I have created a composite action see the link for running a Sonarcloud analysis for dotnet projects.
name: Sonarcloud
description: Sonarcloud
inputs:
sonar_project_key:
required: true
type: string
github_token:
required: true
type: string
sonar_token:
required: true
type: string
runs:
using: "composite"
steps:
- name: Set up JDK 11
uses: actions/setup-java#v1
with:
java-version: 1.11
- name: Install dotnet SonarCloud scanner
shell: powershell
run: |
dotnet tool install --global dotnet-sonarscanner
- name: Build and analyze
shell: powershell
env:
GITHUB_TOKEN: ${{ inputs.github_token }}
SONAR_TOKEN: ${{ inputs.sonar_token }}
run: |
dotnet sonarscanner begin /k:"${{ inputs.sonar_project_key }}" /o:"my-org" /d:sonar.login="${{ inputs.sonar_token }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="**/coverage.opencover.xml"
dotnet build --configuration Release
dotnet test --no-restore --configuration Release --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
dotnet sonarscanner end /d:sonar.login="${{ inputs.sonar_token }}"
Then follow the link I have to create a release with the tag "v1" something like: "my-org/sonarcloud#v1" and then used it in another repository as follows:
name: Sonarcloud
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
workflow_call:
secrets:
SONAR_TOKEN:
required: true
workflow_dispatch: ~
jobs:
build:
name: Build
runs-on: windows-latest
steps:
- uses: actions/checkout#v3
with:
submodules: 'true'
fetch-depth: 0
- uses: microsoft/variable-substitution#v1
with:
files: 'tests/IntegrationTests/tests.settings.json'
env:
ConnectionString: ${{ secrets.CONNECTIONSTRING }} # please note that in this repo is connection string but it could vary from repo to repo,
# maybe in another repo I need to substitute a Sas token for example
# so I cannot move the variable substitution to the composite action
- uses: actions/checkout#v3
- id: sonarcloud
uses: my-org/sonarcloud#v1
with:
sonar_project_key: 'my-project'
sonar_token: ${{ secrets.SONAR_TOKEN }}
github_token: ${{ secrets.GITHUB_TOKEN }}
Check that I need to modify the "tests.settings.json" file in order to provide a valid connection string for the Tests to work.
Now the problem. The transformation is being conducted properly but here:
- uses: actions/checkout#v3
- id: sonarcloud
uses: my-org/sonarcloud#v1
git realize that "test.settings.json" has been modified and restore it to original version (that not contain the connection string) and the test fail.
here are the logs of the workflow:
2022-04-29T10:56:04.3078283Z [command]"C:\Program Files\Git\bin\git.exe" checkout --detach
2022-04-29T10:56:04.8735279Z M tests/IntegrationTests/tests.settings.json
2022-04-29T10:56:04.8736695Z HEAD is now at 5e6cf4b fix
So how can I avoid this behavior in the second checkout that is needed in order to get the composite action?.
thanks
I have found the problem! The second
uses: actions/checkout#v3
was not needed. To fix it just removed.
Replace this:
- uses: actions/checkout#v3
- id: sonarcloud
uses: my-org/sonarcloud#v1
with:
sonar_project_key: 'my-project'
sonar_token: ${{ secrets.SONAR_TOKEN }}
github_token: ${{ secrets.GITHUB_TOKEN }}
By:
- id: sonarcloud
uses: my-org/sonarcloud#v1
with:
sonar_project_key: 'my-project'
sonar_token: ${{ secrets.SONAR_TOKEN }}
github_token: ${{ secrets.GITHUB_TOKEN }}
Related
Is there a way to publish releases on GitHub using Actions with custom version numbers? Currently, I'm using github.run_number provided by GitHub Context and as mentioned in the docs:
github.run_number (string) - A unique number for each run
of a particular workflow in a repository. This number begins
at 1 for the workflow's first run, and increments with each new run.
Not every run of my workflow creates a release (e.g. when a workflow fails), resulting in inconsistent version numbers. I've created a demo repository and as you can see, the release numbers are ...38,39,40,47,49. I didn't find any solution for this in GitHub Actions Docs.
I want to have consistent incrementally growing version numbers or even a v.x.x structure if it's possible.
My complete workflow can be found here, my release-project job is:
...previous jobs: build, test, deploy...
release-project:
name: Release project
needs: deploy-project
...
