Skip to content

CI/CD: Implement reusable workflows and release automation (v0.2.3) #5

CI/CD: Implement reusable workflows and release automation (v0.2.3)

CI/CD: Implement reusable workflows and release automation (v0.2.3) #5

Workflow file for this run

name: CI
# Continuous Integration - Reusable Workflow
#
# Triggered by:
# 1. Direct: On push/PR to src/ paths or workflow changes
# 2. Indirect: Called by release workflow via workflow_call
#
# Purpose: Validate code quality and functionality on every commit
on:
workflow_call:
push:
branches: [main]
paths:
- src/**
- Datto.DBPool.Refresh/**
- .github/workflows/ci.yml
pull_request:
branches: [main]
permissions:
contents: read
security-events: write
jobs:
test:
name: Pester Tests
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest, macOS-latest]
steps:
- uses: actions/checkout@v6
- name: Setup PowerShell
uses: bjompen/UpdatePWSHAction@v1.0.3
- name: Run Pester Tests
shell: pwsh
run: ./build.ps1 -Task Test -Bootstrap
analyze:
name: PSScriptAnalyzer
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
actions: read
steps:
- uses: actions/checkout@v6
- name: Run PSScriptAnalyzer
uses: microsoft/psscriptanalyzer-action@v1.1
with:
path: .
recurse: true
includeRule: '"PSAvoidGlobalAliases", "PSAvoidUsingConvertToSecureStringWithPlainText"'
output: results.sarif
- name: Upload SARIF results
uses: github/codeql-action/upload-sarif@v4
with:
sarif_file: results.sarif
wait-for-processing: true
quality-gate:
name: CI Quality Gate
runs-on: ubuntu-latest
needs: [test, analyze]
if: always()
steps:
- name: Check Pester test results
if: needs.test.result != 'success'
run: |
echo "[FAIL] Pester tests failed"
exit 1
- name: Check code analysis results
if: needs.analyze.result != 'success'
run: |
echo "[FAIL] Code analysis failed"
exit 1
- name: All CI checks passed
run: echo "[PASS] All CI checks passed - Ready for CD"