Merge pull request #769 from microsoft/ci/main-to-v2

MIchaelMainer · web-flow · commit 3c7890757f72 · 2026-01-06T13:25:48.000-08:00
ci/main to v2
diff --git a/.azure-pipelines/ci-build.yml b/.azure-pipelines/ci-build.yml
@@ -8,6 +8,7 @@ trigger:
     include:
       - main
       - support/v1
+      - support/v2
   tags:
     include:
       - 'v*'
@@ -16,6 +17,7 @@ pr:
     include:
       - main
       - support/v1
+      - support/v2
 
 variables:
   buildPlatform: 'Any CPU'
diff --git a/.github/policies/OpenAPI.NET.OData-branch-protection.yml b/.github/policies/OpenAPI.NET.OData-branch-protection.yml
@@ -49,6 +49,42 @@ configuration:
     # This branch pattern applies to the following branches as of 06/09/2024 20:45:44:
     # support/v1
 
+    # Specifies whether this branch can be deleted. boolean
+    allowsDeletions: false
+    # Specifies whether forced pushes are allowed on this branch. boolean
+    allowsForcePushes: false
+    # Specifies whether new commits pushed to the matching branches dismiss pull request review approvals. boolean
+    dismissStaleReviews: true
+    # Specifies whether admins can overwrite branch protection. boolean
+    isAdminEnforced: false
+    # Indicates whether "Require a pull request before merging" is enabled. boolean
+    requiresPullRequestBeforeMerging: true
+    # Specifies the number of pull request reviews before merging. int (0-6). Should be null/empty if PRs are not required
+    requiredApprovingReviewsCount: 1
+    # Require review from Code Owners. Requires requiredApprovingReviewsCount. boolean
+    requireCodeOwnersReview: true
+    # Are commits required to be signed. boolean. TODO: all contributors must have commit signing on local machines.
+    requiresCommitSignatures: false
+    # Are conversations required to be resolved before merging? boolean
+    requiresConversationResolution: true
+    # Are merge commits prohibited from being pushed to this branch. boolean
+    requiresLinearHistory: false
+    # Required status checks to pass before merging. Values can be any string, but if the value does not correspond to any existing status check, the status check will be stuck on pending for status since nothing exists to push an actual status
+    requiredStatusChecks:
+    - license/cla
+    - Continuous Integration
+    - CodeQL
+    # Require branches to be up to date before merging. This should be false since the repo contains autogenerated files. boolean
+    requiresStrictStatusChecks: false
+    # Indicates whether there are restrictions on who can push. boolean. Should be set with whoCanPush.
+    restrictsPushes: false
+    # Restrict who can dismiss pull request reviews. boolean
+    restrictsReviewDismissals: false
+
+  - branchNamePattern: support/v2
+    # This branch pattern applies to the following branches as of 06/09/2024 20:45:44:
+    # support/v1
+
     # Specifies whether this branch can be deleted. boolean
     allowsDeletions: false
     # Specifies whether forced pushes are allowed on this branch. boolean
diff --git a/.github/release-please.yml b/.github/release-please.yml
@@ -3,5 +3,8 @@ primaryBranch: main
 handleGHRelease: true
 branches:
   - branch: support/v1
+    manifest: true
+    handleGHRelease: true
+  - branch: support/v2
     manifest: true
     handleGHRelease: true
diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml
@@ -17,7 +17,7 @@ jobs:
       GITHUB_RUN_NUMBER: ${{ github.run_number }}
     steps:
       - name: Setup .NET
-        uses: actions/setup-dotnet@v4
+        uses: actions/setup-dotnet@v5
         with:
           dotnet-version: 8.0.x
 
@@ -44,7 +44,7 @@ jobs:
 
       - name: Checkout repository
         id: checkout_repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           fetch-depth: 0
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -13,10 +13,10 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [ main, support/v1 ]
+    branches: [ main, support/v1, support/v2 ]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ main, support/v1 ]
+    branches: [ main, support/v1, support/v2 ]
   schedule:
     - cron: '32 2 * * 6'
   workflow_dispatch:
@@ -39,16 +39,16 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
       
