diff --git a/.azure-pipelines/ci-build.yml b/.azure-pipelines/ci-build.yml index a4af01161..8b23b8d10 100644 --- a/.azure-pipelines/ci-build.yml +++ b/.azure-pipelines/ci-build.yml @@ -21,7 +21,7 @@ pool: variables: buildPlatform: 'Any CPU' buildConfiguration: 'Release' - ProductBinPath: '$(Build.SourcesDirectory)\src\Microsoft.OpenApi\bin\$(BuildConfiguration)' + ProductBinPath: '$(Build.SourcesDirectory)\src\Microsoft.OpenApi\bin\$(BuildConfiguration)' stages: @@ -31,17 +31,22 @@ stages: - job: build steps: - task: UseDotNet@2 - displayName: 'Use .NET 6' + displayName: 'Use .NET 6' # needed for ESRP signing inputs: version: 6.x - - task: PoliCheck@1 + - task: UseDotNet@2 + displayName: 'Use .NET 7' + inputs: + version: 7.x + + - task: PoliCheck@2 displayName: 'Run PoliCheck "/src"' inputs: inputType: CmdLine cmdLineArgs: '/F:$(Build.SourcesDirectory)/src /T:9 /Sev:"1|2" /PE:2 /O:poli_result_src.xml' - - task: PoliCheck@1 + - task: PoliCheck@2 displayName: 'Run PoliCheck "/test"' inputs: inputType: CmdLine @@ -70,14 +75,14 @@ stages: arguments: '--configuration $(BuildConfiguration) --no-build' # CredScan - - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2 + - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@3 displayName: 'Run CredScan - Src' inputs: toolMajorVersion: 'V2' scanFolder: '$(Build.SourcesDirectory)\src' debugMode: false - - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2 + - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@3 displayName: 'Run CredScan - Test' inputs: toolMajorVersion: 'V2' @@ -90,34 +95,38 @@ stages: FileDirPath: '$(ProductBinPath)' enabled: false - - task: BinSkim@3 + - task: BinSkim@4 displayName: 'Run BinSkim - Product Binaries' inputs: InputType: Basic - AnalyzeTarget: '$(ProductBinPath)\**\Microsoft.OpenApi.dll' + AnalyzeTargetGlob: '$(ProductBinPath)\**\Microsoft.OpenApi.dll' AnalyzeSymPath: '$(ProductBinPath)' AnalyzeVerbose: true AnalyzeHashes: true AnalyzeEnvironment: true - - task: PublishSecurityAnalysisLogs@2 + - task: PublishSecurityAnalysisLogs@3 displayName: 'Publish Security Analysis Logs' inputs: ArtifactName: SecurityLogs - - task: PostAnalysis@1 + - task: PostAnalysis@2 displayName: 'Post Analysis' inputs: BinSkim: true CredScan: true PoliCheck: true - - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1 + - task: EsrpCodeSigning@2 displayName: 'ESRP CodeSigning' inputs: ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)' FolderPath: src signConfigType: inlineSignParams + UseMinimatch: true + Pattern: | + **\*.exe + **\*.dll inlineOperation: | [ { @@ -157,38 +166,27 @@ stages: } ] SessionTimeout: 20 - + # Pack - - task: DotNetCoreCLI@2 + - pwsh: dotnet pack $(Build.SourcesDirectory)/src/Microsoft.OpenApi/Microsoft.OpenApi.csproj -o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg displayName: 'pack OpenAPI' - inputs: - command: pack - projects: src/Microsoft.OpenApi/Microsoft.OpenApi.csproj - arguments: '-o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg' - + # Pack - - task: DotNetCoreCLI@2 + - pwsh: dotnet pack $(Build.SourcesDirectory)/src/Microsoft.OpenApi.Readers/Microsoft.OpenApi.Readers.csproj -o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg displayName: 'pack Readers' - inputs: - command: pack - projects: src/Microsoft.OpenApi.Readers/Microsoft.OpenApi.Readers.csproj - arguments: '-o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg' - + # Pack - - task: DotNetCoreCLI@2 + - pwsh: dotnet pack $(Build.SourcesDirectory)/src/Microsoft.OpenApi.Hidi/Microsoft.OpenApi.Hidi.csproj -o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg displayName: 'pack Hidi' - inputs: - command: pack - projects: src/Microsoft.OpenApi.Hidi/Microsoft.OpenApi.Hidi.csproj - arguments: '-o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg' - - - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1 + + - task: EsrpCodeSigning@2 displayName: 'ESRP CodeSigning Nuget Packages' inputs: ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)' FolderPath: '$(Build.ArtifactStagingDirectory)' Pattern: '*.nupkg' signConfigType: inlineSignParams + UseMinimatch: true inlineOperation: | [ { @@ -216,17 +214,17 @@ stages: $xml = [Xml] (Get-Content .