Skip to content

Releases: peacefulstudio/github-actions

v2.3.1 — fix csharp-ci shard-result upload for non-root working-directory callers

Choose a tag to compare

@monsieurleberre monsieurleberre released this 19 Jun 11:43
Immutable release. Only release title and notes can be modified.
v2.3.1
796fb81

Fixed

  • Fix csharp-ci.yaml failing the Upload shard result step for callers that pass a non-root working-directory (e.g. working-directory: csharp). The Record shard result step inherited the job's defaults.run.working-directory and wrote ci-result/<name>.txt under that subdirectory, but actions/upload-artifact ignores defaults.run.working-directory and resolves its path: relative to the repo root, so the upload failed with No files were found with the provided path: ci-result/<name>.txt (if-no-files-found: error). The Record shard result step is now pinned to working-directory: ${{ github.workspace }} so it writes at the repo root, matching where upload-artifact reads — mirroring how the adjacent coverage steps are already pinned. Reported by peacefulstudio/canton-localnet-internal.

See #28. Full changelog: https://github.com/peacefulstudio/github-actions/blob/v2.3.1/CHANGELOG.md

v2.3.0 — cheap CI matrix mode (matrix-mode input + CI_MATRIX_MODE)

Choose a tag to compare

@monsieurleberre monsieurleberre released this 18 Jun 12:43
Immutable release. Only release title and notes can be modified.

Added

  • New matrix-mode input on csharp-ci.yaml and scala-ci.yaml, plus a supported org/repo Actions variable CI_MATRIX_MODE, for cheap CI matrix routing.
    • cheap (private/internal repos only): collapses the build/test matrix to a single free self-hosted Hetzner shard (["self-hosted","hetzner"], coverage on), overriding any os-list / build-matrix.
    • full: forces the normal matrix.
    • empty: defers to CI_MATRIX_MODE.
    • Precedence: input > variable > normal matrix.
    • Safety: cheap is ignored (with a warning) on public repositories — self-hosted runners must not run untrusted public/fork-PR workloads.

See #27. Full changelog: https://github.com/peacefulstudio/github-actions/blob/v2.3.0/CHANGELOG.md

v2.2.0 — live README status badges (coverage, CI matrix, releases)

Choose a tag to compare

@monsieurleberre monsieurleberre released this 14 Jun 13:56
Immutable release. Only release title and notes can be modified.
v2.2.0
72a2a0e

Adds an opt-in update-badges.yaml reusable workflow that writes shields.io endpoint JSON to an orphan badges branch of the caller repo (built-in GITHUB_TOKEN, no gist/PAT), plus coverage and matrix-status outputs on csharp-ci.yaml/scala-ci.yaml so a consumer README can show live coverage and per-platform CI badges. Also adds an artifact-prefix input so two languages can run in one caller workflow without colliding on artifact names. Input/secret contracts are otherwise unchanged — a safe minor bump from v2.1.0.

Closes #22.

v2.1.0 — coverage table sort fix, cobertura union-merge, caller-resolved dotnet-coverage

Choose a tag to compare

@monsieurleberre monsieurleberre released this 12 Jun 10:17
Immutable release. Only release title and notes can be modified.
v2.1.0
f06d3a9

Fixed

  • Fix the coverage-table sort being a silent no-op for C# coverage comments — irongut/CodeCoverageSummary format: markdown emits tables without leading pipes, which the sort-coverage-table action did not recognize as tables; it now detects a header line followed by a --- separator line with or without leading pipes, and emits a ::warning:: when no table is found at all. (#18, #19)
  • Fix diluted C# coverage numbers when multiple test projects cover the same assemblies: csharp-ci.yaml again union-merges the per-project cobertura files (matched by tests-glob) into one report via the dotnet-coverage global tool (version resolved from the caller's Directory.Packages.props pin of Microsoft.Testing.Extensions.CodeCoverage, nested files under working-directory included — no input; a missing, non-literal, or conflicting pin fails loud) before irongut/CodeCoverageSummary runs, instead of letting irongut concatenate them with duplicated, partial package rows. The input/secret contract is unchanged. (#19)

Full changelog: v2.0.0...v2.1.0

v2.0.0 — global.json SDK resolution, no dotnet-coverage merge, exact-version helpers

Choose a tag to compare

@monsieurleberre monsieurleberre released this 12 Jun 08:24
Immutable release. Only release title and notes can be modified.
v2.0.0
efdb23e

Migration: reference workflows and actions at @v2 (e.g. peacefulstudio/github-actions/.github/workflows/csharp-ci.yaml@v2). The floating v1 tag is frozen at the v1.5.x state and will no longer advance.

