Skip to content

Bump anchore/sbom-action from 0.17.7 to 0.17.8 #1859

Bump anchore/sbom-action from 0.17.7 to 0.17.8

Bump anchore/sbom-action from 0.17.7 to 0.17.8 #1859

Workflow file for this run

name: build
on:
push:
branches: [ main ]
tags: [ v* ]
pull_request:
branches:
- main
- dotnet-vnext
- dotnet-nightly
workflow_dispatch:
env:
DOTNET_CLI_TELEMETRY_OPTOUT: true
DOTNET_NOLOGO: true
DOTNET_SYSTEM_CONSOLE_ALLOW_ANSI_COLOR_REDIRECTION: 1
NUGET_XMLDOC_MODE: skip
TERM: xterm
permissions:
contents: read
jobs:
build:
name: ${{ matrix.os }}
runs-on: ${{ matrix.os }}
outputs:
dotnet-sdk-version: ${{ steps.setup-dotnet.outputs.dotnet-version }}
dotnet-validate-version: ${{ steps.get-dotnet-validate-version.outputs.dotnet-validate-version }}
package-names: ${{ steps.build.outputs.package-names }}
package-version: ${{ steps.build.outputs.package-version }}
permissions:
attestations: write
contents: write
id-token: write
strategy:
fail-fast: false
matrix:
os: [ macos-latest, ubuntu-latest, windows-latest ]
include:
- os: macos-latest
os-name: macos
- os: ubuntu-latest
os-name: linux
- os: windows-latest
os-name: windows
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup .NET SDK
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0
id: setup-dotnet
- name: Build, Test and Package
id: build
shell: pwsh
run: ./build.ps1
- uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5.0.7
name: Upload coverage to Codecov
with:
file: ./artifacts/coverage/coverage.net9.0.cobertura.xml
flags: ${{ matrix.os-name }}
token: ${{ secrets.CODECOV_TOKEN }}
- name: Generate SBOM
uses: anchore/sbom-action@55dc4ee22412511ee8c3142cbea40418e6cec693 # v0.17.8
with:
artifact-name: build-${{ matrix.os-name }}.spdx.json
output-file: ./artifacts/build.spdx.json
path: ./artifacts/bin
upload-release-assets: ${{ runner.os == 'Windows' }}
- name: Attest artifacts
uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1.4.4
if: |
runner.os == 'Windows' &&
github.event.repository.fork == false &&
(github.ref_name == github.event.repository.default_branch || startsWith(github.ref, 'refs/tags/v'))
with:
subject-path: |
./artifacts/bin/MartinCostello.SqlLocalDb/release*/*.dll
./artifacts/package/release/*
- name: Publish artifacts
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: artifacts-${{ matrix.os-name }}
path: ./artifacts
- name: Publish NuGet packages
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: packages-${{ matrix.os-name }}
path: ./artifacts/package/release
if-no-files-found: error
- name: Get dotnet-validate version
id: get-dotnet-validate-version
shell: pwsh
run: |
$dotnetValidateVersion = (Get-Content "./.config/dotnet-tools.json" | Out-String | ConvertFrom-Json).tools.'dotnet-validate'.version
"dotnet-validate-version=${dotnetValidateVersion}" >> $env:GITHUB_OUTPUT
validate-packages:
needs: build
runs-on: ubuntu-latest
steps:
- name: Download packages
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: packages-windows
- name: Setup .NET SDK
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0
with:
dotnet-version: ${{ needs.build.outputs.dotnet-sdk-version }}
- name: Validate NuGet packages
shell: pwsh
env:
DOTNET_VALIDATE_VERSION: ${{ needs.build.outputs.dotnet-validate-version }}
run: |
dotnet tool install --global dotnet-validate --version ${env:DOTNET_VALIDATE_VERSION}
$packages = Get-ChildItem -Filter "*.nupkg" | ForEach-Object { $_.FullName }
$invalidPackages = 0
foreach ($package in $packages) {
dotnet validate package local $package
if ($LASTEXITCODE -ne 0) {
$invalidPackages++
}
}
if ($invalidPackages -gt 0) {
Write-Output "::error::$invalidPackages NuGet package(s) failed validation."
exit 1
}
publish-feedz-io:
needs: [ build, validate-packages ]
runs-on: ubuntu-latest
if: |
github.event.repository.fork == false &&
(github.ref_name == github.event.repository.default_branch ||
startsWith(github.ref, 'refs/tags/v'))
environment:
name: feedz.io
url: https://feedz.io/org/${{ github.repository_owner }}/repository/sqllocaldb/packages/MartinCostello.SqlLocalDb
steps:
- name: Download packages
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: packages-windows
- name: Setup .NET SDK
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0
with:
dotnet-version: ${{ needs.build.outputs.dotnet-sdk-version }}
- name: Push NuGet packages to feedz.io
shell: bash
env:
API_KEY: ${{ secrets.FEEDZ_IO_TOKEN }}
SOURCE: "https://f.feedz.io/${{ github.repository }}/nuget/index.json"
run: dotnet nuget push "*.nupkg" --api-key "${API_KEY}" --skip-duplicate --source "${SOURCE}"
publish-nuget:
needs: [ build, validate-packages ]
runs-on: ubuntu-latest
if: |
github.event.repository.fork == false &&
startsWith(github.ref, 'refs/tags/v')
environment:
name: NuGet.org
url: https://www.nuget.org/packages/MartinCostello.SqlLocalDb
steps:
- name: Download packages
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: packages-windows
- name: Setup .NET SDK
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0
with:
dotnet-version: ${{ needs.build.outputs.dotnet-sdk-version }}
- name: Push NuGet packages to NuGet.org
shell: bash
env:
API_KEY: ${{ secrets.NUGET_TOKEN }}
SOURCE: https://api.nuget.org/v3/index.json
run: dotnet nuget push "*.nupkg" --api-key "${API_KEY}" --skip-duplicate --source "${SOURCE}"
- name: Publish nuget_packages_published
uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0
with:
event-type: nuget_packages_published
repository: ${{ github.repository_owner }}/github-automation
token: ${{ secrets.COSTELLOBOT_TOKEN }}
client-payload: |-
{
"repository": "${{ github.repository }}",
"packages": "${{ needs.build.outputs.package-names }}",
"version": "${{ needs.build.outputs.package-version }}"
}