Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(GH-76) fixed codeql-analysis #77

Merged
merged 1 commit into from
Mar 20, 2021
Merged

(GH-76) fixed codeql-analysis #77

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 12 additions & 4 deletions .github/workflows/codeql-analysis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,16 +24,24 @@ jobs:
with:
fetch-depth: 0

- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}
- name: Cache Tools
uses: actions/cache@v2
with:
path: tools
key: ${{ runner.os }}-tools-${{ hashFiles('recipe.cake') }}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not for this PR in particular, but in general, would it make sense to also cache the NuGet cache folder, so that dependencies that are imported via PackageReference are also cached?

I imagine you'd have to include the .csproj files in the hash as well to purge the cache when they change too. Prob. global.json as well 🤔

e.g.

key: ${{ runner.os }}-${{ hashFiles('recipe.cake', 'global.json', 'source/**/*.csproj') }}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you're right.
I opened up cake-contrib/Cake.Recipe#815 for that - I'd like to document that before we start implementing it 😄

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't think we would need to update the hash files would we? We run dotnet/NuGet restore each build, so if there are missing dependencies they will be pulled in without needing to bust the cache. No?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good question. I think you're right in the sense that dotnet restore would pull new versions into the cache as needed.

When it comes to transitive dependencies in a scenario that nuget.org is offline (or not accessible from the CI server), is it guaranteed that nuget won't use the nearest version in the cache?

Growth is not a concern, I think, as it would be almost impossible to hit the 5 GB limit in most Cake projects unless they have nightly runs set up.


- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: ${{ matrix.language }}

- run: ./build.ps1 --target=DotNetCore-Build
shell: pwsh
- name: Build project
uses: cake-build/cake-action@v1
with:
script-path: recipe.cake
target: DotNetCore-Build
cake-version: 0.38.5
cake-bootstrap: true

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1