Georges034302
diff --git a/‎.github/workflows/ci.yaml‎
Lines changed: 21 additions & 0 deletions b/‎.github/workflows/ci.yaml‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎CONTRIBUTING.md‎
Lines changed: 28 additions & 0 deletions b/‎CONTRIBUTING.md‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎INSTRUCTIONS.md‎
Lines changed: 39 additions & 0 deletions b/‎INSTRUCTIONS.md‎
Lines changed: 39 additions & 0 deletions
@@ -0,0 +1,21 @@
+name: .NET CI
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup .NET
+        uses: actions/setup-dotnet@v3
+        with:
+          dotnet-version: 8.0.x
+      - name: Restore
+        run: dotnet restore UserApp/UserApp.csproj
+      - name: Build
+        run: dotnet build UserApp/UserApp.csproj --no-restore
+      - name: Test
+        run: dotnet test UserApp/UserApp.csproj --no-build --verbosity normal
@@ -0,0 +1,28 @@
+# CONTRIBUTING.md
+
+Thank you for your interest in contributing to UserApp!
+
+## How to Contribute
+
+1. **Fork the repository** and create your branch from `main`.
+2. **Follow the project structure**: organize code into Models, Services, and Controllers.
+3. **Write clear, secure code**: avoid hardcoded secrets and use parameterized queries for database access.
+4. **Document your code**: use XML comments for public methods and update documentation as needed.
+5. **Test your changes**: run `dotnet test` before submitting a pull request.
+6. **Check for security issues**: ensure CodeQL and secret scanning pass in CI.
+7. **Submit a pull request**: describe your changes and reference related issues.
+
+## Code of Conduct
+
+- Be respectful and collaborative.
+- Follow secure coding practices.
+- Report vulnerabilities responsibly.
+
+## Resources
+
+- [README.md](./README.md)
+- [INSTRUCTIONS.md](./INSTRUCTIONS.md)
+- [GitHub Security Documentation](https://docs.github.com/en/code-security)
+
+---
+We appreciate your contributions to making UserApp secure and reliable!
@@ -0,0 +1,39 @@
+# INSTRUCTIONS.md
+
+## Project Setup
+
+1. Clone the repository:
+   ```bash
+   git clone <repo-url>
+   cd secure-dotnet-api-codeql
+   ```
+2. Install .NET 8 SDK if not already installed.
+3. Restore dependencies:
+   ```bash
+   dotnet restore UserApp/UserApp.csproj
+   ```
+4. Build the project:
+   ```bash
+   dotnet build UserApp/UserApp.csproj
+   ```
+5. Run the API:
+   ```bash
+   dotnet run --project UserApp/UserApp.csproj
+   ```
+
+## Usage
+
+- Access the API endpoints:
+  - Get user by ID: `GET /api/user?id=1`
+  - Get user by email: `GET /api/user/[email protected]`
+- API configuration is managed in `UserApp/appsettings.json`.
+- Swagger UI is available at `/swagger` for interactive API documentation.
+
+## Security & Code Quality
+
+- CodeQL and Dependabot are enabled for automated security and dependency updates.
+- Secret scanning and push protection are enforced via GitHub settings.
+- Custom CodeQL queries detect hardcoded secrets.
+
+---
+For more details, see the README.md and CONTRIBUTING.md files.