\src\Microsoft.OpenApi.Hidi\Microsoft.OpenApi.Hidi.csproj) $version = $xml.Project.PropertyGroup.Version echo $version - echo "##vso[task.setvariable variable=hidiversion]$version" + echo "##vso[task.setvariable variable=hidiversion]$version" # publish hidi as an .exe - task: DotNetCoreCLI@2 displayName: publish Hidi as executable inputs: command: 'publish' - arguments: -c Release --runtime win-x64 /p:PublishSingleFile=true --self-contained --output $(Build.ArtifactStagingDirectory)/Microsoft.OpenApi.Hidi-v$(hidiversion) -p:PublishTrimmed=true + arguments: -c Release --runtime win-x64 /p:PublishSingleFile=true /p:PackAsTool=false --self-contained --output $(Build.ArtifactStagingDirectory)/Microsoft.OpenApi.Hidi-v$(hidiversion) projects: 'src/Microsoft.OpenApi.Hidi/Microsoft.OpenApi.Hidi.csproj' publishWebProjects: False - zipAfterPublish: false + zipAfterPublish: false - task: CopyFiles@2 displayName: Prepare staging folder for upload @@ -243,7 +241,7 @@ stages: - task: PublishBuildArtifacts@1 displayName: 'Publish Artifact: Hidi' - inputs: + inputs: ArtifactName: Microsoft.OpenApi.Hidi-v$(hidiversion) PathtoPublish: '$(Build.ArtifactStagingDirectory)/Microsoft.OpenApi.Hidi-v$(hidiversion)' @@ -270,13 +268,14 @@ stages: inputs: source: current - pwsh: | - $artifactMainDirectory = Get-ChildItem -Filter Microsoft.OpenApi.Hidi-* -Directory -Recurse | select -First 1 - $artifactName = $artifactMainDirectory.Name -replace "Microsoft.OpenApi.Hidi-", "" - #Set Variable $artifactName - Write-Host "##vso[task.setvariable variable=artifactName; isSecret=false; isOutput=true;]$artifactName" - Write-Host "##vso[task.setvariable variable=artifactMainDirectory; isSecret=false; isOutput=true;]$artifactMainDirectory" + $artifactName = Get-ChildItem -Path $(Pipeline.Workspace)\Nugets -Filter Microsoft.OpenApi.*.nupkg -recurse | select -First 1 + $artifactVersion= $artifactName.Name -replace "Microsoft.OpenApi.", "" -replace ".nupkg", "" + #Set Variable $artifactName and $artifactVersion + Write-Host "##vso[task.setvariable variable=artifactVersion; isSecret=false; isOutput=true]$artifactVersion" + Write-Host "##vso[task.setvariable variable=artifactName; isSecret=false; isOutput=true]$artifactName.FullName" + echo "$artifactName" + echo "$artifactVersion" displayName: 'Fetch Artifact Name' - - task: NuGetCommand@2 displayName: 'NuGet push' inputs: @@ -285,16 +284,24 @@ stages: nuGetFeedType: external publishFeedCredentials: 'OpenAPI Nuget Connection' - task: GitHubRelease@1 - displayName: 'GitHub release (create)' + displayName: 'GitHub release (edit)' + condition: succeededOrFailed() inputs: gitHubConnection: 'Github-MaggieKimani1' + action: edit tagSource: userSpecifiedTag - tag: '$(artifactName)' - title: '$(artifactName)' + tag: '$(artifactVersion)' + title: '$(artifactVersion)' releaseNotesSource: inline - assets: '$(artifactMainDirectory)\**\*.exe' + assets: '$(Pipeline.Workspace)\**\*.exe' changeLogType: issueBased - + changeLogLabels: '[ + { "label" : "feature-work", "feature", "displayName" : "New Features", "state" : "closed" }, + { "label" : "enhancement", "V2-Enhancement", "displayName" : "Enhancements", "state" : "closed" }, + { "label" : "bug", "bug-fix", "displayName" : "Bugs", "state" : "closed" }, + { "label" : "documentation", "doc", "displayName" : "Documentation", "state" : "closed"}, + { "label" : "dependencies", "displayName" : "Package Updates", "state" : "closed" }]' + - deployment: deploy_lib dependsOn: [] environment: nuget-org diff --git a/.editorconfig b/.editorconfig index 49de0d370..5b8c4b64e 100644 --- a/.editorconfig +++ b/.editorconfig @@ -84,7 +84,7 @@ csharp_prefer_braces = true:silent csharp_style_deconstructed_variable_declaration = true:suggestion csharp_prefer_simple_default_expression = true:suggestion csharp_style_pattern_local_over_anonymous_function = true:suggestion -csharp_style_inlined_variable_declaration = true:suggestion +csharp_style_inlined_variable_declaration = true:error ############################### # C# Formatting Rules # ############################### diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 000000000..e55e35b9a --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @irvinesunday @darrelmiller @peombwa @zengin @baywet @millicentachieng @MaggieKimani1 @andrueastman diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 000000000..a7d83e3dc --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,24 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: '' +assignees: '' + +--- + +**Describe the bug** +A clear and concise description of what the bug is. + +**OpenApi File To Reproduce** +Add the OpenApi file you're using or a link to it as well as the steps to reproduce the current behavior. + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Screenshots/Code Snippets** +If applicable, add screenshots of the stack trace or a code snippet to help explain your problem. +If applicable, add a link to your project + +**Additional context** +Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 000000000..021458556 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,20 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: '' +assignees: '' + +--- + +**Is your feature request related to a problem? Please describe.** +A clear and concise description of what the problem is. + +**Describe the solution you'd like** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Additional context** +Add any other context or screenshots about the feature request here. diff --git a/.github/workflows/auto-merge-dependabot.yml b/.github/workflows/auto-merge-dependabot.yml new file mode 100644 index 000000000..6e5953f56 --- /dev/null +++ b/.github/workflows/auto-merge-dependabot.yml @@ -0,0 +1,32 @@ +name: Auto-merge dependabot updates + +on: + pull_request: + branches: [ main ] + +permissions: + pull-requests: write + contents: write + +jobs: + + dependabot-merge: + + runs-on: ubuntu-latest + + if: ${{ github.actor == 'dependabot[bot]' }} + + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v1.6.0 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + + - name: Enable auto-merge for Dependabot PRs + # Only if version bump is not a major version change + if: ${{steps.metadata.outputs.update-type != 'version-update:semver-major'}} + run: gh pr merge --auto --merge "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 8e5cb1f51..bf1aa6a33 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -2,6 +2,9 @@ name: CI/CD Pipeline on: [push, pull_request, workflow_dispatch] +permissions: + contents: write + jobs: ci: name: Continuous Integration @@ -14,9 +17,9 @@ jobs: GITHUB_RUN_NUMBER: ${{ github.run_number }} steps: - name: Setup .NET - uses: actions/setup-dotnet@v2 + uses: actions/setup-dotnet@v4 with: - dotnet-version: 6.0.x + dotnet-version: 7.0.x - name: Data gatherer id: data_gatherer @@ -41,7 +44,7 @@ jobs: - name: Checkout repository id: checkout_repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 0 @@ -49,7 +52,7 @@ jobs: - if: steps.conditionals_handler.outputs.is_default_branch == 'true' name: Bump GH tag id: tag_generator - uses: mathieudutour/github-tag-action@v6.0 + uses: mathieudutour/github-tag-action@v6.1 with: github_token: ${{ secrets.GITHUB_TOKEN }} default_bump: false @@ -59,85 +62,10 @@ jobs: id: build_projects shell: pwsh run: | - $projectsArray = @( - '.\src\Microsoft.OpenApi\Microsoft.OpenApi.csproj', - '.\src\Microsoft.OpenApi.Readers\Microsoft.OpenApi.Readers.csproj', - '.\src\Microsoft.OpenApi.Hidi\Microsoft.OpenApi.Hidi.csproj' - ) - $gitNewVersion = if ("${{ steps.tag_generator.outputs.new_version }}") {"${{ steps.tag_generator.outputs.new_version }}"} else {$null} - $projectCurrentVersion = ([xml](Get-Content .