chore: Bump FluentAssertions from 8.3.0 to 8.8.0 #63

Workflow file for this run

	name: CI/CD Pipeline

	on:
	push:
	branches: [ main ]
	tags: [ 'v*' ]
	pull_request:
	branches: [ main ]

	env:
	DOTNET_VERSION: '9.0.x'
	REGISTRY: ghcr.io
	IMAGE_NAME: ${{ github.repository }}

	jobs:
	test:
	name: Build and Test
	runs-on: ubuntu-latest

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Setup .NET
	uses: actions/setup-dotnet@v4
	with:
	dotnet-version: ${{ env.DOTNET_VERSION }}

	- name: Restore dependencies
	run: dotnet restore AzureDevOps.MCP.slnx

	- name: Build solution
	run: dotnet build AzureDevOps.MCP.slnx --configuration Release --no-restore

	- name: Run unit tests
	run: dotnet test AzureDevOps.MCP.slnx --configuration Release --no-build --verbosity normal

	- name: Upload test results
	uses: actions/upload-artifact@v4
	if: always()
	with:
	name: test-results
	path: '/TestResults//*'

	security-scan:
	name: Security Scan
	runs-on: ubuntu-latest
	needs: test
	permissions:
	security-events: write

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Setup .NET
	uses: actions/setup-dotnet@v4
	with:
	dotnet-version: ${{ env.DOTNET_VERSION }}

	- name: Restore dependencies
	run: dotnet restore AzureDevOps.MCP.slnx

	- name: Run .NET security analysis
	run: \|
	# Run built-in .NET security analysis
	dotnet build AzureDevOps.MCP.slnx --configuration Release --verbosity normal /p:RunAnalyzersDuringBuild=true
	continue-on-error: true

	container-security-scan:
	name: Container Security Scan
	runs-on: ubuntu-latest
	needs: [test, security-scan]
	if: startsWith(github.ref, 'refs/tags/v')
	permissions:
	contents: read
	security-events: write

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Build Docker image for scanning
	uses: docker/build-push-action@v5
	with:
	context: .
	platforms: linux/amd64
	push: false
	tags: local/azuredevops-mcp:scan
	load: true
	build-args: \|
	BUILD_CONFIGURATION=Release
	VERSION=${{ github.ref_name }}

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	image-ref: 'local/azuredevops-mcp:scan'
	format: 'sarif'
	output: 'trivy-results.sarif'

	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v3
	if: always()
	with:
	sarif_file: 'trivy-results.sarif'

	build-and-push-docker:
	name: Build and Push Docker Image
	runs-on: ubuntu-latest
	needs: [test, security-scan, container-security-scan]
	if: startsWith(github.ref, 'refs/tags/v')
	permissions:
	contents: read
	packages: write

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Log in to GitHub Container Registry
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract metadata
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
	tags: \|
	type=ref,event=tag
	type=raw,value=latest

	- name: Build and push Docker image
	uses: docker/build-push-action@v5
	with:
	context: .
	platforms: linux/amd64,linux/arm64
	push: true
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max
	build-args: \|
	BUILD_CONFIGURATION=Release
	VERSION=${{ github.ref_name }}


	create-release:
	name: Create Release
	runs-on: ubuntu-latest
	needs: [test, security-scan, container-security-scan]
	if: startsWith(github.ref, 'refs/tags/v')
	permissions:
	contents: write

	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Setup .NET
	uses: actions/setup-dotnet@v4
	with:
	dotnet-version: ${{ env.DOTNET_VERSION }}

	- name: Build release artifacts
	run: \|
	dotnet publish src/AzureDevOps.MCP/AzureDevOps.MCP.csproj \
	--configuration Release \
	--runtime linux-x64 \
	--self-contained true \
	--output ./artifacts/linux-x64

	dotnet publish src/AzureDevOps.MCP/AzureDevOps.MCP.csproj \
	--configuration Release \
	--runtime win-x64 \
	--self-contained true \
	--output ./artifacts/win-x64

	dotnet publish src/AzureDevOps.MCP/AzureDevOps.MCP.csproj \
	--configuration Release \
	--runtime osx-x64 \
	--self-contained true \
	--output ./artifacts/osx-x64

	- name: Create archives
	run: \|
	cd artifacts
	tar -czf ../azuredevops-mcp-linux-x64.tar.gz linux-x64/
	zip -r ../azuredevops-mcp-win-x64.zip win-x64/
	tar -czf ../azuredevops-mcp-osx-x64.tar.gz osx-x64/

	- name: Generate changelog
	id: changelog
	run: \|
	echo "## What's Changed" > CHANGELOG.md
	git log --pretty=format:"- %s (%h)" $(git describe --tags --abbrev=0)..HEAD >> CHANGELOG.md
	echo "changelog<<EOF" >> $GITHUB_OUTPUT
	cat CHANGELOG.md >> $GITHUB_OUTPUT
	echo "EOF" >> $GITHUB_OUTPUT

	- name: Create Release
	uses: softprops/action-gh-release@v2
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	tag_name: ${{ github.ref_name }}
	name: Release ${{ github.ref_name }}
	body: ${{ steps.changelog.outputs.changelog }}
	draft: false
	prerelease: false
	files: \|
	azuredevops-mcp-linux-x64.tar.gz
	azuredevops-mcp-win-x64.zip
	azuredevops-mcp-osx-x64.tar.gz

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: Bump FluentAssertions from 8.3.0 to 8.8.0 #63

Workflow file

chore: Bump FluentAssertions from 8.3.0 to 8.8.0 #63

Uh oh!

Workflow file for this run