-report: true
summary-delta-report: true
insights-report: true
flaky-rate-report: true
fail-rate-report: true
slowest-report: true
upload-artifact: true
fetch-previous-results: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: always()
Reference in New Issue View Git Blame Copy Permalink