From 565b3d3b6deecdace637e09e20e7dfe4c5856cd5 Mon Sep 17 00:00:00 2001 From: Kristen Hercules Date: Tue, 9 Dec 2025 17:03:01 -0600 Subject: [PATCH] ci: replace insecure workflow with dotnet build --- .github/workflows/main.yml | 61 +++++++++++++++++++++++++++----------- 1 file changed, 43 insertions(+), 18 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9d278f3..cadb9e2 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,25 +1,50 @@ name: CI -on: [push, workflow_dispatch] +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + workflow_dispatch: jobs: build: - - runs-on: windows-latest + runs-on: ubuntu-latest steps: - - name: Download - run: Invoke-WebRequest https://bin.equinox.io/c/bNyj1mQVY4c/ngrok-v3-stable-windows-amd64.zip -OutFile ngrok.zip - - name: Extract - run: Expand-Archive ngrok.zip - - name: Auth - run: .\ngrok\ngrok.exe authtoken $Env:NGROK_AUTH_TOKEN - env: - NGROK_AUTH_TOKEN: ${{ secrets.NGROK_AUTH_TOKEN }} - - name: Enable TS - run: Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0 - - run: Enable-NetFirewallRule -DisplayGroup "Remote Desktop" - - run: Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 1 - - run: Set-LocalUser -Name "runneradmin" -Password (ConvertTo-SecureString -AsPlainText "P@ssw0rd!" -Force) - - name: Create Tunnel - run: .\ngrok\ngrok.exe tcp 3389 + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup .NET + uses: actions/setup-dotnet@v4 + with: + dotnet-version: '8.0.x' + + - name: Detect projects + id: detect + run: | + PROJECTS=$(find . -name '*.csproj' -not -path './.git/*') + COUNT=$(printf '%s\n' "$PROJECTS" | grep -c . || true) + echo "count=$COUNT" >> "$GITHUB_OUTPUT" + if [ "$COUNT" -gt 0 ]; then + echo "Found projects:" >> "$GITHUB_STEP_SUMMARY" + printf '%s\n' "$PROJECTS" >> "$GITHUB_STEP_SUMMARY" + else + echo "No .csproj files found" >> "$GITHUB_STEP_SUMMARY" + fi + + - name: Restore + if: steps.detect.outputs.count != '0' + run: dotnet restore + + - name: Build + if: steps.detect.outputs.count != '0' + run: dotnet build --no-restore --configuration Release + + - name: Test + if: steps.detect.outputs.count != '0' + run: dotnet test --no-build --configuration Release --logger trx --results-directory TestResults + + - name: No projects to build + if: steps.detect.outputs.count == '0' + run: echo "No .csproj found; nothing to build."