Skip to content

Refine the CI pipeline #74

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
RemakingEden merged 16 commits into from
Apr 5, 2022
Merged

Refine the CI pipeline #74

RemakingEden merged 16 commits into from
Apr 5, 2022

Conversation

@JossSparkesAnswer
Copy link
Collaborator

@JossSparkesAnswer JossSparkesAnswer commented Apr 4, 2022
edited
Loading

I have made some changes to the pipeline to bring it closer to the informatics gateway. The changes are:

  • Added CodeQL scanning
  • Added Dependency scanning
  • Placed SonarQube in the unit tests so it can receive code coverage info
  • Added secrets scanning

@codecov
Copy link

codecov bot commented Apr 4, 2022
edited
Loading

Codecov Report

Merging #74 (4c088e0) into develop (75438f2) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@              Coverage Diff              @@
##             develop         #74   +/-   ##
=============================================
  Coverage   53.64583%   53.64583%           
=============================================
  Files              8           8           
  Lines            192         192           
  Branches           8           8           
=============================================
  Hits             103         103           
  Misses            88          88           
  Partials           1           1
Flag Coverage Δ
unittests 53.64583% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 75438f2...4c088e0. Read the comment docs.

@JossSparkesAnswer JossSparkesAnswer changed the title Add SonarQube with code coverage to CI Refined the CI pipeline Apr 4, 2022
@JossSparkesAnswer JossSparkesAnswer marked this pull request as ready for review April 4, 2022 10:53
@JossSparkesAnswer JossSparkesAnswer marked this pull request as draft April 4, 2022 14:32
@JossSparkesAnswer JossSparkesAnswer marked this pull request as ready for review April 4, 2022 15:16
@JossSparkesAnswer
Copy link
Collaborator Author

JossSparkesAnswer commented Apr 4, 2022

I believe there is still license scanning that needs to be added to the pipeline to ensure we are open source compliant with all our NuGet packages.

@mocsharp A couple of questions for yourself:

  • The dependency scanning is currently only using CVE's, it can be configured with https://github.com/advisories however this needs an api token, do you think this is worth it? And if so which account should we get the api token from?
  • Do you know of any good License scanning tools? I'm struggling to find them for dotnet

@JossSparkesAnswer JossSparkesAnswer changed the title Refined the CI pipeline Refine the CI pipeline Apr 4, 2022
@dbericat dbericat requested a review from evberrypi April 4, 2022 15:43
mocsharp
mocsharp approved these changes Apr 4, 2022
View reviewed changes
Copy link
Collaborator

@mocsharp mocsharp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sonarqubecloud
Copy link

sonarqubecloud bot commented Apr 5, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@JossSparkesAnswer JossSparkesAnswer linked an issue Apr 5, 2022 that may be closed by this pull request
Refine CI pipeline #76
Closed
@RemakingEden RemakingEden merged commit e8e4f76 into develop Apr 5, 2022
@RemakingEden RemakingEden deleted the jsparkes/refine-ci branch April 5, 2022 15:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mocsharp mocsharp mocsharp approved these changes

@evberrypi evberrypi Awaiting requested review from evberrypi

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Refine CI pipeline

4 participants

@JossSparkesAnswer @mocsharp @RemakingEden