     - name: Setup .NET
-      uses: actions/setup-dotnet@v4
+      uses: actions/setup-dotnet@v5
       with:
         dotnet-version: 8.0.x
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v4
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -76,4 +76,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v4
diff --git a/.github/workflows/release-please-gha.yml b/.github/workflows/release-please-gha.yml
@@ -0,0 +1,43 @@
+## -----------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+## -----------------------------------------------------------------------------
+#
+# Summary:
+# This GitHub Actions workflow automates the release process using Release Please.
+# It triggers on pushes to the main branch, generates a GitHub App token using organization
+# variables and secrets, and then runs the release-please-action to manage versioning and changelogs.
+
+name: Release Please
+
+on:
+  push:
+    branches:
+      - main
+      - support/v1
+      - support/v2
+
+permissions:
+  contents: read
+
+jobs:
+  release-please-master:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+
+      - name: Generate GitHub App token
+        id: app-token
+        uses: actions/create-github-app-token@v2
+        with:
+          app-id: ${{ vars.RELEASE_PLEASE_TOKEN_PROVIDER_APP_ID }}
+          private-key: ${{ secrets.RELEASE_PLEASE_TOKEN_PROVIDER_PEM }}
+
+      - name: Release Please
+        uses: googleapis/release-please-action@v4
+        with:
+          token: ${{ steps.app-token.outputs.token }}
+          config-file: release-please-config.json
+          manifest-file: .release-please-manifest.json
+          target-branch: ${{ github.ref_name }}
diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
@@ -5,6 +5,7 @@ on:
     branches:
       - main
       - support/v1
+      - support/v2
     paths-ignore: ['.vscode/**']
   pull_request:
     types: [opened, synchronize, reopened]
@@ -35,19 +36,19 @@ jobs:
     runs-on: windows-latest
     steps:
       - name: Set up JDK 17
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           distribution: 'adopt'
           java-version: 17
       - name: Setup .NET
-        uses: actions/setup-dotnet@v4
+        uses: actions/setup-dotnet@v5
         with:
           dotnet-version: 8.0.x
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
       - name: Cache SonarCloud packages
-        uses: actions/cache@v4
+        uses: actions/cache@v5
         with:
           path: ~/.sonar/cache
           key: ${{ runner.os }}-sonar
diff --git a/.github/workflows/validate-descriptions.yml b/.github/workflows/validate-descriptions.yml
@@ -2,9 +2,9 @@ name: OpenAPI Parser Validation for latest OpenAPI docs
 
 on:
   push:
-    branches: [ main, support/v1 ]
+    branches: [ main, support/v1, support/v2 ]
   pull_request:
-    branches: [ main, support/v1 ]
+    branches: [ main, support/v1, support/v2 ]
 
 jobs:
 
@@ -13,7 +13,7 @@ jobs:
     outputs:
       matrix: ${{ steps.set-descriptions.outputs.matrix }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - id: set-descriptions
         run: echo "::set-output name=matrix::$(ls test/**/Resources/*.{json,yaml} | sed 's/.*\///' | jq -R -s -c 'split("\n")[:-1]')"
 
@@ -26,11 +26,11 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
       with:
         submodules: recursive
 
     - name: Validate description with redocly
       uses: fluximus-prime/redocly-cli-github-action@v1
       with:
-        args: 'lint test/Microsoft.OpenAPI.OData.Reader.Tests/Resources/${{ matrix.descriptions }} --skip-rule operation-4xx-response --skip-rule no-server-trailing-slash --skip-rule no-unused-components --skip-rule security-defined --skip-rule info-license-url --skip-rule info-license --skip-rule no-empty-servers --skip-rule operation-summary --skip-rule tag-description --max-problems 1000'
+        args: 'lint test/Microsoft.OpenAPI.OData.Reader.Tests/Resources/${{ matrix.descriptions }} --max-problems 1000 --config redocly.yaml'
