Add GitHub Actions build (#449)

---------

Co-authored-by: Howard van Rooijen <Howard.vanRooijen@endjin.com>
Co-authored-by: Mike Evans-Larah <mike.evans-larah@endjin.com>
Co-authored-by: James Dawson <james.dawson@endjin.com>
Co-authored-by: Jessica Hill <Jessica.Hill@endjin.com>

Author: 5 people

.github/workflows/build.yml

@@ -0,0 +1,98 @@
+name: build
+on:
+  push:
+    branches:
+    - main
+    tags:
+    - '*'
+  pull_request:
+    branches:
+    - main
+  workflow_dispatch:
+    inputs:
+      forcePublish:
+        description: When true the Publish stage will always be run, otherwise it only runs for tagged versions.
+        required: false
+        default: false
+        type: boolean
+      skipCleanup:
+        description: When true the pipeline clean-up stage will not be run. For example, the cache used between pipeline stages will be retained.
+        required: false
+        default: false
+        type: boolean
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+permissions:
+  actions: write  # enable cache clean-up
+  checks: write  # enable test result annotations
+  contents: write  # enable creating releases
+  issues: read
+  packages: write  # enable publishing packages
+  pull-requests: write  # enable test result annotations 
+
+jobs:
+  prepareConfig:
+    name: Prepare Configuration
+    runs-on: ubuntu-latest
+    outputs:
+      RESOLVED_ENV_VARS: ${{ steps.prepareEnvVarsAndSecrets.outputs.environmentVariablesYamlBase64 }}
+      RESOLVED_SECRETS: ${{ steps.prepareEnvVarsAndSecrets.outputs.secretsYamlBase64 }}
+    steps:
+    # Declare any environment variables and/or secrets that need to be available inside the build process
+    - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/prepare-env-vars-and-secrets@main
+      id: prepareEnvVarsAndSecrets
+      with:
+        # BUILDVAR_NuGetPublishSource:
+        #  When publishing NuGet packages only tagged versions get pushed to nuget.org, otherwise
+        #  they are pushed to GitHub Packages
+        # BUILDVAR_UseAcrTasks:
+        #  Due to the build phases running as separate jobs the container images built via 'docker build'
+        #  in the Package phase are not available to the Publish phase. Therefore, we use ACR Tasks to
+        #  build the images instead.
+        environmentVariablesYaml: |
+          BUILDVAR_NuGetPublishSource: "${{ startsWith(github.ref, 'refs/tags/') && 'https://api.nuget.org/v3/index.json' || 'https://nuget.pkg.github.com/endjin/index.json' }}"
+          BUILDVAR_ContainerRegistryFqdn: endjin.azurecr.io
+          BUILDVAR_UseAcrTasks: true
+        secretsYaml: |
+          NUGET_API_KEY: "${{ startsWith(github.ref, 'refs/tags/') && secrets.ENDJIN_NUGET_APIKEY || secrets.ENDJIN_GITHUB_PUBLISHER_PAT }}"
+
+  build:
+    needs: prepareConfig
+    uses: endjin/Endjin.RecommendedPractices.GitHubActions/.github/workflows/scripted-build-matrix-pipeline.yml@main
+    with:
+      netSdkVersion: '8.x'
+      # workflow_dispatch inputs are always strings, the type property is just for the UI
+      forcePublish: ${{ github.event.inputs.forcePublish == 'true' }}
+      skipCleanup: ${{ github.event.inputs.skipCleanup == 'true' }}
+
+      # These pass arbitrary environment variables to each of the build pipeline phases,
+      # as defined in the 'environmentVariablesYaml' property above.
+      compilePhaseEnv: ${{ needs.prepareConfig.outputs.RESOLVED_ENV_VARS }}
+      testPhaseEnv: ${{ needs.prepareConfig.outputs.RESOLVED_ENV_VARS }}
+      testPhaseMatrixJson: |
+        {
+          "os": ["ubuntu-latest", "windows-latest"],
+          "dotnetFramework": ["net8.0"],
+          "exclude": []
+        }
+      packagePhaseEnv: ${{ needs.prepareConfig.outputs.RESOLVED_ENV_VARS }}
+      publishPhaseEnv: ${{ needs.prepareConfig.outputs.RESOLVED_ENV_VARS }}
+    secrets:
+      # Ensures the build pipeline has access to pull images from the ACR and write SBOMs to storage
+      compilePhaseAzureCredentials: ${{ secrets.ENDJIN_PROD_ACR_READER_CREDENTIALS }}
+      # Ensures the build pipeline has access to run ACR Tasks
+      packagePhaseAzureCredentials: ${{ secrets.ENDJIN_PROD_ACR_PUBLISH_CREDENTIALS }}
+      # Ensures the build pipeline has access to push/re-tag images to the ACR
+      publishPhaseAzureCredentials: ${{ secrets.ENDJIN_PROD_ACR_PUBLISH_CREDENTIALS }}
+      
+      # Uncomment the following to pass arbitrary secrets to the required build pipeline phases,
+      # as defined in the 'secretsYaml' property above.  They will be available to the
+      # scripted build process as environment variables.
+      #
+      # compilePhaseSecrets: ${{ needs.prepareConfig.outputs.RESOLVED_SECRETS }}
+      # testPhaseSecrets: ${{ needs.prepareConfig.outputs.RESOLVED_SECRETS }}
+      packagePhaseSecrets: ${{ needs.prepareConfig.outputs.RESOLVED_SECRETS }}
+      publishPhaseSecrets: ${{ needs.prepareConfig.outputs.RESOLVED_SECRETS }}

