Merge 26b60df into f38a812

Author: bkoelman

.config/dotnet-tools.json

@@ -14,12 +14,6 @@
         "regitlint"
       ]
     },
-    "codecov.tool": {
-      "version": "1.13.0",
-      "commands": [
-        "codecov"
-      ]
-    },
     "dotnet-reportgenerator-globaltool": {
       "version": "5.1.20",
       "commands": [

.github/workflows/dotnet.yml

@@ -0,0 +1,307 @@
+# This workflow will build a .NET project
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-net
+
+# General links
+# https://docs.github.com/en/actions/learn-github-actions/variables#default-environment-variables
+# https://docs.github.com/en/actions/learn-github-actions/contexts#github-context
+# https://docs.github.com/en/webhooks-and-events/webhooks/webhook-events-and-payloads
+# https://docs.github.com/en/actions/learn-github-actions/expressions
+
+# TODO: Post-cleanup
+# - Restore notification for failed actions in GitHub settings
+# - Update required status checks in GitHub settings
+# - Delete GitHub PAT after decommission of AppVeyor
+# - Recycle NuGet key? Affects MongoDB
+# - Document advantages in PR description
+#   - Max parallel builds (jobs) is 20 (MacOS 5)
+#   - Job timeout is 6 hours, workflow 35 days
+#   - Artifact retention is 90 days
+#   - Linux runs much faster
+#   - Managemnt UI integrated in GitHub, includes test summaries
+#   - Rich ecosystem of actions
+#   - Shows timings per operation (build, test, cleanup)
+#   - Improved security
+#   - Easier to try .NET preview versions
+#   - Weekly refreshed runner images
+#   - Subsequent steps execute after timeout, enabling to capture logs on hang 
+#   Disadvantages:
+#   - There's no way to suppress notification for cancelled jobs
+
+# TODO: Review https://docs.github.com/en/actions/learn-github-actions/understanding-github-actions
+# TODO: Review https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions and https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
+# TODO: Adapt name and .yml file name (resets package counter)
+    # TODO: Update status badge in /README.md (depends on workflow name)
+name: .NET
+
+# TODO: Auto-close issues waiting for response: https://github.com/lee-dohm/no-response
+
+on:
+  push:
+    branches: [ 'master', 'release/**' ]
+  pull_request:
+    branches: [ 'master', 'release/**' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
+  DOTNET_CLI_TELEMETRY_OPTOUT: true
+  # The Windows runner image has PostgreSQL pre-installed and sets the PGPASSWORD environment variable to "root".
+  # This conflicts with the default password "postgres", which is used by ikalnytskyi/action-setup-postgres.
+  # Because action-setup-postgres forgets to update the environment variable accordingly, we do so here.
+  PGPASSWORD: "postgres"
+
+jobs:
+  build-and-test:
+    timeout-minutes: 30
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, windows-latest, macos-latest]
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Setup PostgreSQL
+      uses: ikalnytskyi/action-setup-postgres@v4
+      with:
+        username: postgres
+        password: postgres
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v3
+      with:
+        dotnet-version: 6.0.x
+    - name: Setup PowerShell (Ubuntu)
+      if: matrix.os == 'ubuntu-latest'
+      run: |
+        dotnet tool install --global PowerShell
+    - name: Setup PowerShell (Windows)
+      if: matrix.os == 'windows-latest'
+      shell: cmd
+      run: |
+        curl --location --output "%RUNNER_TEMP%\PowerShell-7.3.6-win-x64.msi" https://github.com/PowerShell/PowerShell/releases/download/v7.3.6/PowerShell-7.3.6-win-x64.msi
+        msiexec.exe /package "%RUNNER_TEMP%\PowerShell-7.3.6-win-x64.msi" /quiet USE_MU=1 ENABLE_MU=1 ADD_PATH=1 DISABLE_TELEMETRY=1 
+    - name: Setup PowerShell (macOS)
+      if: matrix.os == 'macos-latest'
+      run: |
+        /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
+        brew install --cask powershell
+    - name: Show installed versions
+      shell: pwsh
+      run: |
+        Write-Host "$(pwsh --version) is installed at $PSHOME"
+        psql --version
+        Write-Host "Using .NET SDK: $(dotnet --version)"
+        #Write-Host "Environment variables:"
+        #dir env: | %{"{0}={1}" -f $_.Name,$_.Value}
+    - name: Git checkout
+      uses: actions/checkout@v3
+    - name: Restore tools
+      run: |
+        dotnet tool restore
+    - name: Restore packages
+      run: |
+        dotnet restore
+    - name: Calculate version suffix
+      shell: pwsh
+      run: |
+        # TODO: Fail when package tag prefix does not match the version prefix stored in Directory.Build.props?
+        if ($env:GITHUB_REF_TYPE -eq 'tag') {
+            # Get the version suffix from the repo tag. Example: v1.0.0-preview1-final => preview1-final