\src\Microsoft.OpenApi\Microsoft.OpenApi.csproj)).Project.PropertyGroup.Version - $projectNewVersion = $gitNewVersion ?? $projectCurrentVersion - - $projectsArray | ForEach-Object { - dotnet build $PSItem ` - -c Release # ` - # -o $env:ARTIFACTS_FOLDER ` - # /p:Version=$projectNewVersion - } - - # Move NuGet packages to separate folder for pipeline convenience - # New-Item Artifacts/NuGet -ItemType Directory - # Get-ChildItem Artifacts/*.nupkg | Move-Item -Destination "Artifacts/NuGet" + dotnet build Microsoft.OpenApi.sln -c Release - name: Run unit tests id: run_unit_tests shell: pwsh run: | - $testProjectsArray = @( - '.\test\Microsoft.OpenApi.Tests\Microsoft.OpenApi.Tests.csproj', - '.\test\Microsoft.OpenApi.Readers.Tests\Microsoft.OpenApi.Readers.Tests.csproj', - '.\test\Microsoft.OpenApi.SmokeTests\Microsoft.OpenApi.SmokeTests.csproj' - ) - - $testProjectsArray | ForEach-Object { - dotnet test $PSItem ` - -c Release - } - - # - if: steps.tag_generator.outputs.new_version != '' - # name: Upload NuGet packages as artifacts - # id: ul_packages_artifact - # uses: actions/upload-artifact@v1 - # with: - # name: NuGet packages - # path: Artifacts/NuGet/ - - cd: - if: needs.ci.outputs.is_default_branch == 'true' && needs.ci.outputs.latest_version != '' - name: Continuous Deployment - needs: ci - runs-on: ubuntu-latest - steps: - # - name: Download and extract NuGet packages - # id: dl_packages_artifact - # uses: actions/download-artifact@v2 - # with: - # name: NuGet packages - # path: NuGet/ - - # - name: Push NuGet packages to NuGet.org - # id: push_nuget_packages - # continue-on-error: true - # shell: pwsh - # run: | - # Get-ChildItem NuGet/*.nupkg | ForEach-Object { - # nuget push $PSItem ` - # -ApiKey $env:NUGET_API_KEY ` - # -Source https://api.nuget.org/v3/index.json - # } - # env: - # NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }} - - - name: Create and publish release - id: create_release - uses: softprops/action-gh-release@v1 - with: - name: OpenApi v${{ needs.ci.outputs.latest_version }} - tag_name: v${{ needs.ci.outputs.latest_version }} - # files: | - # NuGet/Microsoft.OpenApi.${{ needs.ci.outputs.latest_version }}.nupkg - # NuGet/Microsoft.OpenApi.Readers.${{ needs.ci.outputs.latest_version }}.nupkg - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - -# Built with ❤ by [Pipeline Foundation](https://pipeline.foundation) \ No newline at end of file + dotnet test Microsoft.OpenApi.sln -c Release -v n diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0adca3d2d..c3b9424f6 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -7,6 +7,11 @@ on: schedule: - cron: '0 8 * * *' +permissions: + contents: read # these permissions are required to run the codeql analysis + actions: read + security-events: write + jobs: analyze: name: CodeQL Analysis @@ -14,16 +19,16 @@ jobs: steps: - name: Checkout repository id: checkout_repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup .NET - uses: actions/setup-dotnet@v2 + uses: actions/setup-dotnet@v4 with: - dotnet-version: 6.0.x + dotnet-version: 7.0.x - name: Initialize CodeQL id: init_codeql - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@v3 with: queries: security-and-quality @@ -43,6 +48,6 @@ jobs: - name: Perform CodeQL Analysis id: analyze_codeql - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v3 # Built with ❤ by [Pipeline Foundation](https://pipeline.foundation) \ No newline at end of file diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 000000000..6241be83e --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,42 @@ +name: Publish Docker image +on: + workflow_dispatch: + push: + branches: [master, vnext] + paths: ['src/Microsoft.OpenApi.Hidi/**', '.github/workflows/**'] +env: + REGISTRY: msgraphprod.azurecr.io + IMAGE_NAME: public/openapi/hidi +jobs: + push_to_registry: + environment: + name: acr + name: Push Docker image + runs-on: ubuntu-latest + steps: + - name: Check out the repo + uses: actions/checkout@v4 + - name: Login to GitHub package feed + uses: docker/login-action@v3.0.0 + with: + username: ${{ secrets.ACR_USERNAME }} + password: ${{ secrets.ACR_PASSWORD }} + registry: ${{ env.REGISTRY }} + - run: | + $content = [XML](Get-Content ./src/Microsoft.OpenApi.Hidi/Microsoft.OpenApi.Hidi.csproj) + $version = $content.Project.PropertyGroup.Version + echo "::set-output name=version::${version}" + shell: pwsh + id: getversion + - name: Push to GitHub Packages - Nightly + if: ${{ github.ref == 'refs/heads/vnext' }} + uses: docker/build-push-action@v5.1.0 + with: + push: true + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly + - name: Push to GitHub Packages - Release + if: ${{ github.ref == 'refs/heads/master' }} + uses: docker/build-push-action@v5.1.0 + with: + push: true + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest,${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.getversion.outputs.version }} diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml new file mode 100644 index 000000000..fbd2629e9 --- /dev/null +++ b/.github/workflows/sonarcloud.yml @@ -0,0 +1,83 @@ +name: Sonarcloud +on: + workflow_dispatch: + push: + branches: + - main + paths-ignore: ['.vscode/**'] + pull_request: + types: [opened, synchronize, reopened] + paths-ignore: ['.vscode/**'] + + +permissions: + contents: read + pull-requests: read + +env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + +jobs: + checksecret: + name: check if SONAR_TOKEN is set in github secrets + runs-on: ubuntu-latest + outputs: + is_SONAR_TOKEN_set: ${{ steps.checksecret_job.outputs.is_SONAR_TOKEN_set }} + steps: + - name: Check whether unity activation requests should be done + id: checksecret_job + run: | + echo "is_SONAR_TOKEN_set=${{ env.SONAR_TOKEN != '' }}" >> $GITHUB_OUTPUT + build: + needs: [checksecret] + if: needs.checksecret.outputs.is_SONAR_TOKEN_set == 'true' + name: Build + runs-on: windows-latest + steps: + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + distribution: 'adopt' + java-version: 17 + - name: Setup .NET 5 # At the moment the scanner requires dotnet 5 https://www.nuget.org/packages/dotnet-sonarscanner + uses: actions/setup-dotnet@v4 + with: + dotnet-version: 5.0.x + - name: Setup .NET + uses: actions/setup-dotnet@v4 + with: + dotnet-version: 7.0.x + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: Cache SonarCloud packages + uses: actions/cache@v4 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Cache SonarCloud scanner + id: cache-sonar-scanner + uses: actions/cache@v4 + with: + path: ./.sonar/scanner + key: ${{ runner.os }}-sonar-scanner + restore-keys: ${{ runner.os }}-sonar-scanner + - name: Install SonarCloud scanner + if: steps.cache-sonar-scanner.outputs.cache-hit != 'true' + shell: pwsh + run: | + New-Item -Path ./.sonar/scanner -ItemType Directory + dotnet tool update dotnet-sonarscanner --tool-path ./.sonar/scanner + - name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + CollectCoverage: true + CoverletOutputFormat: 'opencover' # https://github.com/microsoft/vstest/issues/4014#issuecomment-1307913682 + shell: pwsh + run: | + ./.sonar/scanner/dotnet-sonarscanner begin /k:"microsoft_OpenAPI.NET" /o:"microsoft" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="test/**/coverage.opencover.xml" + dotnet workload restore + dotnet build + dotnet test Microsoft.OpenApi.sln --no-build --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover + ./.sonar/scanner/dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}" \ No newline at end of file diff --git a/.vscode/launch.json b/.vscode/launch.json index b59349979..acf828db0 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -5,18 +5,36 @@ // Use IntelliSense to find out which attributes exist for C# debugging // Use hover for the description of the existing attributes // For further information visit https://github.com/OmniSharp/omnisharp-vscode/blob/master/debugger-launchjson.md - "name": ".NET Core Launch (console)", + "name": "Launch Hidi", "type": "coreclr", "request": "launch", "preLaunchTask": "build", // If you have changed target frameworks, make sure to update the program