Changed

  • All reusable workflows now check out their helper scripts (normalize-ci-matrix.sh, resolve-runner.sh, push-nuget.sh) and the sort-coverage-table action at job.workflow_sha — the exact commit of the called workflow — instead of the floating v1 tag. Callers pinning a SHA or an exact version tag now get the helpers matching that exact version, and cutting a release no longer risks breaking consumers at runtime by forgetting to advance a floating tag. (#17)
  • BREAKING. csharp-ci.yaml dotnet-version input default changed from '10.0.x' to empty. When empty, the .NET SDK is resolved from the caller repo's global.json under working-directory — the file must exist or setup fails loud. Pass an explicit dotnet-version to keep overriding. Callers relying on the old default must add a global.json (a future SDK bump is then a caller-side change only). (#17)

Removed

  • BREAKING. dotnet-coverage-version input on csharp-ci.yaml — the dotnet-coverage global tool install and the cobertura merge step are gone; irongut/CodeCoverageSummary now aggregates the per-project *.cobertura.xml files (matched by tests-glob) itself. A tool-free guard still fails the job loud when the glob matches no files. No known caller passes this input; any caller that does must drop it before moving to this version. (#17)

Fixed

  • Fix csharp-ci.yaml, go-ci.yaml and scala-ci.yaml failing in every consumer repo that runs the coverage step with "Can't find 'action.yml' … under '.github/actions/sort-coverage-table'" — the coverage-sort step referenced the action by local path, which resolves against the caller's checkout, not this repo. The step now references peacefulstudio/github-actions/.github/actions/sort-coverage-table@v1. (#16)

v1.5.0 — csharp-publish composite action, NuGet trusted publishing

Choose a tag to compare

@monsieurleberre monsieurleberre released this 12 Jun 08:14
Immutable release. Only release title and notes can be modified.
v1.5.0
b5ab3b4

Added

  • .github/actions/csharp-publish composite action — builds, tests, packs and pushes .NET NuGet packages to nuget.org, enabling NuGet Trusted Publishing (OIDC) for consumer repos. The caller checks out its own code and mints the short-lived API key via NuGet/login in its own job, then invokes the action with steps: - uses: peacefulstudio/github-actions/.github/actions/csharp-publish@v1, passing api-key. Because the action runs inline as steps in the caller's job, job_workflow_ref stays the caller's publish workflow, so a per-repo nuget Trusted Publishing policy anchored on the consumer repo matches. Inputs: api-key (required), version_override, include_symbols (default true), working-directory (default .), test-filter (default empty).
  • working-directory (default .) and test-filter (default empty) inputs on csharp-publish-public.yaml, matching the names used by csharp-ci.yaml. working-directory runs the restore/build/test/pack steps from a sub-path (the pack output stays at $GITHUB_WORKSPACE/output/nuget so the root-level push step is unaffected), letting repos whose solution lives below the root — e.g. canton-localnet's csharp/ — use the reusable workflow. test-filter passes a dotnet test --filter expression (e.g. Category!=Integration) to exclude tests that need live infrastructure. Both default to the previous behaviour, so existing callers are bit-for-bit unaffected.

Changed

  • BREAKING. csharp-publish-public.yaml now publishes to nuget.org via NuGet Trusted Publishing (short-lived OIDC token exchanged for a temporary API key through NuGet/login) instead of long-lived API keys. The four NUGET_API_KEY_* secrets (NUGET_API_KEY_CANTON, NUGET_API_KEY_DAML, NUGET_API_KEY_SPLICE, NUGET_API_KEY_PEACEFUL) are removed. Callers must instead provide an organization secret NUGET_USER (the nuget.org profile name), grant permissions: id-token: write, and register a nuget.org Trusted Publishing policy (Workflow File = csharp-publish-public.yaml — the reusable file, not the caller; Environment = nuget-publish). scripts/route-nuget-push.sh is renamed to scripts/push-nuget.sh; per-owner key routing is removed since one user/key now pushes every package.
  • Coverage PR comment tables (Scala, Go, C#) now list packages alphabetically by name.
  • Remove the Complexity column from the Scala coverage PR comment — sbt always emits 0 for this field.

Deprecated

  • BREAKING for trusted publishing. csharp-publish-public.yaml reusable workflow is deprecated. As a reusable workflow it runs the OIDC job in peacefulstudio/github-actions, so the job_workflow_ref claim is always stamped with github-actions and never the caller — a per-repo nuget Trusted Publishing policy anchored on the consumer repo can therefore never match (confirmed by a live HTTP 401). Consumers must switch to the .github/actions/csharp-publish composite action and mint the OIDC key (NuGet/login) in their own job.

v1.4.0 — visibility-based default runners, build-matrix, snupkg symbols

Choose a tag to compare

@monsieurleberre monsieurleberre released this 07 Jun 17:34
Immutable release. Only release title and notes can be modified.
0da1134

