diff --git a/.azure-pipelines/ci-build.yml b/.azure-pipelines/ci-build.yml index 5649e50c5..28d442b3a 100644 --- a/.azure-pipelines/ci-build.yml +++ b/.azure-pipelines/ci-build.yml @@ -2,125 +2,321 @@ # Licensed under the MIT License. name: $(BuildDefinitionName)_$(SourceBranchName)_$(Date:yyyyMMdd)$(Rev:.r) - trigger: branches: include: - - master -pr: none + - master + - vnext +pr: + branches: + include: + - master + - vnext +variables: + buildPlatform: 'Any CPU' + buildConfiguration: 'Release' + ProductBinPath: '$(Build.SourcesDirectory)\src\Microsoft.OpenApi\bin\$(BuildConfiguration)' +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: Azure-Pipelines-1ESPT-ExDShared + image: windows-2022 + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: build + jobs: + - job: build + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish Artifact: Nugets' + artifactName: Nugets + targetPath: '$(Build.ArtifactStagingDirectory)/Nugets' + - output: pipelineArtifact + displayName: 'Publish Artifact: Hidi' + artifactName: Microsoft.OpenApi.Hidi-v$(hidiversion) + targetPath: '$(Build.ArtifactStagingDirectory)/Microsoft.OpenApi.Hidi-v$(hidiversion)' + steps: + - task: UseDotNet@2 + displayName: 'Use .NET 6' + inputs: + version: 6.x + + - task: UseDotNet@2 + displayName: 'Use .NET 8' + inputs: + version: 8.x + + # Install the nuget tool. + - task: NuGetToolInstaller@1 + displayName: 'Use NuGet >=6.11.0' + inputs: + versionSpec: '>=6.11.0' + checkLatest: true + + # Build the Product project + - task: DotNetCoreCLI@2 + displayName: 'build' + inputs: + projects: '$(Build.SourcesDirectory)\Microsoft.OpenApi.sln' + arguments: '--configuration $(BuildConfiguration) --no-incremental' -pool: - name: Azure Pipelines - vmImage: windows-latest - demands: - - msbuild - - vstest + # Run the Unit test + - task: DotNetCoreCLI@2 + displayName: 'test' + inputs: + command: test + projects: '$(Build.SourcesDirectory)\Microsoft.OpenApi.sln' + arguments: '--configuration $(BuildConfiguration) --no-build' -steps: -- task: NuGetCommand@2 - displayName: 'NuGet restore' + - task: EsrpCodeSigning@5 + displayName: 'ESRP CodeSigning binaries' + inputs: + ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection' + AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8' + AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2' + AuthAKVName: 'akv-prod-eastus' + AuthCertName: 'ReferenceLibraryPrivateCert' + AuthSignCertName: 'ReferencePackagePublisherCertificate' + FolderPath: '$(Build.SourcesDirectory)\src' + signConfigType: 'inlineSignParams' + inlineOperation: | + [ + { + "keyCode": "CP-230012", + "operationSetCode": "SigntoolSign", + "parameters": [ + { + "parameterName": "OpusName", + "parameterValue": "Microsoft" + }, + { + "parameterName": "OpusInfo", + "parameterValue": "http://www.microsoft.com/" + }, + { + "parameterName": "FileDigest", + "parameterValue": "/fd \"SHA256\"" + }, + { + "parameterName": "PageHash", + "parameterValue": "/NPH" + }, + { + "parameterName": "TimeStamp", + "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer/" /td sha256" + } + ], + "toolName": "sign", + "toolVersion": "1.0" + }, + { + "keyCode": "CP-230012", + "operationSetCode": "SigntoolVerify", + "parameters": [ ], + "toolName": "sign", + "toolVersion": "1.0" + } + ] + SessionTimeout: '20' + MaxConcurrency: '50' + MaxRetryAttempts: '5' + PendingAnalysisWaitTimeoutMinutes: '5' -- task: MSBuild@1 - displayName: 'Build solution **/*.sln' - inputs: - configuration: Release + # Pack core lib + - pwsh: dotnet pack $(Build.SourcesDirectory)/src/Microsoft.OpenApi/Microsoft.OpenApi.csproj -o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg + displayName: 'pack OpenAPI' -- task: VSTest@2 - displayName: 'XUnit Tests' - inputs: - testAssemblyVer2: | - **\*.Tests.dll - - vsTestVersion: 16.0 - codeCoverageEnabled: true + # Pack readers + - pwsh: dotnet pack $(Build.SourcesDirectory)/src/Microsoft.OpenApi.Readers/Microsoft.OpenApi.Readers.csproj -o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg + displayName: 'pack Readers' -- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1 - displayName: 'ESRP CodeSigning' - inputs: - ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)' - FolderPath: src - signConfigType: inlineSignParams - inlineOperation: | - [ - { - "keyCode": "CP-230012", - "operationSetCode": "SigntoolSign", - "parameters": [ - { - "parameterName": "OpusName", - "parameterValue": "Microsoft" - }, - { - "parameterName": "OpusInfo", - "parameterValue": "http://www.microsoft.com/" - }, - { - "parameterName": "FileDigest", - "parameterValue": "/fd \"SHA256\"" - }, - { - "parameterName": "PageHash", - "parameterValue": "/NPH" - }, - { - "parameterName": "TimeStamp", - "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer/" /td sha256" - } - ], - "toolName": "sign", - "toolVersion": "1.0" - }, - { - "keyCode": "CP-230012", - "operationSetCode": "SigntoolVerify", - "parameters": [ ], - "toolName": "sign", - "toolVersion": "1.0" - } - ] - SessionTimeout: 20 + # Pack hidi + - pwsh: dotnet pack $(Build.SourcesDirectory)/src/Microsoft.OpenApi.Hidi/Microsoft.OpenApi.Hidi.csproj -o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg + displayName: 'pack Hidi' -- task: MSBuild@1 - displayName: 'Pack OpenAPI' - inputs: - solution: src/Microsoft.OpenApi/Microsoft.OpenApi.csproj - configuration: Release - msbuildArguments: '/t:pack /p:PackageOutputPath=$(Build.ArtifactStagingDirectory) /p:IncludeSymbols=true /p:SymbolPackageFormat=snupkg' + - task: EsrpCodeSigning@5 + displayName: 'ESRP CodeSigning Nuget Packages' + inputs: + ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection' + AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8' + AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2' + AuthAKVName: 'akv-prod-eastus' + AuthCertName: 'ReferenceLibraryPrivateCert' + AuthSignCertName: 'ReferencePackagePublisherCertificate' + FolderPath: '$(Build.ArtifactStagingDirectory)' + Pattern: '*.nupkg' + signConfigType: 'inlineSignParams' + inlineOperation: | + [ + { + "keyCode": "CP-401405", + "operationSetCode": "NuGetSign", + "parameters": [ ], + "toolName": "sign", + "toolVersion": "1.0" + }, + { + "keyCode": "CP-401405", + "operationSetCode": "NuGetVerify", + "parameters": [ ], + "toolName": "sign", + "toolVersion": "1.0" + } + ] + SessionTimeout: '60' + MaxConcurrency: '50' + MaxRetryAttempts: '5' + PendingAnalysisWaitTimeoutMinutes: '5' -- task: MSBuild@1 - displayName: 'Pack OpenAPI Readers' - inputs: - solution: src/Microsoft.OpenApi.Readers/Microsoft.OpenApi.Readers.csproj - configuration: Release - msbuildArguments: '/t:pack /p:PackageOutputPath=$(Build.ArtifactStagingDirectory) /p:IncludeSymbols=true /p:SymbolPackageFormat=snupkg' + - task: PowerShell@2 + displayName: "Get Hidi's version-number from .csproj" + inputs: + targetType: 'inline' + script: | + $xml = [Xml] (Get-Content .\src\Microsoft.OpenApi.Hidi\Microsoft.OpenApi.Hidi.csproj) + $version = $xml.Project.PropertyGroup.Version + echo $version + echo "##vso[task.setvariable variable=hidiversion]$version" + + # publish hidi as an .exe + - task: DotNetCoreCLI@2 + displayName: publish Hidi as executable + inputs: + command: 'publish' + arguments: -c Release --runtime win-x64 /p:PublishSingleFile=true /p:PackAsTool=false --self-contained --output $(Build.ArtifactStagingDirectory)/Microsoft.OpenApi.Hidi-v$(hidiversion) + projects: 'src/Microsoft.OpenApi.Hidi/Microsoft.OpenApi.Hidi.csproj' + publishWebProjects: False + zipAfterPublish: false + + - task: CopyFiles@2 + displayName: Prepare staging folder for upload + inputs: + targetFolder: $(Build.ArtifactStagingDirectory)/Nugets + sourceFolder: $(Build.ArtifactStagingDirectory) + content: '*.nupkg' + + - stage: deploy + condition: and(contains(variables['build.sourceBranch'], 'refs/heads/master'), succeeded()) + dependsOn: build + jobs: + - deployment: deploy_hidi + templateContext: + type: releaseJob + isProduction: true + inputs: + - input: pipelineArtifact + artifactName: Nugets + targetPath: '$(Pipeline.Workspace)' + dependsOn: [] + environment: nuget-org + strategy: + runOnce: + deploy: + pool: + vmImage: ubuntu-latest + steps: + - task: DownloadPipelineArtifact@2 + displayName: Download hidi executable from artifacts + inputs: + source: current + - pwsh: | + $artifactName = Get-ChildItem -Path $(Pipeline.Workspace)\Nugets -Filter Microsoft.OpenApi.*.nupkg -recurse | select -First 1 + $artifactVersion= $artifactName.Name -replace "Microsoft.OpenApi.", "" -replace ".nupkg", "" + #Set Variable $artifactName and $artifactVersion + Write-Host "##vso[task.setvariable variable=artifactVersion; isSecret=false; isOutput=true]$artifactVersion" + Write-Host "##vso[task.setvariable variable=artifactName; isSecret=false; isOutput=true]$artifactName.FullName" + echo "$artifactName" + echo "$artifactVersion" + displayName: 'Fetch Artifact Name' + - task: 1ES.PublishNuget@1 + displayName: 'NuGet push' + inputs: + packagesToPush: '$(Pipeline.Workspace)/Nugets/Microsoft.OpenApi.Hidi.