Project-MONAI
diff --git a/‎.github/.gitversion.yml
-1 b/‎.github/.gitversion.yml
-1
diff --git a/‎.github/containerscan/allowedlist.yaml
-18 b/‎.github/containerscan/allowedlist.yaml
-18
diff --git a/‎.github/workflows/ci.yml
+66-32 b/‎.github/workflows/ci.yml
+66-32
diff --git a/‎.licenserc.yaml
+1-1 b/‎.licenserc.yaml
+1-1
diff --git a/‎Dockerfile
-1 b/‎Dockerfile
-1
@@ -12,7 +12,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-next-version: 0.3.2
 assembly-versioning-scheme: MajorMinorPatchTag
 mode: ContinuousDelivery
 branches:
 
@@ -54,21 +54,58 @@ jobs:
 
       - name: Determine Version
         id: gitversion
-        uses: gittools/actions/gitversion/[email protected].14
+        uses: gittools/actions/gitversion/[email protected].15
         with:
           useConfigFile: true
           configFilePath: .github/.gitversion.yml
 
+  CodeQL-Analyze:
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+      with:
+        fetch-depth: 0
+
+    - uses: actions/setup-dotnet@v3
+      with:
+        dotnet-version: "6.0.x"
+
+    - name: Enable NuGet cache
+      uses: actions/[email protected]
+      with:
+        path: ~/.nuget/packages
+        key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }}
+        restore-keys: |
+          ${{ runner.os }}-nuget
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: csharp
+
+    - name: Restore dependencies
+      run: dotnet restore
+      working-directory: ./src
+
+    - name: Build Solution
+      run: dotnet build -c ${{ env.BUILD_CONFIG }} --nologo ${{ env.SOLUTION }}
+      working-directory: ./src
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
+
   analyze:
     runs-on: ubuntu-latest
     permissions:
       actions: read
       contents: read
       security-events: write
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'csharp' ]
 
     steps:
     - name: Checkout repository
@@ -84,7 +121,7 @@ jobs:
       run: echo "/home/linuxbrew/.linuxbrew/bin:/home/linuxbrew/.linuxbrew/sbin" >> $GITHUB_PATH
 
     - name: Install License Finder tool with Homebrew
-      uses: tecoli-com/actions-use-homebrew-tools@v0.4
+      uses: tecoli-com/actions-use-homebrew-tools@v1.1
       with:
         tools: licensefinder
         cache: yes
@@ -97,13 +134,12 @@ jobs:
         restore-keys: |
           ${{ runner.os }}-nuget
 
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: ${{ matrix.language }}
-
-    - name: Install NuGetDefense
-      run: dotnet tool install --global NuGetDefense.Tool
+    - name: Nuget Vulnerabiilty Scan
+      run: |
+        dotnet list package --vulnerable 2>&1 | tee vulnerable.txt
+        echo "Analyzing dotnet list package command log output..."
+        sh -c "! grep 'has the following vulnerable packages' vulnerable.txt"
+      working-directory: ./src
 
     - name: Restore dependencies
       run: dotnet restore
@@ -113,27 +149,25 @@ jobs:
       run: dotnet build -c ${{ env.BUILD_CONFIG }} --nologo ${{ env.SOLUTION }}
       working-directory: ./src
 
-    - name: NuGetDefense Scanning
-      continue-on-error: true
-      run: |
-        sed -i "s/OSSINDEXAPI_TOKEN/$OSSINDEXAPI_TOKEN/g" NuGetDefense.json
-        sed -i "s/OSSINDEXAPI_USERNAME/$OSSINDEXAPI_USERNAME/g" NuGetDefense.json
-        nugetdefense -p src/${{ env.SOLUTION }} --settings-file NuGetDefense.json
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
-
     - name: Secret detection
       uses: gitleaks/[email protected]
 
