From b794f3b6c7384cbf079f22ebc4513d727b27c24c Mon Sep 17 00:00:00 2001 From: Vincent Biret Date: Tue, 6 Jan 2026 16:06:13 -0500 Subject: [PATCH 1/2] ci: sync with main Signed-off-by: Vincent Biret --- .../OpenAPI.NET.OData-branch-protection.yml | 36 ++++++++++++++++ .github/release-please.yml | 3 ++ .github/workflows/ci-cd.yml | 4 +- .github/workflows/codeql-analysis.yml | 12 +++--- .github/workflows/release-please-gha.yml | 43 +++++++++++++++++++ .github/workflows/sonarcloud.yml | 9 ++-- .github/workflows/validate-descriptions.yml | 10 ++--- 7 files changed, 100 insertions(+), 17 deletions(-) create mode 100644 .github/workflows/release-please-gha.yml diff --git a/.github/policies/OpenAPI.NET.OData-branch-protection.yml b/.github/policies/OpenAPI.NET.OData-branch-protection.yml index 7a91aec7..ffd1f84a 100644 --- a/.github/policies/OpenAPI.NET.OData-branch-protection.yml +++ b/.github/policies/OpenAPI.NET.OData-branch-protection.yml @@ -49,6 +49,42 @@ configuration: # This branch pattern applies to the following branches as of 06/09/2024 20:45:44: # support/v1 + # Specifies whether this branch can be deleted. boolean + allowsDeletions: false + # Specifies whether forced pushes are allowed on this branch. boolean + allowsForcePushes: false + # Specifies whether new commits pushed to the matching branches dismiss pull request review approvals. boolean + dismissStaleReviews: true + # Specifies whether admins can overwrite branch protection. boolean + isAdminEnforced: false + # Indicates whether "Require a pull request before merging" is enabled. boolean + requiresPullRequestBeforeMerging: true + # Specifies the number of pull request reviews before merging. int (0-6). Should be null/empty if PRs are not required + requiredApprovingReviewsCount: 1 + # Require review from Code Owners. Requires requiredApprovingReviewsCount. boolean + requireCodeOwnersReview: true + # Are commits required to be signed. boolean. TODO: all contributors must have commit signing on local machines. + requiresCommitSignatures: false + # Are conversations required to be resolved before merging? boolean + requiresConversationResolution: true + # Are merge commits prohibited from being pushed to this branch. boolean + requiresLinearHistory: false + # Required status checks to pass before merging. Values can be any string, but if the value does not correspond to any existing status check, the status check will be stuck on pending for status since nothing exists to push an actual status + requiredStatusChecks: + - license/cla + - Continuous Integration + - CodeQL + # Require branches to be up to date before merging. This should be false since the repo contains autogenerated files. boolean + requiresStrictStatusChecks: false + # Indicates whether there are restrictions on who can push. boolean. Should be set with whoCanPush. + restrictsPushes: false + # Restrict who can dismiss pull request reviews. boolean + restrictsReviewDismissals: false + + - branchNamePattern: support/v2 + # This branch pattern applies to the following branches as of 06/09/2024 20:45:44: + # support/v1 + # Specifies whether this branch can be deleted. boolean allowsDeletions: false # Specifies whether forced pushes are allowed on this branch. boolean diff --git a/.github/release-please.yml b/.github/release-please.yml index c821fc16..ce23f6ec 100644 --- a/.github/release-please.yml +++ b/.github/release-please.yml @@ -3,5 +3,8 @@ primaryBranch: main handleGHRelease: true branches: - branch: support/v1 + manifest: true + handleGHRelease: true + - branch: support/v2 manifest: true handleGHRelease: true \ No newline at end of file diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 625fd765..660e7b22 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -17,7 +17,7 @@ jobs: GITHUB_RUN_NUMBER: ${{ github.run_number }} steps: - name: Setup .NET - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: 8.0.x @@ -44,7 +44,7 @@ jobs: - name: Checkout repository id: checkout_repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 0 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 56409ee7..aaa85d12 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -13,10 +13,10 @@ name: "CodeQL" on: push: - branches: [ main, support/v1 ] + branches: [ main, support/v1, support/v2 ] pull_request: # The branches below must be a subset of the branches above - branches: [ main, support/v1 ] + branches: [ main, support/v1, support/v2 ] schedule: - cron: '32 2 * * 6' workflow_dispatch: @@ -39,16 +39,16 