Solutions/Corvus.Testing.AzureFunctions.DemoFunction.InProcess/SampleFunction.cs

@@ -60,4 +60,4 @@ public async Task<IActionResult> SampleGetHandler(
                 : new BadRequestObjectResult("Please pass a name on the query string or in the request body");
         }
     }
-}
+}

Solutions/Corvus.Testing.AzureFunctions.DemoFunctions.Isolated/Program.cs

@@ -4,4 +4,4 @@
     .ConfigureFunctionsWorkerDefaults()
     .Build();
 
-host.Run();
+host.Run();

Solutions/Corvus.Testing.AzureFunctions.SpecFlow.Demo/AzureFunctionsTesting/DemoFunctionConfig.cs

@@ -29,4 +29,4 @@ public static void SetupTestConfig(SpecFlowContext context)
             functionConfiguration.CopyToEnvironmentVariables(config);
         }
     }
-}
+}

build.ps1

@@ -1,3 +1,4 @@
+#Requires -Version 7
 <#
 .SYNOPSIS
     Runs a .NET flavoured build process.
@@ -133,6 +134,11 @@ $SkipPackage = $false
 $SkipPublish = $false
 
 
+# NOTE: Install the 'Endjin.RecommendedPractices.Build' VS Code extension to get handy
+#       snippets for enabling & configuring features in this build script.
+#       Once installed <CTRL-ALT-J> will open the snippet picker and you can type 'build'
+#       to see the available snippets.
+
 #
 # Build process configuration
 #
@@ -152,6 +158,30 @@ $NuSpecFilesToPackage = @(
 #
 $ExcludeFilesFromCodeCoverage = ""
 
+# Bump version to one that supports installing on .NET 8.0
+$covenantVersion = "0.19.0"
+
+task Install-AzureFunctionsSDK {
+    
+    $existingVersion = ""
+    if ((Get-Command func -ErrorAction Ignore)) {
+        $existingVersion = exec { & func --version }
+    }
+
+    if (!$existingVersion -or $existingVersion -notlike "4.*") {
+        Write-Build White "Installing/updating Azure Functions Core Tools..."
+        if ($IsWindows) {
+            exec { & npm install -g azure-functions-core-tools@ --unsafe-perm true }
+        }
+        else {
+            Write-Build Yellow "NOTE: May require 'sudo' on Linux/MacOS"
+            exec { & sudo npm install -g azure-functions-core-tools@ --unsafe-perm true }
+        }
+    } 
+}
+
+task PreTest Init, Install-AzureFunctionsSDK
+
 # Synopsis: Build, Test and Package
 task . FullBuild
 
@@ -164,7 +194,7 @@ task PreVersion {}
 task PostVersion {}
 task PreBuild {}
 task PostBuild {}
-task PreTest {}
+task PreTest Init, Install-AzureFunctionsSDK, {}
 task PostTest {}
 task PreTestReport {}
 task PostTestReport {}