     - name: Perform License Scanning
       run: license_finder -r
 
     - name: Check License Header
-      uses: apache/skywalking-eyes@main
+      uses: apache/skywalking-eyes@v0.4.0
 
   unit-test:
     runs-on: ubuntu-latest
+    services:
+      mongo:
+        image: mongo
+        env:
+          MONGO_INITDB_ROOT_USERNAME: root
+          MONGO_INITDB_ROOT_PASSWORD: rootpassword
+        ports:
+        - 27017:27017
     steps:
       - name: Set up JDK 11
         uses: actions/setup-java@v3
@@ -206,13 +240,14 @@ jobs:
   integration-test:
     runs-on: ubuntu-latest
     timeout-minutes: 30
-    needs: [build]
     strategy:
       matrix:
         feature: [AcrApi, DicomDimseScp, DicomDimseScu, DicomWebExport, DicomWebStow, HealthLevel7, Fhir]
+        database: [ef, mongodb]
       fail-fast: false
     env:
       TAG: ${{ needs.build.outputs.TAG }}
+      DOTNET_TEST: ${{ matrix.database }}
     steps:
       - name: Checkout repository
         uses: actions/checkout@v3
@@ -252,7 +287,6 @@ jobs:
           name: integration-${{ matrix.feature }}
           path: |
             ${{ github.workspace }}/LivingDoc.html
-            ${{ github.workspace }}/metrics.log
             ${{ github.workspace }}/services.log
             ${{ github.workspace }}/run.log
           retention-days: 30
@@ -368,7 +402,7 @@ jobs:
 
       - name: Anchore container scan
         id: anchore-scan
-        uses: anchore/[email protected].0
+        uses: anchore/[email protected].1
         if: ${{ (matrix.os == 'ubuntu-latest') }}
         with:
           image: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
@@ -448,7 +482,7 @@ jobs:
   release:
     if: ${{ contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/heads/develop') ||contains(github.head_ref, 'release/') || contains(github.head_ref, 'feature/') || contains(github.head_ref, 'develop') }}
     runs-on: ubuntu-latest
-    needs: [calc-version, unit-test, docs, integration-test]
+    needs: [calc-version, unit-test, docs, integration-test, analyze]
     env:
       SEMVER: ${{ needs.calc-version.outputs.semVer }}
       PRERELEASELABEL: ${{ needs.calc-version.outputs.preReleaseLabel }}
@@ -473,12 +507,12 @@ jobs:
           msg: ${{ github.repository }}
 
       - name: Install GitReleaseManager
-        uses: gittools/actions/gitreleasemanager/[email protected].14
+        uses: gittools/actions/gitreleasemanager/[email protected].15
         with:
           versionSpec: "0.13.x"
 
       - name: Create release with GitReleaseManager
-        uses: gittools/actions/gitreleasemanager/[email protected].14
+        uses: gittools/actions/gitreleasemanager/[email protected].15
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           owner: ${{ steps.repo.outputs._0 }}
@@ -491,7 +525,7 @@ jobs:
             artifacts/mig-docs-${{ env.SEMVER }}.zip
 
       - name: Publish release with GitReleaseManager
-        uses: gittools/actions/gitreleasemanager/[email protected].14
+        uses: gittools/actions/gitreleasemanager/[email protected].15
         if: ${{ contains(github.ref, 'refs/heads/main') }}
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
@@ -500,7 +534,7 @@ jobs:
           tagName: ${{ env.MAJORMINORPATCH }}
 
       - name: Close release with GitReleaseManager
-        uses: gittools/actions/gitreleasemanager/[email protected].14
+        uses: gittools/actions/gitreleasemanager/[email protected].15
         if: ${{ contains(github.ref, 'refs/heads/main') }}
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
 
@@ -30,7 +30,7 @@ header:
     - 'src/.sonarlint/**'
     - 'src/coverlet.runsettings'
     - 'src/Monai.Deploy.InformaticsGateway.sln'
-    - 'src/Database/Migrations/**'
+    - 'src/Database/EntityFramework/Migrations/**'
     - 'demos/**/.env/**'
     - 'demos/**/*.txt'
     - 'doc/dependency_decisions.yml'
 
@@ -35,7 +35,6 @@ ENV DEBIAN_FRONTEND=noninteractive
 RUN apt-get clean \
  && apt-get update \
  && apt-get install -y --no-install-recommends \
-    sqlite3 \
     curl \
     && rm -rf /var/lib/apt/lists