*.nupkg' + packageParentPath: '$(Pipeline.Workspace)' + nuGetFeedType: external + publishFeedCredentials: 'OpenAPI Nuget Connection' + - task: GitHubRelease@1 + displayName: 'GitHub release (edit)' + condition: succeededOrFailed() + inputs: + gitHubConnection: 'Github-MaggieKimani1' + action: edit + tagSource: userSpecifiedTag + tag: '$(artifactVersion)' + title: '$(artifactVersion)' + releaseNotesSource: inline + assets: '$(Pipeline.Workspace)\**\*.exe' + changeLogType: issueBased + changeLogLabels: '[ + { "label" : "feature-work", "feature", "displayName" : "New Features", "state" : "closed" }, + { "label" : "enhancement", "V2-Enhancement", "displayName" : "Enhancements", "state" : "closed" }, + { "label" : "bug", "bug-fix", "displayName" : "Bugs", "state" : "closed" }, + { "label" : "documentation", "doc", "displayName" : "Documentation", "state" : "closed"}, + { "label" : "dependencies", "displayName" : "Package Updates", "state" : "closed" } + ]' -- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1 - displayName: 'ESRP CodeSigning Nuget Packages' - inputs: - ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)' - FolderPath: '$(Build.ArtifactStagingDirectory)' - Pattern: '*.nupkg' - signConfigType: inlineSignParams - inlineOperation: | - [ - { - "keyCode": "CP-401405", - "operationSetCode": "NuGetSign", - "parameters": [ ], - "toolName": "sign", - "toolVersion": "1.0" - }, - { - "keyCode": "CP-401405", - "operationSetCode": "NuGetVerify", - "parameters": [ ], - "toolName": "sign", - "toolVersion": "1.0" - } - ] - SessionTimeout: 20 + - deployment: deploy_lib + templateContext: + type: releaseJob + isProduction: true + inputs: + - input: pipelineArtifact + artifactName: Nugets + targetPath: '$(Pipeline.Workspace)' + dependsOn: [] + environment: nuget-org + strategy: + runOnce: + deploy: + pool: + vmImage: ubuntu-latest + steps: + - powershell: | + $fileNames = "$(Pipeline.Workspace)/Nugets/Microsoft.OpenApi.Hidi.*.nupkg", "$(Pipeline.Workspace)/Nugets/Microsoft.OpenApi.Readers.*.nupkg", "$(Pipeline.Workspace)/Nugets/Microsoft.OpenApi.Workbench.*.nupkg" + foreach($fileName in $fileNames) { + if(Test-Path $fileName) { + rm $fileName -Verbose + } + } + displayName: remove other nupkgs to avoid duplication + - task: 1ES.PublishNuget@1 + displayName: 'NuGet push' + inputs: + packagesToPush: '$(Pipeline.Workspace)/Nugets/Microsoft.OpenApi.*.nupkg' + packageParentPath: '$(Pipeline.Workspace)' + nuGetFeedType: external + publishFeedCredentials: 'OpenAPI Nuget Connection' -- task: PublishBuildArtifacts@1 - displayName: 'Publish Artifact: Nugets' - inputs: - ArtifactName: Nugets \ No newline at end of file + - deployment: deploy_readers + templateContext: + type: releaseJob + isProduction: true + inputs: + - input: pipelineArtifact + artifactName: Nugets + targetPath: '$(Pipeline.Workspace)' + dependsOn: deploy_lib + environment: nuget-org + strategy: + runOnce: + deploy: + pool: + vmImage: ubuntu-latest + steps: + - task: 1ES.PublishNuget@1 + displayName: 'NuGet push' + inputs: + packagesToPush: '$(Pipeline.Workspace)/Nugets/Microsoft.OpenApi.Readers.*.nupkg' + packageParentPath: '$(Pipeline.Workspace)' + nuGetFeedType: external + publishFeedCredentials: 'OpenAPI Nuget Connection' \ No newline at end of file diff --git a/.config/1espt/PipelineAutobaseliningConfig.yml b/.config/1espt/PipelineAutobaseliningConfig.yml new file mode 100644 index 000000000..2425160a4 --- /dev/null +++ b/.config/1espt/PipelineAutobaseliningConfig.yml @@ -0,0 +1,15 @@ +## DO NOT MODIFY THIS FILE MANUALLY. This is part of auto-baselining from 1ES Pipeline Templates. Go to [https://aka.ms/1espt-autobaselining] for more details. + +pipelines: + 107: + usedNonDefaultBranch: true + retail: + source: + credscan: + lastModifiedDate: 2024-09-13 + eslint: + lastModifiedDate: 2024-09-13 + psscriptanalyzer: + lastModifiedDate: 2024-09-13 + armory: + lastModifiedDate: 2024-09-13 diff --git a/.editorconfig b/.editorconfig index 49de0d370..e8f790dff 100644 --- a/.editorconfig +++ b/.editorconfig @@ -84,7 +84,7 @@ csharp_prefer_braces = true:silent csharp_style_deconstructed_variable_declaration = true:suggestion csharp_prefer_simple_default_expression = true:suggestion csharp_style_pattern_local_over_anonymous_function = true:suggestion -csharp_style_inlined_variable_declaration = true:suggestion +csharp_style_inlined_variable_declaration = true:error ############################### # C# Formatting Rules # ############################### @@ -121,3 +121,14 @@ csharp_preserve_single_line_blocks = true [*.vb] # Modifier preferences visual_basic_preferred_modifier_order = Partial,Default,Private,Protected,Public,Friend,NotOverridable,Overridable,MustOverride,Overloads,Overrides,MustInherit,NotInheritable,Static,Shared,Shadows,ReadOnly,WriteOnly,Dim,Const,WithEvents,Widening,Narrowing,Custom,Async:suggestion + + +# Verify settings +[*.