- name: Create release
id: create_release_id
uses: actions/create-release#v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.run_number }}
release_name: Release ${{ github.run_number }}
- name: Upload release asset
id: upload-release-asset
uses: actions/upload-release-asset#v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release_id.outputs.upload_url }}
asset_path: ./project.zip
asset_name: project-v${{ github.run_number }}.zip
asset_content_type: application/zip
I would suggest not relying on run_number and using the latest tag from the repo to generate the next version based on it. For example, you can use the Get Latest Tag, Next SemVers, and Next Monotonic Release version GH Actions.
Semantic versioning workflow:
...
jobs:
test-next-release:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout#v3
with:
fetch-depth: 0 # required for github-action-get-previous-tag
- name: Get previous tag
id: previoustag
uses: 'WyriHaximus/github-action-get-previous-tag#v1'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Get next minor version
id: semver
uses: 'WyriHaximus/github-action-next-semvers#v1'
with:
version: ${{ steps.previoustag.outputs.tag }}
- name: Create release
id: create_release_id
uses: actions/create-release#v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ steps.semver.outputs.patch }}
release_name: Release ${{ steps.semver.outputs.patch }}
Consecutive numbers versioning workflow:
...
jobs:
test-next-release-custom:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout#v3
with:
fetch-depth: 0 # required for github-action-get-previous-tag
- name: Get Previous tag
id: previoustag
uses: 'WyriHaximus/github-action-get-previous-tag#v1'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Get next version
id: next
uses: 'WyriHaximus/github-action-next-release-version#1.0.0'
with:
version: ${{ steps.previoustag.outputs.tag }}
- name: Create release
id: create_release_id
uses: actions/create-release#v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ steps.next.outputs.version }}
release_name: Release ${{ steps.next.outputs.version }}
I am using Github Actions to push an image into GCP Artifact Registry and later deploy to Cloud Run
All the process goes fine, except the automatic deploying to Cloud Run.
Below is the link for the example that guided me
https://github.com/codeedu/live-imersao-fullcycle10-nestjs-tests/blob/main/.github/workflows/ci_cd.yml
The error is as below:
Deploying...
failed
Deployment failed
ERROR: (gcloud.run.deploy) spec.template.spec.containers[0].image: Must provide an image URL to deploy
I appreciate any help to accomplish this task
Below is the workflow file:
name: CI and CD
on:
workflow_dispatch:
push:
branches: [main, develop]
env:
REGISTRY: gcr.io
IMAGE_NAME: ${{ secrets.GCP_PROJECT_NAME }}/${{ secrets.CLOUD_RUN_SERVICE }}
REGION: us-central1
# REGISTRY_GIT: ghcr.io
# IMAGE_NAME_GIT: ${{ github.repository }}
jobs:
test-code:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout#v3
- name: Use Node.js 16.x
uses: actions/setup-node#v3
with:
node-version: 16.x
- run: npm ci
- run: npm run test
build-image:
needs: test-code
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-20.04
outputs:
tags: ${{ steps.meta.outputs.tags }}
concurrency: build-image-process
steps:
- name: Checkout repository
uses: actions/checkout#v3
# Workaround: https://github.com/docker/build-push-action/issues/461
- name: Setup Docker buildx
uses: docker/setup-buildx-action#79abd3f86f79a9d68a23c75a09a9a85889262adf
# Login against a Docker registry except on PR
# https://github.com/docker/login-action
- name: Log into registry ${{ env.REGISTRY }}
if: github.event_name != 'pull_request'
uses: docker/login-action#28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
with:
registry: ${{ env.REGISTRY }}
username: _json_key
#username: ${{ github.actor }}
password: ${{ secrets.GCP_SERVICE_ACCOUNT }}
#password: ${{ secrets.GITHUB_TOKEN }}
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action#98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action#ac9327eae2b366085ac7f6a2d02df8aa8ead720a
if: ${{ github.event_name != 'pull_request' }}
with:
context: .
file: ./Dockerfile.prod
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Outputs tags
run: echo "${{ steps.meta.outputs.tags }}"
deploy-image:
needs: build-image
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-20.04
steps:
- name: Checkout repository
uses: actions/checkout#v3
- id: 'auth'
uses: 'google-github-actions/auth#v0'
with:
credentials_json: '${{ secrets.GCP_SERVICE_ACCOUNT }}'
- name: 'Deploy to Cloud Run'
uses: 'google-github-actions/deploy-cloudrun#v0'
with:
service: ${{ secrets.CLOUD_RUN_SERVICE }}
image: ${{ needs.build-image.outputs.tags }}
region: ${{ env.REGION }}
I've been trying to follow the example provided by SonarCloud to set it up, but it doesn't work.