path. - "program": "${workspaceFolder}/src/Microsoft.OpenApi.Hidi/bin/Debug/net6.0/Microsoft.OpenApi.Hidi.dll", - "args": [], + "program": "${workspaceFolder}/src/Microsoft.OpenApi.Hidi/bin/Debug/net7.0/Microsoft.OpenApi.Hidi.dll", + "args": ["plugin", + "-m","C:\\Users\\darrmi\\src\\github\\microsoft\\openapi.net\\test\\Microsoft.OpenApi.Hidi.Tests\\UtilityFiles\\exampleapimanifest.json", + "--of","./output"], "cwd": "${workspaceFolder}/src/Microsoft.OpenApi.Hidi", // For more information about the 'console' field, see https://aka.ms/VSCode-CS-LaunchJson-Console "console": "internalConsole", "stopAtEntry": false }, + { + // Use IntelliSense to find out which attributes exist for C# debugging + // Use hover for the description of the existing attributes + // For further information visit https://github.com/OmniSharp/omnisharp-vscode/blob/master/debugger-launchjson.md + "name": "Launch Workbench", + "type": "coreclr", + "request": "launch", + "preLaunchTask": "build", + // If you have changed target frameworks, make sure to update the program path. + "program": "${workspaceFolder}/src/Microsoft.OpenApi.WorkBench/bin/Debug/net7.0-windows/Microsoft.OpenApi.Workbench.exe", + "args": [], + "cwd": "${workspaceFolder}/src/Microsoft.OpenApi.Workbench", + // For more information about the 'console' field, see https://aka.ms/VSCode-CS-LaunchJson-Console + "console": "internalConsole", + "stopAtEntry": false + }, { "name": ".NET Core Attach", "type": "coreclr", diff --git a/.vscode/settings.json b/.vscode/settings.json index 0313280bf..186b10bea 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -3,5 +3,9 @@ "activityBar.background": "#03323C", "titleBar.activeBackground": "#054754", "titleBar.activeForeground": "#F0FCFE" - } + }, + "cSpell.words": [ + "csdl", + "Hidi" + ] } \ No newline at end of file diff --git a/Directory.Build.props b/Directory.Build.props new file mode 100644 index 000000000..4fbb218f9 --- /dev/null +++ b/Directory.Build.props @@ -0,0 +1,25 @@ + + + $(AllowedOutputExtensionsInPackageBuildOutputFolder);.pdb + Microsoft + Microsoft + MIT + true + https://github.com/Microsoft/OpenAPI.NET + https://github.com/microsoft/OpenAPI.NET/releases + true + http://go.microsoft.com/fwlink/?LinkID=288890 + https://github.com/Microsoft/OpenAPI.NET + © Microsoft Corporation. All rights reserved. + OpenAPI .NET + + + + true + + + + + \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..e67c8c389 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,23 @@ +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build-env +WORKDIR /app + +COPY ./src ./hidi/src +COPY ./Directory.Build.props ./hidi/Directory.Build.props +COPY ./README.md ./hidi/README.md +WORKDIR /app/hidi +RUN dotnet publish ./src/Microsoft.OpenApi.Hidi/Microsoft.OpenApi.Hidi.csproj -c Release + +FROM mcr.microsoft.com/dotnet/runtime:7.0 AS runtime +WORKDIR /app + +COPY --from=build-env /app/hidi/src/Microsoft.OpenApi.Hidi/bin/Release/net7.0 ./ + +VOLUME /app/output +VOLUME /app/openapi.yml +VOLUME /app/api.csdl +VOLUME /app/collection.json +ENV HIDI_CONTAINER=true DOTNET_TieredPGO=1 DOTNET_TC_QuickJitForLoops=1 +ENTRYPOINT ["dotnet", "Microsoft.OpenApi.Hidi.dll"] +LABEL description="# Welcome to Hidi \ +To start transforming OpenAPI documents checkout [the getting started documentation](https://github.com/microsoft/OpenAPI.NET/tree/vnext/src/Microsoft.OpenApi.Hidi) \ +[Source dockerfile](https://github.com/microsoft/OpenAPI.NET/blob/vnext/Dockerfile)" diff --git a/Microsoft.OpenApi.sln b/Microsoft.OpenApi.sln index cca18f1e5..bb3c028e7 100644 --- a/Microsoft.OpenApi.sln +++ b/Microsoft.OpenApi.sln @@ -28,6 +28,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.OpenApi.SmokeTest EndProject Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.OpenApi.Hidi", "src\Microsoft.OpenApi.Hidi\Microsoft.OpenApi.Hidi.csproj", "{254841B5-7DAC-4D1D-A9C5-44FE5CE467BE}" EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Microsoft.OpenApi.Hidi.Tests", "test\Microsoft.OpenApi.Hidi.Tests\Microsoft.OpenApi.Hidi.Tests.csproj", "{D8F799DD-04AC-4A13-B344-45A5B944450A}" +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Any