{received,verified}.{txt,xml,json}] +charset = "utf-8-bom" +end_of_line = lf +indent_size = unset +indent_style = unset +insert_final_newline = false +tab_width = unset +trim_trailing_whitespace = false \ No newline at end of file diff --git a/.gitattributes b/.gitattributes index bdb0cabc8..dea329be9 100644 --- a/.gitattributes +++ b/.gitattributes @@ -15,3 +15,6 @@ *.PDF diff=astextplain *.rtf diff=astextplain *.RTF diff=astextplain + +# VerifyTests +*.verified.txt text eol=lf working-tree-encoding=UTF-8 diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 000000000..a61cbd408 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @irvinesunday @darrelmiller @gavinbarron @millicentachieng @MaggieKimani1 @andrueastman diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 000000000..a7d83e3dc --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,24 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: '' +assignees: '' + +--- + +**Describe the bug** +A clear and concise description of what the bug is. + +**OpenApi File To Reproduce** +Add the OpenApi file you're using or a link to it as well as the steps to reproduce the current behavior. + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Screenshots/Code Snippets** +If applicable, add screenshots of the stack trace or a code snippet to help explain your problem. +If applicable, add a link to your project + +**Additional context** +Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 000000000..021458556 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,20 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: '' +assignees: '' + +--- + +**Is your feature request related to a problem? Please describe.** +A clear and concise description of what the problem is. + +**Describe the solution you'd like** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Additional context** +Add any other context or screenshots about the feature request here. diff --git a/.github/workflows/auto-merge-dependabot.yml b/.github/workflows/auto-merge-dependabot.yml new file mode 100644 index 000000000..3d9334e96 --- /dev/null +++ b/.github/workflows/auto-merge-dependabot.yml @@ -0,0 +1,32 @@ +name: Auto-merge dependabot updates + +on: + pull_request: + branches: [ main ] + +permissions: + pull-requests: write + contents: write + +jobs: + + dependabot-merge: + + runs-on: ubuntu-latest + + if: ${{ github.actor == 'dependabot[bot]' }} + + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v2.2.0 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + + - name: Enable auto-merge for Dependabot PRs + # Only if version bump is not a major version change + if: ${{steps.metadata.outputs.update-type != 'version-update:semver-major'}} + run: gh pr merge --auto --merge "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 4ab9ed7c3..01861ee2d 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -2,6 +2,9 @@ name: CI/CD Pipeline on: [push, pull_request, workflow_dispatch] +permissions: + contents: write + jobs: ci: name: Continuous Integration @@ -14,9 +17,9 @@ jobs: GITHUB_RUN_NUMBER: ${{ github.run_number }} steps: - name: Setup .NET - uses: actions/setup-dotnet@v1 + uses: actions/setup-dotnet@v4 with: - dotnet-version: 5.0.x + dotnet-version: 8.0.x - name: Data gatherer id: data_gatherer @@ -41,7 +44,7 @@ jobs: - name: Checkout repository id: checkout_repo - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 0 @@ -49,7 +52,7 @@ jobs: - if: steps.conditionals_handler.outputs.is_default_branch == 'true' name: Bump GH tag id: tag_generator - uses: mathieudutour/github-tag-action@v5.4 + uses: mathieudutour/github-tag-action@v6.2 with: github_token: ${{ secrets.GITHUB_TOKEN }} default_bump: false @@ -59,85 +62,10 @@ jobs: id: build_projects shell: pwsh run: | - $projectsArray = @( - '.\src\Microsoft.OpenApi\Microsoft.OpenApi.csproj', - '.\src\Microsoft.OpenApi.Readers\Microsoft.OpenApi.Readers.csproj', - '.\src\Microsoft.OpenApi.Tool\Microsoft.OpenApi.Tool.csproj' - ) - $gitNewVersion = if ("${{ steps.tag_generator.outputs.new_version }}") {"${{ steps.tag_generator.outputs.new_version }}"} else {$null} - $projectCurrentVersion = ([xml](Get-Content .