ALAppExtensions/.github/workflows/PullRequestHandler.yaml at main · FARSOUNDAVIATION/ALAppExtensions · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
name: 'Pull Request Build'

on:
  pull_request:
    branches: [ 'main' ]

concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
  cancel-in-progress: true

defaults:
  run:
    shell: powershell

permissions:
  actions: read
  contents: read
  id-token: write
  pull-requests: read
  security-events: write

env:
  workflowDepth: 2
  ALGoOrgSettings: ${{ vars.ALGoOrgSettings }}
  ALGoRepoSettings: ${{ vars.ALGoRepoSettings }}

jobs:
  PregateCheck:
    if: (github.event.pull_request.base.repo.full_name != github.event.pull_request.head.repo.full_name) && (github.event_name != 'pull_request')
    runs-on: windows-latest
    steps:
      - uses: microsoft/AL-Go/Actions/VerifyPRChanges@32e66d69cfd2c1e3eca39e416e27c6aa58de6df3

  Initialization:
    needs: [ PregateCheck ]
    if: (!failure() && !cancelled())
    runs-on: [ windows-latest ]
    outputs:
      projects: ${{ steps.determineProjectsToBuild.outputs.ProjectsJson }}
      projectDependenciesJson: ${{ steps.determineProjectsToBuild.outputs.ProjectDependenciesJson }}
      buildOrderJson: ${{ steps.determineProjectsToBuild.outputs.BuildOrderJson }}
      baselineWorkflowRunId: ${{ steps.determineProjectsToBuild.outputs.BaselineWorkflowRunId }}
      baselineWorkflowSHA: ${{ steps.determineProjectsToBuild.outputs.BaselineWorkflowSHA }}
      workflowDepth: ${{ steps.DetermineWorkflowDepth.outputs.WorkflowDepth }}
      artifactsRetentionDays: ${{ steps.DetermineWorkflowDepth.outputs.ArtifactsRetentionDays }}
      telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }}
      trackALAlertsInGithub: ${{ steps.SetALCodeAnalysisVar.outputs.trackALAlertsInGithub }}
    steps:
      - name: Dump Workflow Information
        uses: microsoft/AL-Go/Actions/DumpWorkflowInfo@32e66d69cfd2c1e3eca39e416e27c6aa58de6df3
        with:
          shell: powershell

      - name: Checkout
        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          lfs: true
          ref: ${{ github.event_name == 'pull_request' && github.sha || format('refs/pull/{0}/merge', github.event.pull_request.number) }}

      - name: Initialize the workflow
        id: init
        uses: microsoft/AL-Go/Actions/WorkflowInitialize@32e66d69cfd2c1e3eca39e416e27c6aa58de6df3
        with:
          shell: powershell

      - name: Read settings
        id: ReadSettings
        uses: microsoft/AL-Go/Actions/ReadSettings@32e66d69cfd2c1e3eca39e416e27c6aa58de6df3
        with:
          shell: powershell
          get: shortLivedArtifactsRetentionDays,trackALAlertsInGithub

      - name: Set AL Code Analysis Var output
        id: SetALCodeAnalysisVar
        run: |
          Write-Host "trackALAlertsInGithub environment variable: '$($env:trackALAlertsInGithub)'"
          Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "trackALAlertsInGithub=$($env:trackALAlertsInGithub)"

      - name: Determine Workflow Depth
        id: DetermineWorkflowDepth
        run: |
          Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "WorkflowDepth=$($env:workflowDepth)"
          Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "ArtifactsRetentionDays=$($env:shortLivedArtifactsRetentionDays)"

      - name: Determine Projects To Build
        id: determineProjectsToBuild
        uses: microsoft/AL-Go/Actions/DetermineProjectsToBuild@32e66d69cfd2c1e3eca39e416e27c6aa58de6df3
        with:
          shell: powershell
          maxBuildDepth: ${{ env.workflowDepth }}

  Build1:
    needs: [ Initialization ]
    if: (!failure()) && (!cancelled()) && fromJson(needs.Initialization.outputs.buildOrderJson)[0].projectsCount > 0
    strategy:
      matrix:
        include: ${{ fromJson(needs.Initialization.outputs.buildOrderJson)[0].buildDimensions }}
      fail-fast: false
    name: Build ${{ matrix.projectName }} (${{ matrix.buildMode }})
    uses: ./.github/workflows/_BuildALGoProject.yaml
    secrets: inherit
    with:
      shell: ${{ matrix.githubRunnerShell }}
      runsOn: ${{ matrix.githubRunner }}
      checkoutRef: ${{ github.event_name == 'pull_request' && github.sha || format('refs/pull/{0}/merge', github.event.pull_request.number) }}
      project: ${{ matrix.project }}
      projectName: ${{ matrix.projectName }}
      buildMode: ${{ matrix.buildMode }}
      projectDependenciesJson: ${{ needs.Initialization.outputs.projectDependenciesJson }}
      baselineWorkflowRunId: ${{ needs.Initialization.outputs.baselineWorkflowRunId }}
      baselineWorkflowSHA: ${{ needs.Initialization.outputs.baselineWorkflowSHA }}
      secrets: 'licenseFileUrl,keyVaultCertificateUrl,*keyVaultCertificatePassword,keyVaultClientId,gitHubPackagesContext,applicationInsightsConnectionString'
      artifactsRetentionDays: ${{ fromJson(needs.Initialization.outputs.artifactsRetentionDays) }}
      artifactsNameSuffix: 'PR${{ github.event.number }}'
      needsContext:  ${{ toJson(needs) }}
      useArtifactCache: true

