Update build.yml

jongalloway · jongalloway · commit 3cc52898f267 · 2025-06-19T20:14:40.000-07:00
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -0,0 +1,178 @@
+name: .NET Build and Test
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main, develop ]
+
+env:
+  DOTNET_VERSION: '9.0.x'
+  DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
+  DOTNET_NOLOGO: true
+  DOTNET_CLI_TELEMETRY_OPTOUT: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    
+    strategy:
+      matrix:
+        configuration: [Debug, Release]
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0 # Shallow clones should be disabled for better analysis
+
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: ${{ env.DOTNET_VERSION }}
+        include-prerelease: true
+
+    - name: Display .NET info
+      run: dotnet --info
+
+    - name: Cache NuGet packages
+      uses: actions/cache@v4
+      with:
+        path: ~/.nuget/packages
+        key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj', '**/*.props') }}
+        restore-keys: |
+          ${{ runner.os }}-nuget-
+
+    - name: Restore dependencies
+      run: dotnet restore
+
+    - name: Build solution
+      run: dotnet build --configuration ${{ matrix.configuration }} --no-restore --verbosity minimal
+
+    - name: Test library (if tests exist)
+      run: |
+        # Check if there are any test projects in the src/NLWebNet directory
+        TEST_PROJECTS=$(find src/NLWebNet -name "*.csproj" -exec grep -l "Microsoft.NET.Test.Sdk\|xunit\|NUnit\|MSTest" {} \; 2>/dev/null || true)
+        
+        if [ -n "$TEST_PROJECTS" ]; then
+          echo "Found test projects, running tests..."
+          dotnet test src/NLWebNet --configuration ${{ matrix.configuration }} --no-build --verbosity minimal --logger "trx;LogFileName=test-results-${{ matrix.configuration }}.trx" --results-directory TestResults/
+        else
+          echo "No test projects found in src/NLWebNet - skipping tests (tests will be implemented in Phase 9)"
+          mkdir -p TestResults
+          echo "##[warning]No test projects found - tests will be implemented in Phase 9"
+        fi
+      continue-on-error: false
+
+    - name: Build demo application
+      run: dotnet build demo --configuration ${{ matrix.configuration }} --no-restore --verbosity minimal
+
+    - name: Publish test results
+      uses: dorny/test-reporter@v1
+      if: success() || failure()
+      with:
+        name: Test Results (${{ matrix.configuration }})
+        path: TestResults/*.trx
+        reporter: dotnet-trx
+        fail-on-error: false
+        fail-on-empty: false
+
+    - name: Upload build artifacts
+      if: matrix.configuration == 'Release'
+      uses: actions/upload-artifact@v4
+      with:
+        name: build-artifacts-${{ matrix.configuration }}
+        path: |
+          src/NLWebNet/bin/Release/
+          demo/bin/Release/
+        retention-days: 7
+
+  code-quality:
+    runs-on: ubuntu-latest
+    needs: build
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: ${{ env.DOTNET_VERSION }}
+        include-prerelease: true
+
+    - name: Restore dependencies
+      run: dotnet restore
+
+    - name: Run code analysis
+      run: |
+        dotnet build --configuration Release --verbosity minimal --warnaserror
+        
+    - name: Check formatting
+      run: dotnet format --verify-no-changes --verbosity diagnostic
+
+  security-scan:
+    runs-on: ubuntu-latest
+    needs: build
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: ${{ env.DOTNET_VERSION }}
+        include-prerelease: true
+
+    - name: Restore dependencies
+      run: dotnet restore
+
+    - name: Run security scan
+      run: |
+        dotnet list package --vulnerable --include-transitive 2>&1 | tee security-scan.log
+        if grep -q "has the following vulnerable packages" security-scan.log; then
+          echo "❌ Vulnerable packages found!"
+          exit 1
+        else
+          echo "✅ No vulnerable packages found."
+        fi
+
+  package-validation:
+    runs-on: ubuntu-latest
+    needs: build
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: ${{ env.DOTNET_VERSION }}
+        include-prerelease: true
+
+    - name: Restore dependencies
+      run: dotnet restore
+
+    - name: Pack NuGet package
+      run: dotnet pack src/NLWebNet --configuration Release --no-build --output ./packages
+
+    - name: Upload package artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: nuget-packages
+        path: ./packages/*.nupkg
+        retention-days: 30
+
+    - name: Validate package
+      run: |
+        echo "📦 Validating NuGet package..."
+        for package in ./packages/*.nupkg; do
+          echo "Validating: $package"
+          dotnet tool install --global dotnet-validate --version 0.0.1-preview.304
+          dotnet validate package local "$package"
+        done