Added

  • build-matrix input on csharp-ci.yaml and scala-ci.yaml — optional JSON array of { name, runner, coverage } shards that fully replaces os-list when set. Lets a caller mix self-hosted and hosted runners, pass array-valued runs-on labels (e.g. ["self-hosted", "hetzner"]), and pick the single shard that carries the coverage report / sticky PR comment / job summary. Backed by a new tested helper, scripts/normalize-ci-matrix.sh, run in a normalize job; it fails loud on a malformed matrix. Omitting build-matrix keeps os-list behaviour bit-for-bit.
  • runs-on input on build-and-test.yaml — honoured on workflow_call; accepts a plain label or a JSON array string.
  • include_symbols input (default true) on csharp-publish-public.yaml — generates and publishes .snupkg symbol packages to the nuget.org symbol server alongside the main packages. Set to false to publish .nupkg only. (#7)

Changed

  • Default runner now follows repository visibility. When a caller passes no runs-on (go-ci, terraform-ci, build-and-test) or no os-list / build-matrix (csharp-ci, scala-ci), the runner is selected by a gh api visibility lookup: public repos get GitHub-hosted runners, private and internal repos get the self-hosted Hetzner pool (["self-hosted", "hetzner"]). The lookup fails loud on error or unexpected visibility. Any explicit runs-on / os-list / build-matrix overrides this. Runner resolution for go-ci / terraform-ci / build-and-test is backed by a new tested helper, scripts/resolve-runner.sh.
  • runs-on on go-ci.yaml and terraform-ci.yaml now accepts a JSON array string (e.g. '["self-hosted", "hetzner"]') in addition to a plain label.
  • csharp-publish-public.yaml now builds with ContinuousIntegrationBuild=true for deterministic, path-normalized Release builds. (#7)

Full changelog: v1.2.0...v1.4.0

v1.2.0 — nuget.org publish reusable workflow

Choose a tag to compare

@monsieurleberre monsieurleberre released this 07 Jun 15:47
Immutable release. Only release title and notes can be modified.
v1.2.0
a5cdad6

Added

  • csharp-publish-public.yaml — reusable workflow to publish NuGet packages to nuget.org, with per-owner push routing via a new tested scripts/route-nuget-push.sh. (#6)

Full changelog: v1.1.0...v1.2.0

v1.1.0 — Scala CI, coverage titles, C# on xUnit v3

Choose a tag to compare

@monsieurleberre monsieurleberre released this 27 May 09:23
Immutable release. Only release title and notes can be modified.
v1.1.0
52fd556

Four feature PRs land in one release. All four reusable workflows now share the same coverage-title knob, and the C# workflow moves to the modern xUnit v3 + Microsoft.Testing.Platform stack.

New: Scala CI workflow

scala-ci.yaml brings the same shape as csharp-ci.yaml to sbt projects — build, test, coverage, sticky PR comment, job summary, and an artifact upload. No pack: step (that's still C#-only for now). (#2)

New: coverage-title input across all four workflows

Every reusable workflow now accepts a coverage-title input that prepends a markdown H2 to the rendered coverage / test-summary file before the sticky PR comment goes up. If you run multiple of these workflows on the same repo, the sticky comments are no longer ambiguous at a glance.

Workflow Default coverage-title
csharp-ci.yaml C# coverage
scala-ci.yaml Scala coverage
go-ci.yaml Go coverage
terraform-ci.yaml Terraform coverage

Override per-call:

jobs:
  ci:
    uses: peacefulstudio/github-actions/.github/workflows/csharp-ci.yaml@v1
    with:
      coverage-title: 'Backend API coverage'

Loud-fails (rather than silently skipping) if the target coverage / test-summary file is missing — so a broken upstream step shows up immediately instead of producing a silently empty sticky comment. (#1, #2, #3, #4)

Changed: csharp-ci.yaml on xUnit v3 + Microsoft.Testing.Platform

csharp-ci.yaml no longer uses dotnet test --collect "XPlat Code Coverage" + ReportGenerator. It now runs through Microsoft.Testing.Platform with Microsoft.Testing.Extensions.CodeCoverage collecting in-process, then dotnet-coverage merge + irongut/CodeCoverageSummary@v1.3.0 for the report — matching the go-ci / terraform-ci output style.

Caller requirements if you use csharp-ci.yaml:

  • xunit.v3 3.2.2 or newer
  • Microsoft.Testing.Extensions.CodeCoverage pinned at 18.0.6 (override-able via the new dotnet-coverage-version input)
  • A tests/Directory.Build.props opting tests into MTP
  • A coverage.settings.xml for the coverage collector

New optional inputs (defaults match what the migration assumed):

  • dotnet-coverage-version — default 18.0.6
  • tests-glob — default tests/**/*.cobertura.xml

All previously exposed inputs and secrets are preserved verbatim. (#1)

Floating tag

v1 now points at this release. Callers on @v1 get this automatically.

Full changelog

v1.0.0...v1.1.0