Skip to content

Update NuGet dependencies to fix vulnerability warn and build failure… #1015

Update NuGet dependencies to fix vulnerability warn and build failure…

Update NuGet dependencies to fix vulnerability warn and build failure… #1015

Workflow file for this run

name: CI
on: [ push, pull_request, workflow_dispatch ]
jobs:
build:
strategy:
fail-fast: false
matrix:
include:
- os: ubuntu-22.04
artifact-name: Linux
build-options: "-PlinuxBuild"
- os: ubuntu-22.04
artifact-name: LinuxArm64
build-options: "-PlinuxBuildArm64"
- os: macos-latest
artifact-name: macOS
build-options: "-PmacBuild"
- os: macos-latest
artifact-name: macOSArm
build-options: "-PmacBuildArm"
- os: windows-latest
artifact-name: Win64
build-options: ""
name: "Build - ${{ matrix.artifact-name }}"
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- uses: gradle/actions/wrapper-validation@v3
- uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.x
- uses: actions/setup-java@v4
with:
java-version: 17
distribution: temurin
- name: Import Developer ID Certificate
uses: wpilibsuite/import-signing-certificate@v2
with:
certificate-data: ${{ secrets.APPLE_CERTIFICATE_DATA }}
certificate-passphrase: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
keychain-password: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }}
if: |
(matrix.artifact-name == 'macOS' || matrix.artifact-name == 'macOSArm') &&
github.repository_owner == 'wpilibsuite' &&
(github.event_name == 'push' || github.event_name == 'workflow_dispatch')
- name: Set Keychain Lock Timeout
run: security set-keychain-settings -lut 2700
if: |
(matrix.artifact-name == 'macOS' || matrix.artifact-name == 'macOSArm') &&
github.repository_owner == 'wpilibsuite' &&
(github.event_name == 'push' || github.event_name == 'workflow_dispatch')
- name: Install roboRIO Toolchain
shell: bash
run: ./gradlew installRoboRioToolchain
- name: Build Installer (PR)
shell: bash
run: ./gradlew generateInstallers -PjenkinsBuild ${{ matrix.build-options }}
if: |
github.repository_owner != 'wpilibsuite' ||
(github.event_name != 'push' && github.event_name != 'workflow_dispatch')
- name: Build Installer (Main)
shell: bash
run: |
./gradlew generateInstallers -PjenkinsBuild ${{ matrix.build-options }} \
-PdeveloperID=${{ secrets.APPLE_DEVELOPER_ID }} \
-Pnotarization-username=${{ secrets.APPLE_NOTARIZATION_USERNAME }} \
-Pnotarization-teamid=${{ secrets.APPLE_NOTARIZATION_TEAMID }} \
-Pnotarization-password=${{ secrets.APPLE_NOTARIZATION_PASSWORD }}
if: |
github.repository_owner == 'wpilibsuite' &&
(github.event_name == 'push' || github.event_name == 'workflow_dispatch')
- uses: actions/upload-artifact@v4
with:
name: ${{ matrix.artifact-name }}
path: build/pubOutputs/
release:
name: "Release"
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@v4
- name: Print Checksums
run: |
md5sum **/*
sha256sum **/*
- uses: jfrog/setup-jfrog-cli@v4
with:
disable-auto-build-publish: true
if: |
github.repository_owner == 'wpilibsuite' &&
startsWith(github.ref, 'refs/tags/v')
env:
JF_ENV_1: ${{ secrets.ARTIFACTORY_CLI_SECRET }}
- name: Upload to Artifactory
if: |
github.repository_owner == 'wpilibsuite' &&
startsWith(github.ref, 'refs/tags/v')
run: jfrog rt u "**/*" "installer/${GITHUB_REF#refs/tags/}/"
- name: Setup Rclone
uses: AnimMouse/setup-rclone@v1
- name: Upload to Cloudflare
if: |
github.repository_owner == 'wpilibsuite' &&
startsWith(github.ref, 'refs/tags/v')
run: |
rclone copy "." "s3:wpilib1-enam/installer/${GITHUB_REF#refs/tags/}/"
env:
RCLONE_CONFIG_S3_TYPE: s3
RCLONE_CONFIG_S3_PROVIDER: Cloudflare
RCLONE_CONFIG_S3_ENDPOINT: ${{ secrets.CLOUDFLARE_ENDPOINT }}
RCLONE_CONFIG_S3_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_ACCESS_KEY_ID }}
RCLONE_CONFIG_S3_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_SECRET_ACCESS_KEY }}
format:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.x
- name: Run dotnet format
run: dotnet format
- name: Verify formatters made no changes
run: git --no-pager diff --exit-code HEAD