BitcoinKernel.NET/.github/workflows/ci.yml at main · janb84/BitcoinKernel.NET · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
name: CI

on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

jobs:
  build-and-test:
    name: Build and Test
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [ubuntu-latest, macos-latest]
        dotnet-version: ['9.0.x']
      fail-fast: false

    steps:
    - name: Checkout code
      uses: actions/checkout@v5

    - name: Setup .NET
      uses: actions/setup-dotnet@v5
      with:
        dotnet-version: ${{ matrix.dotnet-version }}

    - name: Restore dependencies
      run: dotnet restore

    - name: Build
      run: dotnet build --configuration Release --no-restore

    - name: Test with dotnet
      run: dotnet test --no-restore --logger trx --results-directory "TestResults-${{ matrix.dotnet-version }}"

    - name: Upload dotnet test results
      uses: actions/upload-artifact@v4
      with:
        name: dotnet-results--${{ matrix.os }}
        path: TestResults--${{ matrix.os }}
      if: ${{ always() }}

  lint:
    name: Lint/Format Check
    runs-on: ubuntu-latest

    steps:
    - name: Checkout code
      uses: actions/checkout@v5

    - name: Setup .NET
      uses: actions/setup-dotnet@v5
      with:
        dotnet-version: '9.0.x'

    - name: Restore dependencies
      run: dotnet restore

    - name: Check formatting
      run: dotnet format --verify-no-changes --verbosity diagnostic

  security:
    name: Security Scan
    runs-on: ubuntu-latest

    steps:
    - name: Checkout code
      uses: actions/checkout@v5

    - name: Setup .NET
      uses: actions/setup-dotnet@v5
      with:
        dotnet-version: '9.0.x'

    - name: Restore dependencies
      run: dotnet restore

    - name: Checking for external vulnerabilites
      run: |
        dotnet list package --vulnerable --include-transitive 2>&1 | tee vuln.log
        echo "Analyze dotnet list package..."
        ! grep -q -i "has the following vulnerable packages" vuln.log

  conformance-tests:
    name: Conformance Tests
    runs-on: ${{ matrix.os }}
    needs: build-and-test
    strategy:
      fail-fast: false
      matrix:
        include:
          - os: macos-latest
            platform: darwin_arm64
          - os: ubuntu-latest
            platform: linux_amd64

    env:
      TEST_VERSION: '0.0.3-alpha.4'
      TEST_REPO: 'stringintech/kernel-bindings-tests'
      TEST_DIR: '.conformance-tests'

    steps:
    - name: Checkout code
      uses: actions/checkout@v5

    - name: Setup .NET
      uses: actions/setup-dotnet@v5
      with:
        dotnet-version: '9.0.x'

    - name: Build conformance handler
      run: |
        dotnet build tools/kernel-bindings-test-handler/kernel-bindings-test-handler.csproj -c Release
        dotnet publish tools/kernel-bindings-test-handler/kernel-bindings-test-handler.csproj -c Release -o handler-bin

    - name: Download test runner
      run: |
        mkdir -p ${{ env.TEST_DIR }}
        DOWNLOAD_URL="https://github.com/${{ env.TEST_REPO }}/releases/download/v${{ env.TEST_VERSION }}/kernel-bindings-tests_${{ env.TEST_VERSION }}_${{ matrix.platform }}.tar.gz"
        echo "Downloading from: $DOWNLOAD_URL"
        curl --fail -L -o ${{ env.TEST_DIR }}/test-runner.tar.gz "$DOWNLOAD_URL"
        tar -xzf ${{ env.TEST_DIR }}/test-runner.tar.gz -C ${{ env.TEST_DIR }}
        chmod +x ${{ env.TEST_DIR }}/runner

    - name: Run conformance tests
      run: |
        ${{ env.TEST_DIR }}/runner --handler handler-bin/kernel-bindings-test-handler