Merge pull request #2146 from Particular/dependabot/npm_and_yarn/src/… #2091
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - release-* | |
| tags: | |
| - "[0-9]+.[0-9]+.[0-9]+" | |
| - "[0-9]+.[0-9]+.[0-9]+-*" | |
| pull_request: | |
| workflow_dispatch: | |
| env: | |
| DOTNET_NOLOGO: true | |
| jobs: | |
| windows-standalone: | |
| if: ${{ github.actor != 'dependabot[bot]' }} | |
| runs-on: windows-2022 | |
| steps: | |
| - name: Check for secrets | |
| env: | |
| SECRETS_AVAILABLE: ${{ secrets.SECRETS_AVAILABLE }} | |
| shell: pwsh | |
| run: exit $(If ($env:SECRETS_AVAILABLE -eq 'true') { 0 } Else { 1 }) | |
| - name: Checkout | |
| uses: actions/[email protected] | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup .NET SDK | |
| uses: actions/[email protected] | |
| with: | |
| dotnet-version: 7.0.x | |
| - name: Set up Node.js | |
| uses: actions/[email protected] | |
| with: | |
| node-version: 21.6.x | |
| - name: Build Frontend | |
| run: .\build.ps1 | |
| working-directory: src/ServicePulse.Host | |
| # .NET Build and sign | |
| - name: Build | |
| run: dotnet build src --configuration Release | |
| - name: Validate build version | |
| if: ${{ github.event_name == 'push' && github.ref_type == 'tag' }} | |
| uses: ./.github/actions/validate-version | |
| with: | |
| version: ${{ env.MinVerVersion }} | |
| - name: Sign NuGet packages | |
| uses: Particular/[email protected] | |
| with: | |
| client-id: ${{ secrets.AZURE_KEY_VAULT_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_KEY_VAULT_TENANT_ID }} | |
| client-secret: ${{ secrets.AZURE_KEY_VAULT_CLIENT_SECRET }} | |
| certificate-name: ${{ secrets.AZURE_KEY_VAULT_CERTIFICATE_NAME }} | |
| - name: Setup Advanced Installer | |
| run: | | |
| $version = "20.2.1" | |
| choco install advanced-installer --version=$version | |
| & "C:\Program Files (x86)\Caphyon\Advanced Installer $version\bin\x86\AdvancedInstaller.com" /register ${{ secrets.ADVANCED_INSTALLER_LICENSE_KEY }} | |
| - name: Prepare AIP file | |
| run: | | |
| $content = Get-Content -Raw -Path src/Setup/ServicePulse.aip | |
| $content = $content -replace "replace-tenant-id", "${{ secrets.AZURE_KEY_VAULT_TENANT_ID }}" -replace "replace-app-id", "${{ secrets.AZURE_KEY_VAULT_CLIENT_ID }}" -replace "replace-cert-name", "${{ secrets.AZURE_KEY_VAULT_CERTIFICATE_NAME }}" | |
| Set-Content src/Setup/ServicePulse.aip $content | |
| - name: Build Windows installer | |
| env: | |
| AZURE_KEY_VAULT_CLIENT_SECRET: ${{ secrets.AZURE_KEY_VAULT_CLIENT_SECRET }} | |
| run: dotnet build src/Setup --configuration Release | |
| # Upload artifacts | |
| - name: Publish artifacts | |
| uses: actions/[email protected] | |
| with: | |
| name: artifacts | |
| path: | | |
| assets/* | |
| nugets/* | |
| retention-days: 1 | |
| - name: Verify release artifact counts | |
| shell: pwsh | |
| run: | | |
| $assetsCount = (Get-ChildItem -Recurse -File assets).Count | |
| $nugetsCount = (Get-ChildItem -Recurse -File nugets).Count | |
| $expectedAssetsCount = 1 | |
| $expectedNugetsCount = 1 | |
| if ($assetsCount -ne $expectedAssetsCount) | |
| { | |
| Write-Host Assets: Expected $expectedAssetsCount but found $assetsCount | |
| exit -1 | |
| } | |
| if ($nugetsCount -ne $expectedNugetsCount) | |
| { | |
| Write-Host Nugets: Expected $expectedNugetsCount but found $nugetsCount | |
| exit -1 | |
| } | |
| # Deploy to Octopus | |
| - name: Deploy | |
| if: ${{ github.event_name == 'push' && github.ref_type == 'tag' }} | |
| # Does not follow standard practice of targeting explicit versions because configuration is tightly coupled to Octopus Deploy configuration | |