\src\Microsoft.OpenApi\Microsoft.OpenApi.csproj)).Project.PropertyGroup.Version - $projectNewVersion = $gitNewVersion ?? $projectCurrentVersion - - $projectsArray | ForEach-Object { - dotnet build $PSItem ` - -c Release # ` - # -o $env:ARTIFACTS_FOLDER ` - # /p:Version=$projectNewVersion - } - - # Move NuGet packages to separate folder for pipeline convenience - # New-Item Artifacts/NuGet -ItemType Directory - # Get-ChildItem Artifacts/*.nupkg | Move-Item -Destination "Artifacts/NuGet" + dotnet build Microsoft.OpenApi.sln -c Release - name: Run unit tests id: run_unit_tests shell: pwsh run: | - $testProjectsArray = @( - '.\test\Microsoft.OpenApi.Tests\Microsoft.OpenApi.Tests.csproj', - '.\test\Microsoft.OpenApi.Readers.Tests\Microsoft.OpenApi.Readers.Tests.csproj', - '.\test\Microsoft.OpenApi.SmokeTests\Microsoft.OpenApi.SmokeTests.csproj' - ) - - $testProjectsArray | ForEach-Object { - dotnet test $PSItem ` - -c Release - } - - # - if: steps.tag_generator.outputs.new_version != '' - # name: Upload NuGet packages as artifacts - # id: ul_packages_artifact - # uses: actions/upload-artifact@v1 - # with: - # name: NuGet packages - # path: Artifacts/NuGet/ - - cd: - if: needs.ci.outputs.is_default_branch == 'true' && needs.ci.outputs.latest_version != '' - name: Continuous Deployment - needs: ci - runs-on: ubuntu-latest - steps: - # - name: Download and extract NuGet packages - # id: dl_packages_artifact - # uses: actions/download-artifact@v2 - # with: - # name: NuGet packages - # path: NuGet/ - - # - name: Push NuGet packages to NuGet.org - # id: push_nuget_packages - # continue-on-error: true - # shell: pwsh - # run: | - # Get-ChildItem NuGet/*.nupkg | ForEach-Object { - # nuget push $PSItem ` - # -ApiKey $env:NUGET_API_KEY ` - # -Source https://api.nuget.org/v3/index.json - # } - # env: - # NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }} - - - name: Create and publish release - id: create_release - uses: softprops/action-gh-release@v1 - with: - name: OpenApi v${{ needs.ci.outputs.latest_version }} - tag_name: v${{ needs.ci.outputs.latest_version }} - # files: | - # NuGet/Microsoft.OpenApi.${{ needs.ci.outputs.latest_version }}.nupkg - # NuGet/Microsoft.OpenApi.Readers.${{ needs.ci.outputs.latest_version }}.nupkg - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - -# Built with ❤ by [Pipeline Foundation](https://pipeline.foundation) \ No newline at end of file + dotnet test Microsoft.OpenApi.sln -c Release -v n diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 95c813772..22eb5f8fa 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -2,10 +2,16 @@ name: CodeQL Analysis on: push: + branches: [ vnext ] pull_request: schedule: - cron: '0 8 * * *' +permissions: + contents: read # these permissions are required to run the codeql analysis + actions: read + security-events: write + jobs: analyze: name: CodeQL Analysis @@ -13,16 +19,16 @@ jobs: steps: - name: Checkout repository id: checkout_repo - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Setup .NET - uses: actions/setup-dotnet@v1 + uses: actions/setup-dotnet@v4 with: - dotnet-version: 5.0.x + dotnet-version: 8.0.x - name: Initialize CodeQL id: init_codeql - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@v3 with: queries: security-and-quality @@ -33,7 +39,7 @@ jobs: $projectsArray = @( '.\src\Microsoft.OpenApi\Microsoft.OpenApi.csproj', '.\src\Microsoft.OpenApi.Readers\Microsoft.OpenApi.Readers.csproj', - '.\src\Microsoft.OpenApi.Tool\Microsoft.OpenApi.Tool.csproj' + '.\src\Microsoft.OpenApi.Hidi\Microsoft.OpenApi.Hidi.csproj' ) $projectsArray | ForEach-Object { @@ -42,6 +48,6 @@ jobs: - name: Perform CodeQL Analysis id: analyze_codeql - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v3 # Built with ❤ by [Pipeline Foundation](https://pipeline.foundation) \ No newline at end of file diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 000000000..e01c89f0f --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,42 @@ +name: Publish Docker image +on: + workflow_dispatch: + push: + branches: [master, vnext] + paths: ['src/Microsoft.OpenApi.Hidi/**', '.github/workflows/**'] +env: + REGISTRY: msgraphprod.azurecr.io + IMAGE_NAME: public/openapi/hidi +jobs: + push_to_registry: + environment: + name: acr + name: Push Docker image + runs-on: ubuntu-latest + steps: + - name: Check out the repo + uses: