Refactor: Migrate CI to GitHub Actions and add Dependabot

Co-authored-by: erik <[email protected]>

Author: cursoragent

.github/dependabot.yml

@@ -0,0 +1,24 @@
+version: 2
+updates:
+  - package-ecosystem: "nuget"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10
+    
+  - package-ecosystem: "nuget"
+    directory: "/FeedlySharp"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10
+    
+  - package-ecosystem: "nuget"
+    directory: "/FeedlySharp.Tests"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10
+    
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/workflows/README.md

@@ -0,0 +1,68 @@
+# GitHub Actions Workflows
+
+This directory contains GitHub Actions workflows for CI/CD and package publishing.
+
+## Workflows
+
+### CI (`ci.yml`)
+Runs on every push and pull request to main/master/develop branches.
+
+**Features:**
+- Builds the project
+- Runs all tests
+- Uploads test results and coverage reports
+- Uses Codecov for coverage reporting
+
+### Pull Request (`pr.yml`)
+Runs on pull requests to main/master/develop branches.
+
+**Features:**
+- Cross-platform testing (Ubuntu, Windows, macOS)
+- Build verification
+- Test execution
+- Code formatting verification
+
+### Release (`release.yml`)
+Publishes NuGet packages when:
+- A tag matching `v*.*.*` is pushed (e.g., `v3.0.0`)
+- Manual workflow dispatch with version input
+
+**Features:**
+- Builds and tests the project
+- Creates NuGet package
+- Publishes to NuGet.org
+- Uploads artifacts
+
+**Required Secrets:**
+- `NUGET_API_KEY` - Your NuGet.org API key
+
+### CodeQL Analysis (`codeql.yml`)
+Security analysis using GitHub's CodeQL.
+
+**Features:**
+- Automated security scanning
+- Runs on pushes, PRs, and weekly schedule
+- C# code analysis
+
+## Setting Up NuGet Publishing
+
+1. Get your NuGet API key from https://www.nuget.org/account/apikeys
+2. Add it as a secret in your GitHub repository:
+   - Go to Settings → Secrets and variables → Actions
+   - Click "New repository secret"
+   - Name: `NUGET_API_KEY`
+   - Value: Your NuGet API key
+3. Create a release tag:
+   ```bash
+   git tag v3.0.0
+   git push origin v3.0.0
+   ```
+   Or use the workflow dispatch feature in the Actions tab.
+
+## Dependabot
+
+Dependabot is configured to automatically update:
+- NuGet packages (weekly)
+- GitHub Actions (weekly)
+
+See `.github/dependabot.yml` for configuration.

.github/workflows/ci.yml

@@ -0,0 +1,49 @@
+name: CI
+
+on:
+  push:
+    branches: [ main, master, develop ]
+  pull_request:
+    branches: [ main, master, develop ]
+
+jobs:
+  build:
+    name: Build and Test
+    runs-on: ubuntu-latest
+    
+    strategy:
+      matrix:
+        dotnet-version: ['10.0.x']
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: ${{ matrix.dotnet-version }}
+        
+    - name: Restore dependencies
+      run: dotnet restore
+      
+    - name: Build
+      run: dotnet build --no-restore --configuration Release
+      
+    - name: Run tests
+      run: dotnet test --no-build --configuration Release --verbosity normal --logger "trx;LogFileName=test-results.trx" --collect:"XPlat Code Coverage"
+      continue-on-error: false
+      
+    - name: Upload test results
+      uses: actions/upload-artifact@v4
+      if: always()
+      with:
+        name: test-results-${{ matrix.dotnet-version }}
+        path: '**/test-results.trx'
+        
+    - name: Upload coverage reports
+      uses: codecov/codecov-action@v4
+      if: always()
+      with:
+        files: '**/coverage.cobertura.xml'
+        fail_ci_if_error: false

.github/workflows/codeql.yml

@@ -0,0 +1,46 @@
+name: CodeQL Analysis
+
+on:
+  push:
+    branches: [ main, master ]
+  pull_request:
+    branches: [ main, master ]
+  schedule:
+    - cron: '0 0 * * 0' # Weekly on Sunday
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'csharp' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: '10.0.x'
+
+    - name: Restore dependencies
+      run: dotnet restore
+
+    - name: Build
+      run: dotnet build --no-restore --configuration Release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3