| uses: Particular/push-octopus-package-action@main | |
| with: | |
| octopus-deploy-api-key: ${{ secrets.OCTOPUS_DEPLOY_API_KEY }} | |
| linux-container: | |
| if: ${{ github.actor != 'dependabot[bot]' }} | |
| runs-on: ubuntu-22.04 | |
| name: linux-container | |
| defaults: | |
| run: | |
| shell: bash | |
| steps: | |
| - name: Check for secrets | |
| env: | |
| SECRETS_AVAILABLE: ${{ secrets.SECRETS_AVAILABLE }} | |
| shell: pwsh | |
| run: exit $(If ($env:SECRETS_AVAILABLE -eq 'true') { 0 } Else { 1 }) | |
| - name: Checkout | |
| uses: actions/[email protected] | |
| with: | |
| fetch-depth: 0 | |
| - name: Install MinVer CLI | |
| run: dotnet tool install --global minver-cli | |
| - name: Determine version | |
| shell: pwsh | |
| run: | | |
| # Read settings from Custom.Build.props | |
| [xml]$xml = Get-Content ./src/Custom.Build.props | |
| $minMajorMinor = $xml.selectNodes('/Project/PropertyGroup/MinVerMinimumMajorMinor').InnerText | |
| $autoIncrement = $xml.selectNodes('/Project/PropertyGroup/MinVerAutoIncrement').InnerText | |
| echo "MinVerMinimumMajorMinor=$minMajorMinor, MinVerAutoIncrement=$autoIncrement" | |
| if (-not ($minMajorMinor -and $autoIncrement)) { | |
| throw "Missing MinVer settings in Custom.Build.props" | |
| } | |
| # Execute MinVer | |
| echo "MinVerVersion=$(minver --minimum-major-minor $minMajorMinor --auto-increment $autoIncrement)" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf-8 -Append | |
| - name: Validate build version | |
| if: ${{ github.event_name == 'push' && github.ref_type == 'tag' }} | |
| uses: ./.github/actions/validate-version | |
| with: | |
| version: ${{ env.MinVerVersion }} | |
| - name: Set up Docker Buildx | |
| uses: docker/[email protected] | |
| - name: Log in to GitHub container registry | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| - name: Build & inspect image | |
| env: | |
| TAG_NAME: ${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.number) || env.MinVerVersion }} | |
| run: | | |
| docker buildx build --push --tag ghcr.io/particular/servicepulse:${{ env.TAG_NAME }} \ | |
| --file src/ServicePulse/Dockerfile \ | |
| --build-arg VERSION=${{ env.MinVerVersion }} \ | |
| --annotation "index:org.opencontainers.image.title=ServicePulse" \ | |
| --annotation "index:org.opencontainers.image.description=ServicePulse provides real-time production monitoring for distributed applications. It monitors the health of a system's endpoints, detects processing errors, sends failed messages for reprocessing, and ensures the specific environment's needs are met, all in one consolidated dashboard." \ | |
| --annotation "index:org.opencontainers.image.created=$(date '+%FT%TZ')" \ | |
| --annotation "index:org.opencontainers.image.revision=${{ github.sha }}" \ | |
| --annotation "index:org.opencontainers.image.authors=Particular Software" \ | |
| --annotation "index:org.opencontainers.image.vendor=Particular Software" \ | |
| --annotation "index:org.opencontainers.image.version=${{ env.MinVerVersion }}" \ | |
| --annotation "index:org.opencontainers.image.source=https://github.com/${{ github.repository }}/tree/${{ github.sha }}" \ | |
| --annotation "index:org.opencontainers.image.url=https://hub.docker.com/r/particular/servicepulse" \ | |
| --annotation "index:org.opencontainers.image.documentation=https://docs.particular.net/servicepulse/" \ | |
| --annotation "index:org.opencontainers.image.base.name=mcr.microsoft.com/dotnet/aspnet:8.0-noble-chiseled-composite" \ | |
| --platform linux/arm64,linux/amd64 . | |
| docker buildx imagetools inspect ghcr.io/particular/servicepulse:${{ env.TAG_NAME }} |