  Build:
    needs: [ Initialization, Build1 ]
    if: (!failure()) && (!cancelled()) && (needs.Build1.result == 'success' || needs.Build1.result == 'skipped') && fromJson(needs.Initialization.outputs.buildOrderJson)[1].projectsCount > 0
    strategy:
      matrix:
        include: ${{ fromJson(needs.Initialization.outputs.buildOrderJson)[1].buildDimensions }}
      fail-fast: false
    name: Build ${{ matrix.projectName }} (${{ matrix.buildMode }})
    uses: ./.github/workflows/_BuildALGoProject.yaml
    secrets: inherit
    with:
      shell: ${{ matrix.githubRunnerShell }}
      runsOn: ${{ matrix.githubRunner }}
      checkoutRef: ${{ github.event_name == 'pull_request' && github.sha || format('refs/pull/{0}/merge', github.event.pull_request.number) }}
      project: ${{ matrix.project }}
      projectName: ${{ matrix.projectName }}
      buildMode: ${{ matrix.buildMode }}
      projectDependenciesJson: ${{ needs.Initialization.outputs.projectDependenciesJson }}
      baselineWorkflowRunId: ${{ needs.Initialization.outputs.baselineWorkflowRunId }}
      baselineWorkflowSHA: ${{ needs.Initialization.outputs.baselineWorkflowSHA }}
      secrets: 'licenseFileUrl,keyVaultCertificateUrl,*keyVaultCertificatePassword,keyVaultClientId,gitHubPackagesContext,applicationInsightsConnectionString'
      artifactsRetentionDays: ${{ fromJson(needs.Initialization.outputs.artifactsRetentionDays) }}
      artifactsNameSuffix: 'PR${{ github.event.number }}'
      needsContext:  ${{ toJson(needs) }}
      useArtifactCache: true

  CodeAnalysisUpload:
    needs: [ Initialization, Build ]
    if: (!cancelled()) && (needs.Initialization.outputs.trackALAlertsInGithub == 'True')
    runs-on: [ windows-latest ]
    name: Code Analysis Processing
    steps:
      - name: Checkout
        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          ref: ${{ format('refs/pull/{0}/head', github.event.pull_request.number) }}

      - name: Download artifacts - ErrorLogs
        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
        if: (success() || failure())
        with:
          pattern: '*-ErrorLogs-*'
          path: '${{ github.workspace }}/ErrorLogs/'
          merge_multiple: true

      - name: Process AL Code Analysis Logs
        id: ProcessALCodeAnalysisLogs
        if: (success() || failure())
        uses: microsoft/AL-Go/Actions/ProcessALCodeAnalysisLogs@32e66d69cfd2c1e3eca39e416e27c6aa58de6df3
        with:
          shell: powershell

      - name: Upload SARIF file to GitHub
        uses: github/codeql-action/upload-sarif@v3
        if: always()
        with:
          sarif_file: '${{ github.workspace }}/ErrorLogs/output.sarif.json'
          category: "ALCodeAnalysis"
          ref: ${{ format('refs/pull/{0}/head', github.event.pull_request.number) }}
          sha: ${{ github.event.pull_request.head.sha }}

  StatusCheck:
    needs: [ Initialization, Build ]
    if: (!cancelled())
    runs-on: [ windows-latest ]
    name: Pull Request Status Check
    steps:
      - name: Pull Request Status Check
        id: PullRequestStatusCheck
        uses: microsoft/AL-Go/Actions/PullRequestStatusCheck@32e66d69cfd2c1e3eca39e416e27c6aa58de6df3
        env:
          GITHUB_TOKEN: ${{ github.token }}
        with:
          shell: powershell

      - name: Finalize the workflow
        id: PostProcess
        uses: microsoft/AL-Go/Actions/WorkflowPostProcess@32e66d69cfd2c1e3eca39e416e27c6aa58de6df3
        if: success() || failure()
        env:
          GITHUB_TOKEN: ${{ github.token }}
        with:
          shell: powershell
          telemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }}
          currentJobContext: ${{ toJson(job) }}