actions/checkout@v4 + - name: Login to GitHub package feed + uses: docker/login-action@v3.3.0 + with: + username: ${{ secrets.ACR_USERNAME }} + password: ${{ secrets.ACR_PASSWORD }} + registry: ${{ env.REGISTRY }} + - run: | + $content = [XML](Get-Content ./src/Microsoft.OpenApi.Hidi/Microsoft.OpenApi.Hidi.csproj) + $version = $content.Project.PropertyGroup.Version + echo "::set-output name=version::${version}" + shell: pwsh + id: getversion + - name: Push to GitHub Packages - Nightly + if: ${{ github.ref == 'refs/heads/vnext' }} + uses: docker/build-push-action@v6.10.0 + with: + push: true + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly + - name: Push to GitHub Packages - Release + if: ${{ github.ref == 'refs/heads/master' }} + uses: docker/build-push-action@v6.10.0 + with: + push: true + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest,${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.getversion.outputs.version }} diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml new file mode 100644 index 000000000..a99c68d66 --- /dev/null +++ b/.github/workflows/sonarcloud.yml @@ -0,0 +1,68 @@ +name: Sonarcloud +on: + workflow_dispatch: + push: + branches: + - main + paths-ignore: ['.vscode/**'] + pull_request: + types: [opened, synchronize, reopened] + paths-ignore: ['.vscode/**'] + + +permissions: + contents: read + pull-requests: read + +env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + +jobs: + checksecret: + name: check if SONAR_TOKEN is set in github secrets + runs-on: ubuntu-latest + outputs: + is_SONAR_TOKEN_set: ${{ steps.checksecret_job.outputs.is_SONAR_TOKEN_set }} + steps: + - name: Check whether unity activation requests should be done + id: checksecret_job + run: | + echo "is_SONAR_TOKEN_set=${{ env.SONAR_TOKEN != '' }}" >> $GITHUB_OUTPUT + build: + needs: [checksecret] + if: needs.checksecret.outputs.is_SONAR_TOKEN_set == 'true' + name: Build + runs-on: windows-latest + steps: + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + distribution: 'adopt' + java-version: 17 + - name: Setup .NET + uses: actions/setup-dotnet@v4 + with: + dotnet-version: 8.0.x + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: Cache SonarCloud packages + uses: actions/cache@v4 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Install SonarCloud scanner + run: dotnet tool install dotnet-sonarscanner --create-manifest-if-needed + - name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + CollectCoverage: true + CoverletOutputFormat: 'opencover' # https://github.com/microsoft/vstest/issues/4014#issuecomment-1307913682 + shell: pwsh + run: | + dotnet tool run dotnet-sonarscanner begin /k:"microsoft_OpenAPI.NET" /o:"microsoft" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io/" /d:sonar.cs.opencover.reportsPaths="test/**/coverage.opencover.xml" + dotnet workload restore + dotnet build + dotnet test Microsoft.OpenApi.sln --no-build --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover + dotnet tool run dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}" \ No newline at end of file diff --git a/.vscode/launch.json b/.vscode/launch.json index 0d20a9b46..2fa4340b3 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -5,18 +5,36 @@ // Use IntelliSense to find out which attributes exist for C# debugging // Use hover for the description of the existing attributes // For further information visit https://github.com/OmniSharp/omnisharp-vscode/blob/master/debugger-launchjson.md - "name": ".NET Core Launch (console)", + "name": "Launch Hidi", "type": "coreclr", "request": "launch", "preLaunchTask": "build", // If you have changed target frameworks, make sure to update the program path. - "program": "${workspaceFolder}/src/Microsoft.OpenApi.Tool/bin/Debug/netcoreapp3.1/Microsoft.OpenApi.Tool.dll", - "args": [], - "cwd": "${workspaceFolder}/src/Microsoft.OpenApi.Tool", + "program": "${workspaceFolder}/src/Microsoft.OpenApi.Hidi/bin/Debug/net8.0/Microsoft.OpenApi.Hidi.dll", + "args": ["plugin", + "-m","${workspaceFolder}/test/Microsoft.OpenApi.Hidi.Tests/UtilityFiles/exampleapimanifest.json", + "--of","./output"], + "cwd": "${workspaceFolder}/src/Microsoft.OpenApi.Hidi", // For more information about the 'console' field, see https://aka.ms/VSCode-CS-LaunchJson-Console "console": "internalConsole", "stopAtEntry": false }, + { + // Use IntelliSense to find out which attributes exist for C# debugging + // Use hover for the description of the existing attributes + // For further information