Skip to content

Review comment

Review comment #834

name: "Code scanning - action"
on:
push:
pull_request:
schedule:
- cron: '0 18 * * 1'
jobs:
CodeQL-Build:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
# Override language selection by uncommenting this and choosing your languages
with:
languages: csharp
- name: Setup .NET Environment
uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.0.x
- name: add DevExpress nuget feed
run: dotnet nuget add source https://nuget.devexpress.com/api -n DXFeed -u DevExpress -p ${{ secrets.DEVEXPRESS_NUGET_KEY }} --store-password-in-clear-text
- name: Install dependencies
run: dotnet restore CDP4-SDK.sln
- name: Build
run: dotnet build CDP4-SDK.sln --configuration Release --no-restore
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
- name: PR Based Nuget
if: ${{ github.event_name == 'pull_request' }}
run: |
dotnet pack CDP4-SDK.sln --version-suffix "${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-PR-${{ github.event.pull_request.number }}" -o .
dotnet nuget push *.nupkg --skip-duplicate --source https://nuget.pkg.github.com/STARIONGROUP/index.json -k ${{ secrets.GITHUB_TOKEN }}