+            $segments = $env:GITHUB_REF_NAME -split "-"
+            $suffixSegments = $segments[1..-1]
+            $versionSuffix = $suffixSegments -join "-"
+        }
+        else {
+            # Get the version suffix from the auto-incrementing build number. Example: 123 => master-0123
+            $revision = "{0:D4}" -f [convert]::ToInt32($env:GITHUB_RUN_NUMBER, 10)
+            $versionSuffix = "$($env:GITHUB_HEAD_REF ?? $env:GITHUB_REF_NAME)-$revision"
+        }
+        Write-Output "Using version suffix: $versionSuffix"
+        Write-Output "PACKAGE_VERSION_SUFFIX=$versionSuffix" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+    - name: Build
+      shell: pwsh
+      run: |
+        dotnet build --no-restore --configuration Release --version-suffix=$env:PACKAGE_VERSION_SUFFIX
+    - name: Test
+      run: |
+        dotnet test --no-build --configuration Release --collect:"XPlat Code Coverage" --logger "GitHubActions;summary.includeSkippedTests=true" -- RunConfiguration.CollectSourceInformation=true DataCollectionRunSettings.DataCollectors.DataCollector.Configuration.DeterministicReport=true
+    - name: Upload coverage to codecov.io
+      if: matrix.os == 'ubuntu-latest'
+      uses: codecov/codecov-action@v3
+    - name: Generate packages
+      shell: pwsh
+      run: |
+        dotnet pack --no-build --configuration Release --output $env:GITHUB_WORKSPACE/artifacts/packages --version-suffix=$env:PACKAGE_VERSION_SUFFIX
+    - name: Upload packages to artifacts
+      if: matrix.os == 'ubuntu-latest'
+      uses: actions/upload-artifact@v3
+      with:
+        name: packages
+        path: artifacts/packages
+# TODO: Try CodeQL Analysis
+# TODO: Add dependabot.yml (GH Security: Enable Dependabot version updates)
+#         Keep actions up-to-date: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates
+#           in .github/dependabot.yml:
+#         version: 2
+#         updates:
+#         - package-ecosystem: "github-actions"
+#           directory: "/"
+#           schedule:
+#             interval: "daily"
+#           labels:
+#           - "CI/CD"
+#           commit-message:
+#             prefix: ci
+    - name: Generate documentation
+      shell: pwsh
+      env:
+        DOCFX_SOURCE_BRANCH_NAME: ${{ github.base_ref || github.ref_name }}
+      run: |
+        Write-Host "Using docfx branch name: $env:DOCFX_SOURCE_BRANCH_NAME"
+        cd docs
+        & ./generate-examples.ps1
+        dotnet docfx docfx.json
+        if ($LastExitCode -ne 0) {
+            Write-Error "docfx failed with exit code $LastExitCode."
+        }
+        Copy-Item CNAME _site/CNAME
+        Copy-Item home/*.html _site/
+        Copy-Item home/*.ico _site/
+        New-Item -Force _site/styles -ItemType Directory | Out-Null
+        Copy-Item -Recurse home/assets/* _site/styles/
+    - name: Upload documentation to artifacts
+      if: matrix.os == 'ubuntu-latest'
+      uses: actions/upload-artifact@v3
+      with:
+        name: documentation
+        path: docs/_site
+
+  inspect-code:
+    timeout-minutes: 30
+    runs-on: ubuntu-latest
+    steps:
+    - name: Git checkout
+      uses: actions/checkout@v3
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v3
+      with:
+        dotnet-version: 6.0.x
+    - name: Restore tools
+      run: |
+        dotnet tool restore
+    - name: InspectCode
+      shell: pwsh
+      run: |
+        $inspectCodeOutputPath = Join-Path $env:RUNNER_TEMP 'jetbrains-inspectcode-results.xml'
+        Write-Output "INSPECT_CODE_OUTPUT_PATH=$inspectCodeOutputPath" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+        dotnet jb inspectcode JsonApiDotNetCore.sln --build --output="$inspectCodeOutputPath" --profile=WarningSeverities.DotSettings --properties:Configuration=Release --severity=WARNING --verbosity=WARN -dsl=GlobalAll -dsl=GlobalPerProduct -dsl=SolutionPersonal -dsl=ProjectPersonal
+    - name: Verify outcome
+      shell: pwsh
+      run: |
+        [xml]$xml = Get-Content $env:INSPECT_CODE_OUTPUT_PATH
+        if ($xml.report.Issues -and $xml.report.Issues.Project) {
+            foreach ($project in $xml.report.Issues.Project) {
+                if ($project.Issue.Count -gt 0) {
+                    $project.ForEach({
+                        Write-Output "`nProject $($project.Name)"
+                        $failed = $true
+
+                        $_.Issue.ForEach({
+                            $issueType = $xml.report.IssueTypes.SelectSingleNode("IssueType[@Id='$($_.TypeId)']")
+                            $severity = $_.Severity ?? $issueType.Severity
+
+                            Write-Output "[$severity] $($_.File):$($_.Line) $($_.TypeId): $($_.Message)"
+                        })