CPU = Debug|Any CPU @@ -62,6 +64,10 @@ Global {254841B5-7DAC-4D1D-A9C5-44FE5CE467BE}.Debug|Any CPU.Build.0 = Debug|Any CPU {254841B5-7DAC-4D1D-A9C5-44FE5CE467BE}.Release|Any CPU.ActiveCfg = Release|Any CPU {254841B5-7DAC-4D1D-A9C5-44FE5CE467BE}.Release|Any CPU.Build.0 = Release|Any CPU + {D8F799DD-04AC-4A13-B344-45A5B944450A}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {D8F799DD-04AC-4A13-B344-45A5B944450A}.Debug|Any CPU.Build.0 = Debug|Any CPU + {D8F799DD-04AC-4A13-B344-45A5B944450A}.Release|Any CPU.ActiveCfg = Release|Any CPU + {D8F799DD-04AC-4A13-B344-45A5B944450A}.Release|Any CPU.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE @@ -74,6 +80,7 @@ Global {1ED3C2C1-E1E7-4925-B4E6-2D969C3F5237} = {6357D7FD-2DE4-4900-ADB9-ABC37052040A} {AD79B61D-88CF-497C-9ED5-41AE3867C5AC} = {6357D7FD-2DE4-4900-ADB9-ABC37052040A} {254841B5-7DAC-4D1D-A9C5-44FE5CE467BE} = {E546B92F-20A8-49C3-8323-4B25BB78F3E1} + {D8F799DD-04AC-4A13-B344-45A5B944450A} = {6357D7FD-2DE4-4900-ADB9-ABC37052040A} EndGlobalSection GlobalSection(ExtensibilityGlobals) = postSolution SolutionGuid = {9F171EFC-0DB5-4B10-ABFA-AF48D52CC565} diff --git a/README.md b/README.md index 9405526bf..358d0a686 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ |--|--| |Models and Writers|[![nuget](https://img.shields.io/nuget/v/Microsoft.OpenApi.svg)](https://www.nuget.org/packages/Microsoft.OpenApi/) | |Readers | [![nuget](https://img.shields.io/nuget/v/Microsoft.OpenApi.Readers.svg)](https://www.nuget.org/packages/Microsoft.OpenApi.Readers/) | +|Hidi|[![nuget](https://img.shields.io/nuget/v/Microsoft.OpenApi.Hidi.svg)](https://www.nuget.org/packages/Microsoft.OpenApi.Hidi/) The **OpenAPI.NET** SDK contains a useful object model for OpenAPI documents in .NET along with common serializers to extract raw OpenAPI JSON and YAML documents from the model. @@ -21,8 +22,8 @@ Project Objectives # Installation -- Install core Nuget package `Microsoft.OpenApi` -- Install readers Nuget package `Microsoft.OpenApi.Readers` +- Install core Nuget package [**Microsoft.OpenApi**](https://www.nuget.org/packages/Microsoft.OpenApi) +- Install readers Nuget package [**Microsoft.OpenApi.Readers**](https://www.nuget.org/packages/Microsoft.OpenApi.Readers) # Processors The OpenAPI.NET project holds the base object model for representing OpenAPI documents as .NET objects. Some developers have found the need to write processors that convert other data formats into this OpenAPI.NET object model. We'd like to curate that list of processors in this section of the readme. @@ -72,7 +73,7 @@ var document = new OpenApiDocument }; ``` -Reading and writing a OpenAPI description +Reading and writing an OpenAPI description ```C# var httpClient = new HttpClient @@ -90,6 +91,28 @@ var outputString = openApiDocument.Serialize(OpenApiSpecVersion.OpenApi2_0, Open ``` +# Validating/Testing OpenAPI descriptions +In order to test the validity of an OpenApi document, we avail the following tools: +- [Microsoft.OpenApi.Hidi](https://www.nuget.org/packages/Microsoft.OpenApi.Hidi) + + A commandline tool for validating and transforming OpenAPI descriptions. [Installation guidelines and documentation](https://github.com/microsoft/OpenAPI.NET/blob/vnext/src/Microsoft.OpenApi.Hidi/readme.md) + +- Microsoft.OpenApi.Workbench + + A workbench tool consisting of a GUI where you can test and convert OpenAPI descriptions in both JSON and YAML from v2-->v3 and vice versa. + + #### Installation guidelines: + 1. Clone the repo locally by running this command: + `git clone https://github.com/microsoft/OpenAPI.NET.git` + 2. Open the solution file `(.sln)` in the root of the project with Visual Studio + 3. Navigate to the `src/Microsoft.OpenApi.Workbench` directory and set it as the startup project + 4. Run the project and you'll see a GUI pop up resembling the one below: + + + + + 5. Copy and paste your OpenAPI descriptions in the **Input Content** window or paste the