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup .NET - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: 8.0.x # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -76,4 +76,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 diff --git a/.github/workflows/release-please-gha.yml b/.github/workflows/release-please-gha.yml new file mode 100644 index 00000000..e54172da --- /dev/null +++ b/.github/workflows/release-please-gha.yml @@ -0,0 +1,43 @@ +## ----------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See LICENSE.txt in the project root for license information. +## ----------------------------------------------------------------------------- +# +# Summary: +# This GitHub Actions workflow automates the release process using Release Please. +# It triggers on pushes to the main branch, generates a GitHub App token using organization +# variables and secrets, and then runs the release-please-action to manage versioning and changelogs. + +name: Release Please + +on: + push: + branches: + - main + - support/v1 + - support/v2 + +permissions: + contents: read + +jobs: + release-please-master: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v6 + + - name: Generate GitHub App token + id: app-token + uses: actions/create-github-app-token@v2 + with: + app-id: ${{ vars.RELEASE_PLEASE_TOKEN_PROVIDER_APP_ID }} + private-key: ${{ secrets.RELEASE_PLEASE_TOKEN_PROVIDER_PEM }} + + - name: Release Please + uses: googleapis/release-please-action@v4 + with: + token: ${{ steps.app-token.outputs.token }} + config-file: release-please-config.json + manifest-file: .release-please-manifest.json + target-branch: ${{ github.ref_name }} diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index 567536c5..d18fbb41 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -5,6 +5,7 @@ on: branches: - main - support/v1 + - support/v2 paths-ignore: ['.vscode/**'] pull_request: types: [opened, synchronize, reopened] @@ -35,19 +36,19 @@ jobs: runs-on: windows-latest steps: - name: Set up JDK 17 - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: 'adopt' java-version: 17 - name: Setup .NET - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: 8.0.x - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: Cache SonarCloud packages - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar diff --git a/.github/workflows/validate-descriptions.yml b/.github/workflows/validate-descriptions.yml index a9a0d36d..5027d45a 100644 --- a/.github/workflows/validate-descriptions.yml +++ b/.github/workflows/validate-descriptions.yml @@ -2,9 +2,9 @@ name: OpenAPI Parser Validation for latest OpenAPI docs on: push: - branches: [ main, support/v1 ] + branches: [ main, support/v1, support/v2 ] pull_request: - branches: [ main, support/v1 ] + branches: [ main, support/v1, support/v2 ] jobs: @@ -13,7 +13,7 @@ jobs: outputs: matrix: ${{ steps.set-descriptions.outputs.matrix }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - id: set-descriptions run: echo "::set-output name=matrix::$(ls test/**/Resources/*.{json,yaml} | sed 's/.*\///' | jq -R -s -c 'split("\n")[:-1]')" @@ -26,11 +26,11 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: submodules: recursive - name: Validate description with redocly uses: fluximus-prime/redocly-cli-github-action@v1 with: - args: 'lint test/Microsoft.OpenAPI.OData.Reader.Tests/Resources/${{ matrix.descriptions }} --skip-rule operation-4xx-response --skip-rule no-server-trailing-slash --skip-rule no-unused-components --skip-rule security-defined --skip-rule info-license-url --skip-rule info-license --skip-rule no-empty-servers --skip-rule operation-summary --skip-rule tag-description --max-problems 1000' \ No newline at end of file + args: 'lint test/Microsoft.OpenAPI.OData.Reader.Tests/Resources/${{ matrix.descriptions }} --max-problems 1000 --config redocly.yaml' \ No newline at end of file From ca117079107f2e372674fef3356b8daf72985799 Mon Sep 17 00:00:00 2001 From: Vincent Biret Date: Tue, 6 Jan 2026 16:06:33 -0500 Subject: [PATCH 2/2] cd: syncs with main Signed-off-by: Vincent Biret --- .azure-pipelines/ci-build.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.azure-pipelines/ci-build.yml b/.azure-pipelines/ci-build.yml index cedb47a0..836c94d2 100644 --- a/.azure-pipelines/ci-build.yml +++ b/.azure-pipelines/ci-build.yml @@ -8,6 +8,7 @@ trigger: include: - main - support/v1 + - support/v2 tags: include: - 'v*' @@ -16,6 +17,7 @@ pr: include: - main - support/v1 + - support/v2 variables: buildPlatform: 'Any CPU'