Skip to content

Update dependabot.yml #561

Update dependabot.yml

Update dependabot.yml #561

Workflow file for this run

name: Build
on:
push:
branches:
- main
tags:
- '*'
paths-ignore:
- .devcontainer/**
- .vscode/**
- docs/**
- README.md
- LICENSE
- '**/README.md'
- .github/**
- '!.github/workflows/build.yml'
pull_request:
branches:
- main
paths-ignore:
- .devcontainer/**
- .vscode/**
- docs/**
- README.md
- LICENSE
- '**/README.md'
- .github/**
- '!.github/workflows/build.yml'
workflow_dispatch:
env:
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_RESOURCE_GROUP: ${{ secrets.AZURE_RESOURCE_GROUP }}
jobs:
Build:
runs-on: ubuntu-latest
env:
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
IMAGE_NAME: 'azure-resources-cleaner'
DOCKER_BUILDKIT: 1 # Enable Docker BuildKit
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0 # Required for GitVersion
- name: Install GitVersion
uses: gittools/actions/gitversion/setup@v3
with:
versionSpec: '6.x'
- name: Determine Version
uses: gittools/actions/gitversion/execute@v3
id: gitversion
with:
useConfigFile: true
- name: Setup .NET SDK
uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.x
- name: Restore
run: dotnet restore
- name: Build
run: >
dotnet build
--configuration Release
--no-restore
-p:VersionPrefix=${{ steps.gitversion.outputs.fullSemVer }}
- name: Test
run: >
dotnet test
--configuration Release
--no-build
--collect "Code coverage"
- name: Publish
run: >
dotnet publish
${{ github.workspace }}/Tingle.AzureCleaner/Tingle.AzureCleaner.csproj
--configuration Release
--output ${{ github.workspace }}/drop/Tingle.AzureCleaner
- name: Pack
run: >
dotnet pack
--no-build
--configuration Release
--output ${{ github.workspace }}/drop
-p:PackageVersion=${{ steps.gitversion.outputs.fullSemVer }}
- name: Replace tokens
uses: cschleiden/replace-tokens@v1
with:
files: '["${{ github.workspace }}/main.bicep"]'
- name: Build bicep file
uses: azure/cli@v2
with:
inlineScript: |
tdnf install -y icu
tdnf install -y jq
cp ${{ github.workspace }}/main.bicep ${{ github.workspace }}/drop/main.bicep && \
az bicep build --file main.bicep --outfile ${{ github.workspace }}/drop/main.json
- name: Upload Artifact (drop)
uses: actions/upload-artifact@v4
with:
path: ${{ github.workspace }}/drop/*
name: drop
retention-days: 1
- name: Create deploy folder
run: |
mkdir -p deploy
cp ${{ github.workspace }}/main.bicep ${{ github.workspace }}/deploy/main.bicep
cp ${{ github.workspace }}/main.parameters.json ${{ github.workspace }}/deploy/main.parameters.json
- name: Replace tokens in deploy folder
uses: cschleiden/replace-tokens@v1
with:
files: '["${{ github.workspace }}/deploy/main.parameters.json"]'
env:
DOCKER_IMAGE_TAG: ${{ steps.gitversion.outputs.fullSemVer }}
NOTIFICATION_PASSWORD: ${{ secrets.NOTIFICATION_PASSWORD }}
CLEANER_PROJECT_TOKEN: ${{ secrets.CLEANER_PROJECT_TOKEN }}
- name: Upload Artifact (drop)
uses: actions/upload-artifact@v4
with:
path: deploy
name: deploy
retention-days: 1
- name: Pull Docker base image & warm Docker cache
run: docker pull "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest"
continue-on-error: true
- name: Build image
run: |
docker build \
-f Tingle.AzureCleaner/Dockerfile \
--label com.github.image.run.id=${{ github.run_id }} \
--label com.github.image.run.number=${{ github.run_number }} \
--label com.github.image.job.id=${{ github.job }} \
--label com.github.image.source.sha=${{ github.sha }} \