+                    })
+                }
+            }
+
+            if ($failed) {
+                Write-Error "One or more projects failed code inspection."
+            }
+            else {
+                Write-Output "No issues found."
+            }
+        }
+
+  cleanup-code:
+    timeout-minutes: 30
+    runs-on: ubuntu-latest
+    steps:
+    - name: Git checkout
+      uses: actions/checkout@v3
+      with:
+        fetch-depth: 2
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v3
+      with:
+        dotnet-version: 6.0.x
+    - name: Restore tools
+      run: |
+        dotnet tool restore
+    - name: Restore packages
+      run: |
+        dotnet restore
+    - name: CleanupCode (on PR diff)
+      # TODO: Test with PR from community user
+      if: github.event_name == 'pull_request'
+      shell: pwsh
+      run: |
+        # Not using the environment variables for SHAs, because they may be outdated. This happens on force-push after the build is queued, but before it starts.
+        # The below works because HEAD is detached (at the merge commit), so HEAD~1 is at the base branch.
+        $headCommitHash = git rev-parse HEAD
+        $baseCommitHash = git rev-parse HEAD~1
+
+        # TODO: What happens when PR is empty?
+        if ($baseCommitHash -ne $headCommitHash) {
+            Write-Output "Running code cleanup on commit range $baseCommitHash..$headCommitHash in pull request."
+            dotnet regitlint -s JsonApiDotNetCore.sln --print-command --skip-tool-check --max-runs=5 --jb-profile="JADNC Full Cleanup" --jb --properties:Configuration=Release --jb --verbosity=WARN -f commits -a $headCommitHash -b $baseCommitHash --fail-on-diff --print-diff
+        }
+        else {
+            Write-Output "No changed files in pull request."
+        }
+    - name: CleanupCode (on branch)
+      if: github.event_name == 'push'
+      shell: pwsh
+      run: |
+        Write-Output "Running code cleanup on all files in branch."
+        dotnet regitlint -s JsonApiDotNetCore.sln --print-command --skip-tool-check --jb-profile="JADNC Full Cleanup" --jb --properties:Configuration=Release --jb --verbosity=WARN --fail-on-diff --print-diff
+
+  publish:
+    timeout-minutes: 30
+    runs-on: ubuntu-latest
+    needs: [ build-and-test, inspect-code, cleanup-code ]
+    # TODO: Test this job does not run from PRs originating from forks
+    if: github.repository_owner == 'json-api-dotnet'
+    permissions:
+      packages: write
+      contents: write
+    steps:
+    - name: Download artifacts
+      uses: actions/download-artifact@v3
+    - name: Publish to GitHub Packages
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      shell: pwsh
+      run: |
+        # TODO: Update README.md on how to consume packages; make public in GitHub settings at organization level
+        dotnet nuget add source --username 'json-api-dotnet' --password "$env:GITHUB_TOKEN" --store-password-in-clear-text --name 'github' 'https://nuget.pkg.github.com/json-api-dotnet/index.json'
+        dotnet nuget push "$env:GITHUB_WORKSPACE/packages/*.nupkg" --api-key "$env:GITHUB_TOKEN" --source 'github'
+    - name: Publish documentation
+      #if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+      uses: peaceiris/actions-gh-pages@v3
+      with:
+        # TODO: Test a real deployment (change target to "gh-pages" branch below)
+        github_token: ${{ secrets.GITHUB_TOKEN }}
+        publish_branch: gh-pages-test
+        publish_dir: ./documentation
+        commit_message: 'Auto-generated documentation from: ${{ github.event.head_commit.message }}'
+    - name: Publish to NuGet
+      # TODO: Test this
+      if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
+      env:
+        NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }}
+      shell: pwsh
+      run: |
+        dotnet nuget push "$env:GITHUB_WORKSPACE/packages/*.nupkg" --api-key "$env:NUGET_API_KEY" --source 'nuget.org'

Directory.Build.props

@@ -21,6 +21,10 @@
     <AdditionalFiles Include="$(MSBuildThisFileDirectory)CSharpGuidelinesAnalyzer.config" Visible="False" />
   </ItemGroup>
 
+  <PropertyGroup Condition="'$(APPVEYOR)' != '' Or '$(CI)' != ''">
+    <ContinuousIntegrationBuild>true</ContinuousIntegrationBuild>
+  </PropertyGroup>
+
   <PropertyGroup Condition="'$(Configuration)'=='Release'">
     <NoWarn>$(NoWarn);1591</NoWarn>
     <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
@@ -34,6 +38,7 @@
   <!-- Test Project Dependencies -->
   <PropertyGroup>
     <CoverletVersion>6.0.*</CoverletVersion>
+    <GitHubActionsTestLoggerVersion>2.3.*</GitHubActionsTestLoggerVersion>
     <MoqVersion>4.18.*</MoqVersion>
     <TestSdkVersion>17.6.*</TestSdkVersion>
   </PropertyGroup>