chore: Move from Azure DevOps Pipelines to GitHub Actions#228
Conversation
…for dependency review, component detection, and linting
There was a problem hiding this comment.
PR Overview
This PR migrates the CI/CD pipeline configuration from Azure DevOps Pipelines to GitHub Actions and introduces several workflows for release, linting, static analysis, dependency review, and .NET builds.
- Migrates release build steps to GitHub Actions with semantic-release.
- Adds new GitHub Action workflows for linting, CodeQL analysis, dependency review, PR title validation, component detection, and .NET build/test.
Reviewed Changes
| File | Description |
|---|---|
| .github/workflows/release.yml | Adds a release workflow with .NET and Node.js steps for semantic-release. |
| .github/workflows/linter.yml | Adds a workflow for linting using Super Linter. |
| .github/workflows/codeql.yml | Adds a CodeQL analysis workflow triggered on push, pull_request, and schedule. |
| .github/workflows/dependency-review.yml | Adds a dependency review workflow for pull requests. |
| .github/workflows/semantic-pull-request.yml | Adds a workflow to validate PR titles semantically. |
| .github/workflows/component-detection.yml | Introduces a component detection workflow leveraging advanced security actions. |
| .github/workflows/dotnet.yml | Adds a .NET build/test workflow with Codecov integration. |
Copilot reviewed 14 out of 14 changed files in this pull request and generated 1 comment.
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
.NET 7 is not supported by the most recent .NET SDK version any more.
There was a problem hiding this comment.
PR Overview
This pull request transitions the CI/CD pipelines from Azure DevOps Pipelines to GitHub Actions, adding several new GitHub workflows while removing legacy test coverage for exception serialization.
- Added workflows for linting, release, dependency review, CodeQL, component detection, semantic PR validation, and .NET build & test.
- Removed the legacy ExceptionSerializationTests.cs to streamline the test suite.
Reviewed Changes
| File | Description |
|---|---|
| .github/workflows/linter.yml | Introduces a Super Linter workflow for codebase linting. |
| .github/workflows/release.yml | Sets up a release workflow using semantic-release and Node.js. |
| .github/workflows/dependency-review.yml | Adds a dependency review workflow for pull requests. |
| .github/workflows/codeql.yml | Configures CodeQL analysis for security scanning. |
| .github/workflows/component-detection.yml | Implements component detection via advanced-security action. |
| .github/workflows/semantic-pull-request.yml | Validates PR titles using semantic conventions. |
| .github/workflows/dotnet.yml | Defines a .NET build, test, and coverage reporting pipeline. |
| Microsoft.Security.Application.Encoder.UnitTests/ExceptionSerializationTests.cs | Removes legacy test coverage for exception serialization. |
Copilot reviewed 17 out of 17 changed files in this pull request and generated no comments.
Comments suppressed due to low confidence (2)
Microsoft.Security.Application.Encoder.UnitTests/ExceptionSerializationTests.cs:1
- The removal of ExceptionSerializationTests.cs may reduce test coverage for exception serialization scenarios. If this removal is intentional, ensure that the associated functionality is tested elsewhere.
Removal of ExceptionSerializationTests.cs
.github/workflows/dotnet.yml:39
- [nitpick] The repository slug 'TempMaiSe/TempMaiSe' appears hardcoded; please verify that it reflects the correct repository name or update it to match your current repository configuration.
slug: TempMaiSe/TempMaiSe
|
🎉 This PR is included in version 0.2.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
1 participant
I still love Azure DevOps Pipelines, but GitHub Actions just feel more natural to be used with GitHub due to the tight integration. (No surprise here.)
semantic-releaseFixes #150