GitHub Action
Finalyze with SonarCloud
Uses the SonarScanner for .NET tool and cleans the MSBuild/dotnet build hooks, collects the analysis data generated by the build, the test results, the code coverage and then uploads everything to SonarCloud.
This action is part of the Codebelt umbrella and ensures a consistent way of:
- Defining your CI/CD pipeline
- Structuring your repository
- Keeping your codebase small and feasible
- Writing clean and maintainable code
- Deploying your code to different environments
- Automating as much as possible
A paved path to excel as a DevSecOps Engineer.
To use this action in your GitHub repository, you can follow these steps:
uses: codebeltnet/sonarcloud-scan-finalize@v1
with:
# The SonarCloud generated token.
token:
This action has no outputs.
steps:
- name: Run SonarCloud Analysis
uses: codebeltnet/sonarcloud-scan@v1
with:
token: ${{ secrets.SONAR_TOKEN }}
organization: geekle
projectKey: savvyio
version: ${{ needs.build.outputs.version }}
- name: Build
uses: codebeltnet/dotnet-build@v1
with:
uploadBuildArtifact: false
- name: Finalize SonarCloud Analysis
uses: codebeltnet/sonarcloud-scan-finalize@v1
with:
token: ${{ secrets.SONAR_TOKEN }}
name: Generic CI/CD Pipeline (.NET Library)
on:
push:
branches: [main]
paths-ignore:
- .codecov
- .docfx
- .github
- .nuget
pull_request:
branches: [main]
workflow_dispatch:
inputs:
configuration:
type: choice
description: The build configuration to use in the deploy stage.
required: true
default: Release
options:
- Debug
- Release
jobs:
build:
name: π οΈ Build
runs-on: ubuntu-22.04
outputs:
version: ${{ steps.minver-calculate.outputs.version }}
steps:
- name: Checkout
uses: codebeltnet/git-checkout@v1
- name: Install .NET
uses: codebeltnet/install-dotnet@v1
- name: Install MinVer
uses: codebeltnet/dotnet-tool-install-minver@v1
- id: minver-calculate
name: Calculate Version
uses: codebeltnet/minver-calculate@v1
- name: Download strongname.snk file
uses: codebeltnet/gcp-download-file@v1
with:
serviceAccountKey: ${{ secrets.GCP_TOKEN }}
bucketName: ${{ secrets.GCP_BUCKETNAME }}
objectName: strongname.snk
- name: Restore Dependencies
uses: codebeltnet/dotnet-restore@v1
- name: Build for Preview
uses: codebeltnet/dotnet-build@v1
with:
configuration: Debug
- name: Build for Production
uses: codebeltnet/dotnet-build@v1
with:
configuration: Release
pack:
name: π¦ Pack
runs-on: ubuntu-22.04
strategy:
matrix:
configuration: [Debug, Release]
needs: [build]
steps:
- name: Pack for ${{ matrix.configuration }}
uses: codebeltnet/dotnet-pack@v1
with:
configuration: ${{ matrix.configuration }}
uploadPackedArtifact: true
version: ${{ needs.build.outputs.version }}
test:
name: π§ͺ Test
needs: [build]
strategy:
matrix:
os: [ubuntu-22.04, windows-2022]
runs-on: ${{ matrix.os }}
steps:
- name: Checkout
uses: codebeltnet/git-checkout@v1
- name: Install .NET
uses: codebeltnet/install-dotnet@v1
- name: Install .NET Tool - Report Generator
uses: codebeltnet/dotnet-tool-install-reportgenerator@v1
- name: Test with Debug build
uses: codebeltnet/dotnet-test@v1
with:
configuration: Debug
buildSwitches: -p:SkipSignAssembly=true
- name: Test with Release build
uses: codebeltnet/dotnet-test@v1
with:
configuration: Release
buildSwitches: -p:SkipSignAssembly=true
sonarcloud:
name: π¬ Code Quality Analysis
needs: [build,test]
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: codebeltnet/git-checkout@v1
- name: Install .NET
uses: codebeltnet/install-dotnet@v1
- name: Install .NET Tool - Sonar Scanner
uses: codebeltnet/dotnet-tool-install-sonarscanner@v1
- name: Restore Dependencies
uses: codebeltnet/dotnet-restore@v1
- name: Run SonarCloud Analysis
uses: codebeltnet/sonarcloud-scan@v1
with:
token: ${{ secrets.SONAR_TOKEN }}
organization: your-sonarcloud-organization
projectKey: your-sonarcloud-project-key
version: ${{ needs.build.outputs.version }}
- name: Build
uses: codebeltnet/dotnet-build@v1
with:
buildSwitches: -p:SkipSignAssembly=true
uploadBuildArtifact: false
- name: Finalize SonarCloud Analysis
uses: codebeltnet/sonarcloud-scan-finalize@v1
with:
token: ${{ secrets.SONAR_TOKEN }}
codecov:
name: π Code Coverage Analysis
needs: [build,test]
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: codebeltnet/git-checkout@v1
- name: Run CodeCov Analysis
uses: codebeltnet/codecov-scan@v1
with:
token: ${{ secrets.CODECOV_TOKEN }}
repository: your-github-repository
codeql:
name: π‘οΈ Security Analysis
needs: [build,test]
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: codebeltnet/git-checkout@v1
- name: Install .NET
uses: codebeltnet/install-dotnet@v1
- name: Restore Dependencies
uses: codebeltnet/dotnet-restore@v1
- name: Prepare CodeQL SAST Analysis
uses: codebeltnet/codeql-scan@v1
- name: Build
uses: codebeltnet/dotnet-build@v1
with:
buildSwitches: -p:SkipSignAssembly=true
uploadBuildArtifact: false
- name: Finalize CodeQL SAST Analysis
uses: codebeltnet/codeql-scan-finalize@v1
deploy:
name: π Deploy v${{ needs.build.outputs.version }}
runs-on: ubuntu-22.04
needs: [build,pack,test,sonarcloud,codecov,codeql]
environment: Production
steps:
- uses: codebeltnet/nuget-push@v1
with:
token: ${{ secrets.NUGET_TOKEN }}
configuration: ${{ inputs.configuration == '' && 'Release' || inputs.configuration }}
Contributions are welcome! Feel free to submit issues, feature requests, or pull requests to help improve this action.
This project is licensed under the MIT License - see the LICENSE file for details.
π Analyze with Codecov
π Analyze with CodeQL
π Finalyze with CodeQL
π .NET Build
π .NET Pack
π .NET Restore
π .NET Test
π Install .NET SDK
π Install .NET Tool - MinVer
π Install .NET Tool - Report Generator
π Install .NET Tool - Sonar Scanner
π GCP Download File
π Git Checkout
π MinVer Calculate
π NuGet Push
π Analyze with SonarCloud
π Finalyze with SonarCloud