Bugfix/coep default header value #129
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build repo | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| paths: | |
| - 'src/**' | |
| - 'tests/**' | |
| - 'example/**' | |
| - '.github/workflows/**' | |
| permissions: | |
| contents: read | |
| id-token: write | |
| attestations: write | |
| jobs: | |
| check-code-formatting: | |
| runs-on: ubuntu-latest | |
| name: Check code formatting against editorconfig | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 1 | |
| # The NuGet package we're building supports both .NET 8 and .NET 9, so we need | |
| # to install both so that we can work with the project. | |
| - name: Setup .NET 8.0 | |
| uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 | |
| with: | |
| dotnet-version: '8.0.x' | |
| - name: Setup .NET SDK 9.0 | |
| uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 | |
| with: | |
| dotnet-version: '9.0.x' | |
| - name: Install dotnet-format tool | |
| run: dotnet tool install -g dotnet-format | |
| - name: Check Code Format | |
| run: dotnet-format --check | |
| build: | |
| needs: [check-code-formatting] | |
| runs-on: ubuntu-latest | |
| name: Build code base, checking for compilation errors | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| # The NuGet package we're building supports both .NET 8 and .NET 9, so we need | |
| # to install both so that we can build the project. | |
| - name: Setup .NET 8.0 | |
| uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 | |
| with: | |
| dotnet-version: '8.0.x' | |
| - name: Setup .NET SDK 9.0 | |
| uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 | |
| with: | |
| dotnet-version: '9.0.x' | |
| - name: Install dependencies | |
| run: dotnet restore --locked-mode | |
| - name: Build | |
| run: dotnet build --configuration Release --no-restore | |
| test: | |
| # This job is adapted from https://josh-ops.com/posts/github-code-coverage/ | |
| # It adds a code coverage report to all PR builds | |
| permissions: | |
| contents: read # for actions/checkout to fetch code | |
| pull-requests: write # for marocchino/sticky-pull-request-comment to create or update PR comment | |
| needs: [build] | |
| runs-on: ubuntu-latest | |
| name: Run all tests and generate PR-level code coverage report | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| # The NuGet package we're building supports both .NET 8 and .NET 9, so we need | |
| # to install both so that we can run the tests. | |
| - name: Setup .NET 8.0 | |
| uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 | |
| with: | |
| dotnet-version: '8.0.x' | |
| - name: Setup .NET SDK 9.0 | |
| uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 | |
| with: | |
| dotnet-version: '9.0.x' | |
| - name: Run all tests | |
| run: dotnet test OwaspHeaders.Core.sln --verbosity minimal --collect:"XPlat Code Coverage" --logger trx --results-directory coverage | |
| - name: Code Coverage Summary Report | |
| uses: irongut/CodeCoverageSummary@51cc3a756ddcd398d447c044c02cb6aa83fdae95 # v1.3.0 | |
| with: | |
| filename: 'coverage/*/coverage.cobertura.xml' | |
| badge: true | |
| format: 'markdown' | |
| output: 'both' | |
| - name: Add Coverage PR Comment | |
| uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2.9.0 | |
| if: github.event_name == 'pull_request' | |
| with: | |
| recreate: true | |
| path: code-coverage-results.md | |
| - name: Write to Job Summary | |
| run: cat code-coverage-results.md >> $GITHUB_STEP_SUMMARY | |
| package: | |
| needs: [build, test] | |
| runs-on: ubuntu-latest | |
| name: Create the NuGet package for PR-level user testing | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| # The NuGet package we're building supports both .NET 8 and .NET 9, so we need | |
| # to install both so that we can create the NuGet package. | |
| - name: Setup .NET 8.0 | |
| uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 | |
| with: | |
| dotnet-version: '8.0.x' | |
| - name: Setup .NET SDK 9.0 | |
| uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 | |
| with: | |
| dotnet-version: '9.0.x' | |
| - name: Build NuGet Package | |
| run: dotnet pack src/OwaspHeaders.Core.csproj --configuration Release | |
| - name: Generate Attestations | |
| uses: actions/attest-build-provenance@963f8a02f24ac90336362e63ca6730cf69ad102e # v2.1.0 | |
| with: | |
| subject-path: ${{ github.workspace }}/**/*.nupkg | |
| - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| if: ${{ success() }} | |
| with: | |
| name: OwaspHeaders.Core | |
| path: ${{ github.workspace }}/**/*.nupkg | |
| retention-days: 5 |