visit https://github.com/OmniSharp/omnisharp-vscode/blob/master/debugger-launchjson.md + "name": "Launch Workbench", + "type": "coreclr", + "request": "launch", + "preLaunchTask": "build", + // If you have changed target frameworks, make sure to update the program path. + "program": "${workspaceFolder}/src/Microsoft.OpenApi.WorkBench/bin/Debug/net8.0-windows/Microsoft.OpenApi.Workbench.exe", + "args": [], + "cwd": "${workspaceFolder}/src/Microsoft.OpenApi.Workbench", + // For more information about the 'console' field, see https://aka.ms/VSCode-CS-LaunchJson-Console + "console": "internalConsole", + "stopAtEntry": false + }, { "name": ".NET Core Attach", "type": "coreclr", diff --git a/.vscode/settings.json b/.vscode/settings.json index 0313280bf..186b10bea 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -3,5 +3,9 @@ "activityBar.background": "#03323C", "titleBar.activeBackground": "#054754", "titleBar.activeForeground": "#F0FCFE" - } + }, + "cSpell.words": [ + "csdl", + "Hidi" + ] } \ No newline at end of file diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 358fd0e1a..6040a610f 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -5,16 +5,43 @@ "tasks": [ { "label": "build", - "type": "shell", - "command": "msbuild", + "command": "dotnet", + "type": "process", + "group": "build", + "args": [ + "build", + "${workspaceFolder}/src/Microsoft.OpenApi.Hidi/Microsoft.OpenApi.Hidi.csproj", + "/property:GenerateFullPaths=true", + "/consoleloggerparameters:NoSummary" + ], + "problemMatcher": "$msCompile" + }, + { + "label": "test", + "command": "dotnet", + "type": "process", + "group": "test", "args": [ + "test", + "${workspaceFolder}/Microsoft.OpenApi.sln", "/property:GenerateFullPaths=true", - "/t:build" + "/consoleloggerparameters:NoSummary", + "--collect:\"XPlat Code Coverage\"" ], + "problemMatcher": "$msCompile" + }, + { + "label": "watch", + "command": "dotnet", + "type": "process", "group": "build", - "presentation": { - "reveal": "silent" - }, + "args": [ + "watch", + "run", + "${workspaceFolder}/src/Microsoft.OpenApi.Hidi/Microsoft.OpenApi.Hidi.csproj", + "/property:GenerateFullPaths=true", + "/consoleloggerparameters:NoSummary" + ], "problemMatcher": "$msCompile" }, { diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 000000000..686e5e7a0 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,10 @@ +# Microsoft Open Source Code of Conduct + +This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). + +Resources: + +- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/) +- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) +- Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns +- Employees can reach out at [aka.ms/opensource/moderation-support](https://aka.ms/opensource/moderation-support) diff --git a/Directory.Build.props b/Directory.Build.props new file mode 100644 index 000000000..4fbb218f9 --- /dev/null +++ b/Directory.Build.props @@ -0,0 +1,25 @@ + + + $(AllowedOutputExtensionsInPackageBuildOutputFolder);.pdb + Microsoft + Microsoft + MIT + true + https://github.com/Microsoft/OpenAPI.NET + https://github.com/microsoft/OpenAPI.NET/releases + true + http://go.microsoft.com/fwlink/?LinkID=288890 + https://github.com/Microsoft/OpenAPI.NET + © Microsoft Corporation. All rights reserved. + OpenAPI .NET + + + + true + + + + + \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..fd821e3e4 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,23 @@ +FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build-env +WORKDIR /app + +COPY ./src ./hidi/src +COPY ./Directory.Build.props ./hidi/Directory.Build.props +COPY ./README.md ./hidi/README.md +WORKDIR /app/hidi +RUN dotnet publish ./src/Microsoft.OpenApi.Hidi/Microsoft.OpenApi.Hidi.csproj -c Release + +FROM mcr.microsoft.com/dotnet/runtime:8.0-jammy-chiseled AS runtime +WORKDIR /app + +COPY --from=build-env /app/hidi/src/Microsoft.OpenApi.Hidi/bin/Release/net8.0 ./ + +VOLUME /app/output +VOLUME /app/openapi.yml +VOLUME /app/api.csdl +VOLUME /app/collection.json +ENV HIDI_CONTAINER=true DOTNET_TieredPGO=1 DOTNET_TC_QuickJitForLoops=1 +ENTRYPOINT ["dotnet", "Microsoft.OpenApi.Hidi.dll"] +LABEL description="# Welcome to Hidi \ +To start transforming OpenAPI documents checkout [the getting started documentation](https://github.com/microsoft/OpenAPI.NET/tree/vnext/src/Microsoft.OpenApi.Hidi) \ +[Source dockerfile](https://github.com/microsoft/OpenAPI.NET/blob/vnext/Dockerfile)" diff --git a/Microsoft.OpenApi.sln