diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2ae9d6a..63f1bca 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,14 +2,14 @@ name: Build and Test on: push: - branches: [main] + branches: [ main ] paths-ignore: - "**/*.md" - "doc/**" - ".github/ISSUE_TEMPLATE/**" - ".github/pull_request_template.md" pull_request: - branches: [main] + branches: [ main ] paths-ignore: - "**/*.md" - "doc/**" @@ -47,7 +47,7 @@ jobs: DOTNET_NOLOGO: "1" steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # pin@v6 with: fetch-depth: 0 @@ -80,10 +80,10 @@ jobs: DOTNET_NOLOGO: "1" steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # pin@v6 - name: Setup .NET - uses: actions/setup-dotnet@v5 + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # pin@v5 with: dotnet-version: "10.0.x" @@ -113,10 +113,10 @@ jobs: DOTNET_NOLOGO: "1" steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # pin@v6 - name: Setup .NET - uses: actions/setup-dotnet@v5 + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # pin@v5 with: dotnet-version: "10.0.x" @@ -143,10 +143,10 @@ jobs: DOTNET_NOLOGO: "1" steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # pin@v6 - name: Setup .NET - uses: actions/setup-dotnet@v5 + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # pin@v5 with: dotnet-version: "10.0.x" @@ -180,11 +180,11 @@ jobs: DOTNET_NOLOGO: "1" steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # pin@v6 - name: Setup .NET id: setup_dotnet - uses: actions/setup-dotnet@v5 + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # pin@v5 with: dotnet-version: "10.0.x" @@ -237,7 +237,7 @@ jobs: id: upload_codecov # Upload from any full_validation run (push or workflow_dispatch) targeting the main branch. if: ${{ github.ref == 'refs/heads/main' }} - uses: codecov/codecov-action@v7 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # pin@v7 with: files: coverage.cobertura.xml token: ${{ secrets.CODECOV_TOKEN }} @@ -245,7 +245,7 @@ jobs: - name: Upload coverage artifact id: upload_coverage_artifact - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # pin@v7 with: name: coverage-cobertura path: coverage.cobertura.xml @@ -268,7 +268,7 @@ jobs: - name: Upload performance results artifact id: upload_performance_artifact - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # pin@v7 with: name: performance-results path: performance-results.txt diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 83a1721..d839dd1 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -13,9 +13,9 @@ name: "CodeQL Advanced" on: push: - branches: ["main"] + branches: [ "main" ] pull_request: - branches: ["main"] + branches: [ "main" ] schedule: - cron: "45 18 * * 0" @@ -67,7 +67,7 @@ jobs: # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # pin@v6 with: # Shallow clone for faster checkout on PRs fetch-depth: ${{ github.event_name == 'pull_request' && 1 || 0 }} @@ -82,7 +82,7 @@ jobs: # Setup .NET SDK for C# analysis - name: Setup .NET if: matrix.language == 'csharp' - uses: actions/setup-dotnet@v5 + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # pin@v5 with: dotnet-version: "10.0.x" cache: true @@ -93,7 +93,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # pin@v4 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -107,12 +107,12 @@ jobs: # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs # queries: security-extended,security-and-quality - # If the analyze step fails for one of the languages you are analyzing with - # "We were unable to automatically build your code", modify the matrix above - # to set the build mode to "manual" for that language. Then modify this step - # to build your code. - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + # If the analyze step fails for one of the languages you are analyzing with + # "We were unable to automatically build your code", modify the matrix above + # to set the build mode to "manual" for that language. Then modify this step + # to