Skip to content

feat: delta scan

feat: delta scan #389

Workflow file for this run

name: Pull Request Workflow
on:
pull_request:
concurrency:
group: ${{ github.head_ref }}
cancel-in-progress: true
env:
SOLUTION_FILE_PATH: .
DEFAULT_BRANCH: main
jobs:
security-open-source-scan:
runs-on: ubuntu-latest
environment: snyk-msbuild-envs
steps:
- uses: actions/checkout@v4
- name: Setup .NET
uses: actions/setup-dotnet@v4
- name: Restore dependencies
run: dotnet restore /home/runner/work/snyk-visual-studio-plugin/snyk-visual-studio-plugin
- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/dotnet@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
command: test
args:
--all-projects
--exclude=Snyk.VisualStudio.Extension.Tests,Snyk.Common.Tests,Snyk.Code.Library.Tests,Tests
--severity-threshold=high
security-code-scan:
runs-on: ubuntu-latest
environment: snyk-msbuild-envs
steps:
- uses: actions/checkout@v4
- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/dotnet@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
command: code test
args:
--severity-threshold=high
build-project:
uses: snyk/snyk-visual-studio-plugin/.github/workflows/build-project.yml@main
with:
solution-file-path: .
secrets: inherit
test:
needs: build-project
name: Run Unit-Tests
runs-on: windows-2022
defaults:
run:
working-directory: ${{ github.workspace }}
env:
TEST_API_TOKEN: ${{ secrets.TEST_API_TOKEN }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
name: build-artifacts
- name: Setup VSTest
uses: darenm/Setup-VSTest@v1
- name: Tests
run: vstest.console.exe **\*.Tests.dll /TestCaseFilter:"FullyQualifiedName!=Xunit.Instances.VisualStudio&integration!=true" #exclude integration tests and the psuedo-tests that launch a VS instance
run-integration-tests:
needs: build-project
uses: snyk/snyk-visual-studio-plugin/.github/workflows/integration-tests.yml@main
secrets: inherit