path to the descriptions file in the **Input File** textbox and click on `Convert` to render the results. + # Build Status |**master**| diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..766e6f887 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,41 @@ + + +## Security + +Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/). + +If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://docs.microsoft.com/previous-versions/tn-archive/cc751383(v=technet.10)), please report it to us as described below. + +## Reporting Security Issues + +**Please do not report security vulnerabilities through public GitHub issues.** + +Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report). + +If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/msrc/pgp-key-msrc). + +You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc). + +Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: + + * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) + * Full paths of source file(s) related to the manifestation of the issue + * The location of the affected source code (tag/branch/commit or direct URL) + * Any special configuration required to reproduce the issue + * Step-by-step instructions to reproduce the issue + * Proof-of-concept or exploit code (if possible) + * Impact of the issue, including how an attacker might exploit the issue + +This information will help us triage your report more quickly. + +If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://microsoft.com/msrc/bounty) page for more details about our active programs. + +## Preferred Languages + +We prefer all communications to be in English. + +## Policy + +Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/msrc/cvd). + + diff --git a/docs/CI-CD_DOCUMENTATION.md b/docs/CI-CD_DOCUMENTATION.md deleted file mode 100644 index 40053cf82..000000000 --- a/docs/CI-CD_DOCUMENTATION.md +++ /dev/null @@ -1,81 +0,0 @@ -# CI/CD documentation - -## 1. Run workflow manually - -1. Go to the project's GitHub repository and click on the **Actions** tab - -2. From the "Workflows" list on the left, click on "CI/CD Pipeline" - -3. On the right, next to the "This workflow has a workflow_dispatch event trigger" label, click on the "Run workflow" dropdown, make sure the default branch is selected (if not manually changed, should be main or master) in the "Use workflow from" dropdown and click the "Run workflow" button - -![Actions_workflow_dispatch](images/Actions_workflow_dispatch.png) - -NOTE: **screenshots are only exemplary** - -
- -## 2. Automated NuGet publishing - -To setup the automated publishing to NuGet: - -1. Go to the repo **Settings** tab -> **Secrets** - -2. Add a secret with the name `NUGET_API_KEY` and as value use an API key from NuGet.org that is assigned to the packages for this project - -NOTE: the automated NuGet publishing is execute **only** when a release is triggered by the ["Automated versioning" feature](#3-automated-versioning) - -
- -## 3. Automated versioning - -Automatically bumps up the GitHub tag in the repo and executes the CD job - -Note: **not every commit to your default branch creates a release** - -Follow these instructions for any commit (push or PR merge) to your default branch, you would like to execute the automated versioning. - -You would need one of three keywords at the start of your commit title. Each of the three keywords corresponds to a number in your release version i.e. v1.2.3. The release versioning uses the ["Conventional Commits" specification](https://www.conventionalcommits.org/en/v1.0.0/): - -- "fix: ..." - this keyword corresponds to the last number v1.2.**3**, also known as PATCH; -- "feat: ..." - this keyword corresponds to the middle number v1.**2**.3, also known as MINOR; -- "perf: ..." - this keyword corresponds to the first number v**1**.2.3, also known as MAJOR. In addition, to trigger a MAJOR release, you would need to write "BREAKING CHANGE: ..." in the description of the commit, with an empty line above it to indicate it is in the