.github/workflows/pr.yml

@@ -0,0 +1,36 @@
+name: Pull Request
+
+on:
+  pull_request:
+    branches: [ main, master, develop ]
+
+jobs:
+  build:
+    name: Build and Test
+    runs-on: ubuntu-latest
+    
+    strategy:
+      matrix:
+        os: [ubuntu-latest, windows-latest, macos-latest]
+        dotnet-version: ['10.0.x']
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: ${{ matrix.dotnet-version }}
+        
+    - name: Restore dependencies
+      run: dotnet restore
+      
+    - name: Build
+      run: dotnet build --no-restore --configuration Release
+      
+    - name: Run tests
+      run: dotnet test --no-build --configuration Release --verbosity normal
+      
+    - name: Check code formatting
+      run: dotnet format --verify-no-changes --verbosity diagnostic

.github/workflows/release.yml

@@ -0,0 +1,69 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*.*.*'
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'Version to publish (e.g., 3.0.0)'
+        required: true
+        type: string
+
+jobs:
+  build-and-publish:
+    name: Build and Publish to NuGet
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: '10.0.x'
+        
+    - name: Determine version
+      id: version
+      run: |
+        if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then
+          VERSION="${{ github.event.inputs.version }}"
+        else
+          VERSION=${GITHUB_REF#refs/tags/v}
+        fi
+        echo "version=$VERSION" >> $GITHUB_OUTPUT
+        echo "Determined version: $VERSION"
+        
+    - name: Restore dependencies
+      run: dotnet restore
+      
+    - name: Build
+      run: dotnet build --no-restore --configuration Release -p:Version=${{ steps.version.outputs.version }}
+      
+    - name: Run tests
+      run: dotnet test --no-build --configuration Release --verbosity normal
+      
+    - name: Pack
+      run: dotnet pack FeedlySharp/FeedlySharp.csproj --no-build --configuration Release -p:Version=${{ steps.version.outputs.version }} -p:PackageVersion=${{ steps.version.outputs.version }} --output ./artifacts
+      
+    - name: Publish to NuGet
+      env:
+        NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }}
+      run: |
+        if [ -z "$NUGET_API_KEY" ]; then
+          echo "NUGET_API_KEY secret is not set. Skipping NuGet publish."
+          exit 0
+        fi
+        dotnet nuget push ./artifacts/*.nupkg --api-key $NUGET_API_KEY --source https://api.nuget.org/v3/index.json --skip-duplicate
+        
+    - name: Upload artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: nuget-packages
+        path: ./artifacts/*.nupkg
+        retention-days: 30

azure-pipelines.yml

@@ -1,11 +1,9 @@
 ![FeedlySharp](https://raw.githubusercontent.com/Zettersten/FeedlySharp/master/FeedlySharp/feedly.png "FeedlySharp")
 # FeedlySharp
 
-![Build history](https://buildstats.info/azurepipelines/chart/nenvy/FeedlySharp/8)
-
 A high-performance, thread-safe HTTP Client for the Feedly Cloud API, built with .NET 10, source generators, and AOT support. Millions of users depend on their feedly for inspiration, information, and to feed their passions. But one size does not fit all. Individuals have different workflows, different habits, and different devices. In our efforts to evolve feedly from a product to a platform, we have therefore decided to open up the feedly API. Developers are welcome to deliver new applications, experiences, and innovations via the feedly cloud. We feel strongly that this will help to accelerate innovation and better serve our users.
 
-[![Build Status](https://dev.azure.com/nenvy/FeedlySharp/_apis/build/status/Zettersten.FeedlySharp?branchName=master)](https://dev.azure.com/nenvy/FeedlySharp/_build/latest?definitionId=8&branchName=master) [![NuGet Badge](https://buildstats.info/nuget/FeedlySharp)](https://www.nuget.org/packages/FeedlySharp/)
+[![CI](https://github.com/Zettersten/FeedlySharp/workflows/CI/badge.svg)](https://github.com/Zettersten/FeedlySharp/actions/workflows/ci.yml) [![NuGet Badge](https://buildstats.info/nuget/FeedlySharp)](https://www.nuget.org/packages/FeedlySharp/) [![NuGet Version](https://img.shields.io/nuget/v/FeedlySharp.svg)](https://www.nuget.org/packages/FeedlySharp/)
 
 ## Features