webauthn-interop/.github/workflows/autobuild.yml at 489bf7cc2a53a6d2448aface9f90939fdf488aa0 · MichaelGrafnetter/webauthn-interop · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
name: 'Build and Test'

on:
  push:
    paths:
    - 'Src/**'
    - '.github/workflows/autobuild.yml'
  pull_request:
    paths:
    - 'Src/**'
    - '.github/workflows/autobuild.yml'

jobs:
  build:
    name: 'Build'
    runs-on: windows-2025-vs2026
    timeout-minutes: 10
    permissions:
      contents: read
      issues: read
      checks: write
      pull-requests: write
    env:
      DOTNET_NOLOGO: true
      DOTNET_CLI_TELEMETRY_OPTOUT: true
    steps:
    - name: Checkout Repository
      uses: actions/checkout@v6

    - name: Setup .NET
      uses: actions/setup-dotnet@v5
      with:
          cache: true
          cache-dependency-path: 'Src/*/packages.lock.json'

    - name: Restore NuGet Packages
      run: dotnet restore --locked-mode

    - name: Build Binaries
      run: |
        dotnet build --configuration Release --no-restore
        dotnet build --configuration Debug --no-restore

    - name: Publish PasskeyUI (win-x64)
      run: dotnet publish Src/PasskeyUI/PasskeyUI.csproj --configuration Release --runtime win-x64 --no-restore

    - name: Upload Desktop App as Artifact
      uses: actions/upload-artifact@v7
      with:
        name: PasskeyUI
        path: Build/publish/PasskeyUI/release_win-x64/*

    - name: Build PowerShell Module
      working-directory: Scripts
      shell: powershell
      run: .\Build-PowerShellModule.ps1 -Configuration Debug,Release

    - name: Test PowerShell Module
      env:
        EntraIdTenantId: ${{ secrets.ENTRAIDTENANTID }}
        EntraIdClientId: ${{ secrets.ENTRAIDCLIENTID }}
        EntraIdClientSecret: ${{ secrets.ENTRAIDCLIENTSECRET }}
        EntraIdUserId: ${{ secrets.ENTRAIDUSERID }}
        OktaTenantId: ${{ secrets.OKTATENANTID }}
        OktaClientId: ${{ secrets.OKTACLIENTID }}
        OktaJsonWebKey: ${{ secrets.OKTAJSONWEBKEY }}
        OktaUserId: ${{ secrets.OKTAUSERID }}
      shell: powershell
      run: Src/DSInternals.Passkeys/Test.ps1 -Configuration Debug

    - name: Upload PowerShell Module as Artifact
      uses: actions/upload-artifact@v7
      with:
        name: PowerShell
        path: Build/bin/PSModule/Release/*

    - name: Create NuGet Packages
      run: dotnet pack --configuration Release --no-build

    - name: Upload NuGet Packages as Artifacts
      uses: actions/upload-artifact@v7
      with:
        name: NuGet
        path: Build/package/release/*nupkg

    - name: Run Non-Interactive Unit Tests
      run: dotnet test --filter TestCategory!=Interactive --configuration Debug --no-build --results-directory Build/TestResults --report-trx --coverage --coverage-output-format cobertura
      continue-on-error: true

    - name: Publish Test Results
      uses: EnricoMi/publish-unit-test-result-action/windows@v2
      if: always()
      with:
        files: Build\TestResults\**\*.trx

    - name: Cache DotNet Global Tools
      id: cache-dotnet-globaltools
      uses: actions/cache@v5
      with:
        path: ~/.dotnet/tools
        # Heuristics: The current list of required global tools is defined in this workflow file.
        key: ${{ runner.os }}-DotNET-GlobalTools-Build-${{ hashFiles('.github/workflows/autobuild.yml') }}

    - name: Install Coverage Report Generator
      if: ${{ steps.cache-dotnet-globaltools.outputs.cache-hit != 'true' }}
      run: dotnet tool install --global dotnet-reportgenerator-globaltool

    - name: Generate Code Coverage Reports
      working-directory: Build/TestResults
      run: reportgenerator -reports:*.cobertura.xml -targetdir:. -reporttypes:"HtmlSummary" -title:"WebAuthn Interop Assembly"

    - name: Upload Test Results
      uses: actions/upload-artifact@v7
      with:
        name: TestResults
        path: |
            Build/TestResults/*.*
            !**/*.htm

  analyze:
    name: Analyze (${{ matrix.language }})
    runs-on: windows-2025-vs2026
    permissions:
      security-events: write
      packages: read
      # only required for workflows in private repositories
      actions: read
      contents: read

    strategy:
      fail-fast: false
      matrix:
        include:
        - language: actions
          build-mode: none
        - language: csharp
          build-mode: none

    steps:
    - name: Checkout repository
      uses: actions/checkout@v6

    - name: Initialize CodeQL
      uses: github/codeql-action/init@v4
      with:
        languages: ${{ matrix.language }}
        build-mode: ${{ matrix.build-mode }}
        queries: code-scanning # Options: code-scanning, security-extended, security-and-quality

    - name: Perform CodeQL Analysis
      uses: github/codeql-action/analyze@v4
      with:
        category: "/language:${{ matrix.language }}"