--label com.github.image.source.branch=${{ github.ref }} \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest" \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.shortSha }}" \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.fullSemVer }}" \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.major}}.${{ steps.gitversion.outputs.minor }}" \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.major }}" \
--cache-from ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest \
--build-arg BUILDKIT_INLINE_CACHE=1 \
.
- name: Log into registry
if: ${{ (github.ref == 'refs/heads/main') || (!startsWith(github.ref, 'refs/pull')) || startsWith(github.ref, 'refs/tags') }}
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login https://ghcr.io -u ${{ github.actor }} --password-stdin
- name: Push image (latest, ShortSha)
if: ${{ (github.ref == 'refs/heads/main') || startsWith(github.ref, 'refs/tags') }}
run: |
docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest"
docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.shortSha}}"
- name: Push image (NuGetVersionV2)
if: ${{ !startsWith(github.ref, 'refs/pull') }}
run: docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.fullSemVer }}"
- name: Push image (major, minor)
if: startsWith(github.ref, 'refs/tags')
run: |
docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.major }}.${{ steps.gitversion.outputs.minor }}"
docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.major }}"
- name: Upload Release
if: startsWith(github.ref, 'refs/tags/')
uses: ncipollo/release-action@v1
with:
artifacts: >
${{ github.workspace }}/drop/main.bicep,
${{ github.workspace }}/drop/main.json
token: ${{ secrets.GITHUB_TOKEN }}
draft: true
allowUpdates: true
# Deploy:
# runs-on: ubuntu-latest
# needs: Build
# if: ${{ github.actor != 'dependabot[bot]' && ((github.ref == 'refs/heads/main') || startsWith(github.ref, 'refs/tags')) }}
# concurrency:
# group: ${{ github.workflow }}
# steps:
# - name: Download Artifact
# uses: actions/download-artifact@v4
# with:
# name: deploy
# path: ${{ github.workspace }}/deploy
# - name: Azure Login
# uses: azure/login@v2
# with:
# creds: ${{ secrets.AZURE_CREDENTIALS }}
# - name: Deploy
# uses: azure/arm-deploy@v2
# with:
# subscriptionId: ${{ env.AZURE_SUBSCRIPTION_ID }}
# resourceGroupName: ${{ env.AZURE_RESOURCE_GROUP }}
# template: '${{ github.workspace }}/deploy/main.bicep'
# parameters: '${{ github.workspace }}/deploy/main.parameters.json'
# scope: 'resourcegroup'
GitHubPackages:
runs-on: ubuntu-latest
name: Publish (GitHub Packages)
needs: Build
if: ${{ github.actor != 'dependabot[bot]' && ((github.ref == 'refs/heads/main') || startsWith(github.ref, 'refs/tags')) }}
steps:
- uses: actions/download-artifact@v4
with:
name: drop
path: ${{ github.workspace }}/drop
- name: Setup .NET SDK
uses: actions/setup-dotnet@v4
with:
dotnet-version: '8.x'
source-url: https://nuget.pkg.github.com/${{ github.repository_owner }}/index.json
env:
NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Publish to nuget.pkg.github.com
run: >
dotnet nuget push "${{ github.workspace }}/drop/*"
-k ${{ secrets.GITHUB_TOKEN }}
--skip-duplicate
NugetOrg:
runs-on: ubuntu-latest
name: Publish (Nuget.org)
needs: Build
if: ${{ github.actor != 'dependabot[bot]' && startsWith(github.ref, 'refs/tags') }}
steps:
- uses: actions/download-artifact@v4
with:
name: drop
path: ${{ github.workspace }}/drop
- name: Setup .NET SDK
uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.x
source-url: https://api.nuget.org/v3/index.json
env:
NUGET_AUTH_TOKEN: ${{ secrets.NUGET_API_KEY }}
- name: Publish to NuGet.org
if: startsWith(github.ref, 'refs/tags/')
run: >
dotnet nuget push "${{ github.workspace }}/drop/*"
-k ${{ secrets.NUGET_API_KEY }}
--skip-duplicate