build your code. + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - name: Run manual build steps if: matrix.build-mode == 'manual' shell: bash @@ -125,6 +125,6 @@ jobs: exit 1 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # pin@v4 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index 00e527b..37bcefb 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -16,10 +16,10 @@ jobs: contents: read steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # pin@v6 - name: Setup .NET - uses: actions/setup-dotnet@v5 + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # pin@v5 with: dotnet-version: "10.0.x" diff --git a/.github/workflows/publish-mcp-registry.yml b/.github/workflows/publish-mcp-registry.yml index 0e8c33d..bc5e91b 100644 --- a/.github/workflows/publish-mcp-registry.yml +++ b/.github/workflows/publish-mcp-registry.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout repository id: checkout - uses: actions/checkout@v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # pin@v6 with: fetch-depth: 0 diff --git a/.github/workflows/publish-nuget.yml b/.github/workflows/publish-nuget.yml index 883512b..5bd6a3e 100644 --- a/.github/workflows/publish-nuget.yml +++ b/.github/workflows/publish-nuget.yml @@ -7,7 +7,8 @@ on: push: tags: - "v*" # Only runs on version tags like v1.0.0, v0.1.0-alpha.1 - workflow_dispatch: # Allows manual triggering from GitHub Actions UI + workflow_dispatch: + # Allows manual triggering from GitHub Actions UI jobs: publish: @@ -20,7 +21,7 @@ jobs: id-token: write # Required for OIDC token issuance (Trusted Publishing) steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # pin@v6 id: checkout with: fetch-depth: 0 # Required for MinVer to access Git history and tags @@ -42,7 +43,7 @@ jobs: - name: Setup .NET id: setup_dotnet - uses: actions/setup-dotnet@v5 + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # pin@v5 with: dotnet-version: "10.0.x" cache: true @@ -146,7 +147,7 @@ jobs: - name: NuGet login (OIDC ? temp API key) id: nuget_login - uses: NuGet/login@v1 + uses: NuGet/login@8d196754b4036150537f80ac539e15c2f1028841 # pin@v1 with: user: ${{ secrets.NUGET_USER }} @@ -230,7 +231,7 @@ jobs: - name: Upload package artifact (for registry publish) id: upload_nupkg_artifact - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # pin@v7 with: name: dotnet-mcp-nupkg path: ./artifacts/*.nupkg @@ -278,13 +279,13 @@ jobs: steps: - name: Checkout repository id: checkout - uses: actions/checkout@v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # pin@v6 with: fetch-depth: 0 - name: Download package artifact id: download_nupkg - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # pin@v8 with: name: dotnet-mcp-nupkg path: ./artifacts diff --git a/.github/workflows/release-scenarios.yml b/.github/workflows/release-scenarios.yml index 111dbd4..ebdd8c2 100644 --- a/.github/workflows/release-scenarios.yml +++ b/.github/workflows/release-scenarios.yml @@ -1,90 +1,90 @@ name: Release Scenario Tests (Manual) on: - workflow_dispatch: - inputs: - os: - description: "Runner OS (ubuntu-latest, windows-latest, or all)" - type: choice - options: - - ubuntu-latest - - windows-latest - - all - required: false - default: "ubuntu-latest" + workflow_dispatch: + inputs: + os: + description: "Runner OS (ubuntu-latest, windows-latest, or all)" + type: choice + options: + - ubuntu-latest + - windows-latest + - all + required: false + default: "ubuntu-latest" jobs: - release-scenarios: - name: Release scenarios (${{ matrix.os }}) - runs-on: ${{ matrix.os }} - timeout-minutes: 60 - permissions: - contents: read + release-scenarios: + name: Release scenarios (${{ matrix.os }}) + runs-on: ${{ matrix.os }} + timeout-minutes: 60 + permissions: + contents: read - strategy: - fail-fast: false - matrix: - os: ${{ inputs.os == 'all' && fromJSON('["ubuntu-latest", "windows-latest"]') || fromJSON(format('["{0}"]', inputs.os)) }} + strategy: + fail-fast: false + matrix: + os: ${{ inputs.os == 'all' && fromJSON('["ubuntu-latest", "windows-latest"]') || fromJSON(format('["{0}"]', inputs.os)) }} - env: - DOTNET_SKIP_FIRST_TIME_EXPERIENCE: "1" - DOTNET_CLI_TELEMETRY_OPTOUT: "1" - DOTNET_NOLOGO: "1" - DOTNET_MCP_SCENARIO_TESTS: "1" - DOTNET_MCP_RELEASE_SCENARIO_TESTS: "1" + env: + DOTNET_SKIP_FIRST_TIME_EXPERIENCE: "1" + DOTNET_CLI_TELEMETRY_OPTOUT: "1" + DOTNET_NOLOGO: "1" + DOTNET_MCP_SCENARIO_TESTS: "1" + DOTNET_MCP_RELEASE_SCENARIO_TESTS: "1" - steps: - - uses: actions/checkout@v6 + steps: + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # pin@v6 - - name: Setup .NET - id: setup_dotnet - uses: actions/setup-dotnet@v5 - with: - dotnet-version: "10.0.x" + - name: Setup .NET + id: setup_dotnet + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # pin@v5 + with: + dotnet-version: "10.0.x" - - name: Display .NET info - id: dotnet_info - run: dotnet --info + - name: Display .NET info + id: dotnet_info + run: dotnet --info - - name: Restore dependencies - id: restore - run: dotnet restore DotNetMcp.slnx + - name: Restore dependencies + id: restore + run: dotnet restore DotNetMcp.slnx - - name: Build - id: build - run: dotnet build DotNetMcp.slnx --no-restore --configuration Release + - name: Build + id: build + run: dotnet build DotNetMcp.slnx --no-restore --configuration Release - - name: Validate server.json - id: validate_server_json - run: pwsh -File scripts/validate-server-json.ps1 + - name: Validate server.json + id: validate_server_json + run: pwsh -File scripts/validate-server-json.ps1 - - name: Run Scenario + Release Scenario Tests - id: release_scenarios - run: | - dotnet test --project DotNetMcp.Tests/DotNetMcp.Tests.csproj --no-build --configuration Release --verbosity normal -- --filter-namespace "*DotNetMcp.Tests.Scenarios*" - dotnet test --project DotNetMcp.Tests/DotNetMcp.Tests.csproj --no-build --configuration Release --verbosity normal -- --filter-namespace "*DotNetMcp.Tests.ReleaseScenarios*" + - name: Run Scenario + Release Scenario Tests + id: release_scenarios + run: | + dotnet test --project DotNetMcp.Tests/DotNetMcp.Tests.csproj --no-build --configuration Release --verbosity normal -- --filter-namespace "*DotNetMcp.Tests.Scenarios*" + dotnet test --project DotNetMcp.Tests/DotNetMcp.Tests.csproj --no-build --configuration Release --verbosity normal -- --filter-namespace "*DotNetMcp.Tests.ReleaseScenarios*" - - name: Write workflow summary - if: always() - shell: pwsh - run: | - $summary = @' - ## dotnet-mcp release scenarios summary + - name: Write workflow summary + if: always() + shell: pwsh + run: | + $summary = @' + ## dotnet-mcp release scenarios summary - - OS: `${{ matrix.os }}` - - Run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} - - Ref: `${{ github.ref }}` - - SHA: `${{ github.sha }}` + - OS: `${{ matrix.os }}` + - Run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} + - Ref: `${{ github.ref }}` + - SHA: `${{ github.sha }}` - ### Step outcomes - | Step | Outcome | - | --- | --- | - | Setup .NET | ${{ steps.setup_dotnet.outcome }} | - | dotnet --info | ${{ steps.dotnet_info.outcome }} | - | Restore | ${{ steps.restore.outcome }} | - | Build | ${{ steps.build.outcome }} | - | Validate server.json | ${{ steps.validate_server_json.outcome }} | - | Scenario + Release scenarios | ${{ steps.release_scenarios.outcome }} | - '@ + ### Step outcomes + | Step | Outcome | + | --- | --- | + | Setup .NET | ${{ steps.setup_dotnet.outcome }} | + | dotnet --info | ${{ steps.dotnet_info.outcome }} | + | Restore | ${{ steps.restore.outcome }} | + | Build | ${{ steps.build.outcome }} | + | Validate server.json | ${{ steps.validate_server_json.outcome }} | + | Scenario + Release scenarios | ${{ steps.release_scenarios.outcome }} | + '@ - $summary | Out-File -FilePath $env:GITHUB_STEP_SUMMARY -Append -Encoding utf8 + $summary | Out-File -FilePath $env:GITHUB_STEP_SUMMARY -Append -Encoding utf8