name: SonarCloud
on:
push:
branches:
- master
pull_request:
types: [opened, synchronize, reopened]
jobs:
build:
name: Build and analyze
runs-on: macos-latest
env:
BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed
steps:
- uses: actions/checkout#v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Install sonar-scanner and build-wrapper
uses: SonarSource/sonarcloud-github-c-cpp#v1
- name: Run build-wrapper
run: |
build-wrapper-macosx-x86 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }}<insert_your_clean_build_command>
- name: Run sonar-scanner
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
sonar-scanner --define sonar.cfamily.build-wrapper-output="${{ env.BUILD_WRAPPER_OUT_DIR }}"
It always goes wrong in the Run build-wrapper-macosx-x86 production process.
Is there enough solution or sample code to guide me?
The workflow in file inrisk.packages.ci.yml generates a tag and a realise of the code when a push is done in the develop branch. The below works as expected.
name: Code Int
on:
push:
paths:
- 'infra/**'
jobs:
ci:
runs-on: ubuntu-latest
steps:
# Checks-out to $GITHUB_WORKSPACE
- uses: actions/checkout#v2
- name: Basic Checks
run: |
whoami
ls -lah
pwd
- uses: actions/setup-node#v1
# Create a new release when on develop which triggers the deployment
- name: Bump version and push tag
if: github.ref == 'refs/heads/develop'
uses: mathieudutour/github-tag-action#v4.5
id: tag_version
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Create Release
if: github.ref == 'refs/heads/develop'
id: create_release
uses: actions/create-release#v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ steps.tag_version.outputs.new_tag }}
release_name: Release ${{ steps.tag_version.outputs.new_tag }}
draft: false
prerelease: false
The below workflow in file inrisk.packages.cd.yml and is suppose to be triggered when ever a tag/realise is created/published.
name: Code Deploy
on:
push:
tags:
- 'v*'
release:
types:
- published
- created
- released
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
# Checks-out to $GITHUB_WORKSPACE
- uses: actions/checkout#v2
- uses: actions/setup-node#v1
- name: Install Yarn
run: npm install -g yarn
- uses: chrislennon/action-aws-cli#v1.1
- name: Install, Build and Deploy
run: |
whoami
ls -lah
pwd
The second workflow Code Deploy dose not get trigger after Code Int publishes/created a tag/realise
However when I manually create a realise/tag the second workflow Code Deploy get triggered
This seems to be by design as stated here .This is to stop recursive workflow runs.
I used this article to get around the problem
I get error: "a step cannot have both the uses and run keys", but I don't see that one step have both uses and run. Can someone help me figure it out what is wrong with this?
on:
pull_request:
branches:
- master
env:
IMAGE_NAME: api
jobs:
build:
name: Application build
runs-on: ubuntu-latest
steps:
- name: Checkout repository (#1)
uses: actions/checkout#v2
- name: Setup .NET Core
uses: actions/setup-dotnet#v1
with:
dotnet-version: 3.1.101
- name: Build API
run: dotnet build --configuration Release
tests:
runs-on: ubuntu-latest
steps:
- name: Checkout repository (#2)
uses: actions/checkout#v2
- name: Setup .NET Core
uses: actions/setup-dotnet#v1
with:
dotnet-version: 3.1.101
- name: Run API Tests
run: dotnet test
auto-approve:
name: Auto approve pull request
runs-on: ubuntu-latest
steps:
- uses: hmarr/auto-approve-action#v2.0.0
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
automerge:
runs-on: ubuntu-latest
steps:
- name: automerge
uses: "pascalgn/automerge-action#ccae530ae13b6af67a7a2009c266fe925844e658"
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
docker-build:
runs-on: ubuntu-latest
steps:
- name: Build the Docker image
run: docker build . --file Dockerfile --tag my-image-name:$(date +%s)
docker-deploy:
runs-on: ubuntu-latest
steps:
- name: Push Docker image to registry
uses: jerray/publish-docker-action#master
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
registry: docker.pkg.github.com
repository: jerray/publish-docker-action
auto_tag: true