b/Microsoft.OpenApi.sln index e64ff3a24..a39756a42 100644 --- a/Microsoft.OpenApi.sln +++ b/Microsoft.OpenApi.sln @@ -1,7 +1,7 @@  Microsoft Visual Studio Solution File, Format Version 12.00 -# Visual Studio Version 16 -VisualStudioVersion = 16.0.29613.14 +# Visual Studio Version 17 +VisualStudioVersion = 17.1.32210.238 MinimumVisualStudioVersion = 10.0.40219.1 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.OpenApi", "src\Microsoft.OpenApi\Microsoft.OpenApi.csproj", "{A8E50143-69B2-472A-9D45-3F9A05D13202}" EndProject @@ -12,7 +12,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution readme.md = readme.md EndProjectSection EndProject -Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Microsoft.OpenApi.Workbench", "src\Microsoft.OpenApi.Workbench\Microsoft.OpenApi.Workbench.csproj", "{6A5E91E5-0441-46EE-AEB9-8334981B7F08}" +Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.OpenApi.Workbench", "src\Microsoft.OpenApi.Workbench\Microsoft.OpenApi.Workbench.csproj", "{6A5E91E5-0441-46EE-AEB9-8334981B7F08}" EndProject Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.OpenApi.Readers", "src\Microsoft.OpenApi.Readers\Microsoft.OpenApi.Readers.csproj", "{79933258-0126-4382-8755-D50820ECC483}" EndProject @@ -24,9 +24,11 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{E546B92F-20A EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "test", "test", "{6357D7FD-2DE4-4900-ADB9-ABC37052040A}" EndProject -Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.OpenApi.SmokeTests", "test\Microsoft.OpenApi.SmokeTests\Microsoft.OpenApi.SmokeTests.csproj", "{AD79B61D-88CF-497C-9ED5-41AE3867C5AC}" +Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.OpenApi.Hidi", "src\Microsoft.OpenApi.Hidi\Microsoft.OpenApi.Hidi.csproj", "{254841B5-7DAC-4D1D-A9C5-44FE5CE467BE}" EndProject -Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.OpenApi.Tool", "src\Microsoft.OpenApi.Tool\Microsoft.OpenApi.Tool.csproj", "{254841B5-7DAC-4D1D-A9C5-44FE5CE467BE}" +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Microsoft.OpenApi.Hidi.Tests", "test\Microsoft.OpenApi.Hidi.Tests\Microsoft.OpenApi.Hidi.Tests.csproj", "{D8F799DD-04AC-4A13-B344-45A5B944450A}" +EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Microsoft.OpenApi.Trimming.Tests", "test\Microsoft.OpenApi.Trimming.Tests\Microsoft.OpenApi.Trimming.Tests.csproj", "{1D2E0C6E-B103-4CB6-912E-D56FA1501296}" EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution @@ -54,14 +56,18 @@ Global {1ED3C2C1-E1E7-4925-B4E6-2D969C3F5237}.Debug|Any CPU.Build.0 = Debug|Any CPU {1ED3C2C1-E1E7-4925-B4E6-2D969C3F5237}.Release|Any CPU.ActiveCfg = Release|Any CPU {1ED3C2C1-E1E7-4925-B4E6-2D969C3F5237}.Release|Any CPU.Build.0 = Release|Any CPU - {AD79B61D-88CF-497C-9ED5-41AE3867C5AC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {AD79B61D-88CF-497C-9ED5-41AE3867C5AC}.Debug|Any CPU.Build.0 = Debug|Any CPU - {AD79B61D-88CF-497C-9ED5-41AE3867C5AC}.Release|Any CPU.ActiveCfg = Release|Any CPU - {AD79B61D-88CF-497C-9ED5-41AE3867C5AC}.Release|Any CPU.Build.0 = Release|Any CPU {254841B5-7DAC-4D1D-A9C5-44FE5CE467BE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {254841B5-7DAC-4D1D-A9C5-44FE5CE467BE}.Debug|Any CPU.Build.0 = Debug|Any CPU {254841B5-7DAC-4D1D-A9C5-44FE5CE467BE}.Release|Any CPU.ActiveCfg = Release|Any CPU {254841B5-7DAC-4D1D-A9C5-44FE5CE467BE}.Release|Any CPU.Build.0 = Release|Any CPU + {D8F799DD-04AC-4A13-B344-45A5B944450A}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {D8F799DD-04AC-4A13-B344-45A5B944450A}.Debug|Any CPU.Build.0 = Debug|Any CPU + {D8F799DD-04AC-4A13-B344-45A5B944450A}.Release|Any CPU.ActiveCfg = Release|Any CPU + {D8F799DD-04AC-4A13-B344-45A5B944450A}.Release|Any CPU.Build.0 = Release|Any CPU + {1D2E0C6E-B103-4CB6-912E-D56FA1501296}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {1D2E0C6E-B103-4CB6-912E-D56FA1501296}.Debug|Any CPU.Build.0 = Debug|Any CPU + {1D2E0C6E-B103-4CB6-912E-D56FA1501296}.Release|Any CPU.ActiveCfg = Release|Any CPU + {1D2E0C6E-B103-4CB6-912E-D56FA1501296}.Release|Any CPU.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE @@ -72,8 +78,9 @@ Global {79933258-0126-4382-8755-D50820ECC483} = {E546B92F-20A8-49C3-8323-4B25BB78F3E1} {AD83F991-DBF3-4251-8613-9CC54C826964} = {6357D7FD-2DE4-4900-ADB9-ABC37052040A} {1ED3C2C1-E1E7-4925-B4E6-2D969C3F5237} = {6357D7FD-2DE4-4900-ADB9-ABC37052040A} - {AD79B61D-88CF-497C-9ED5-41AE3867C5AC} = {6357D7FD-2DE4-4900-ADB9-ABC37052040A} {254841B5-7DAC-4D1D-A9C5-44FE5CE467BE} = {E546B92F-20A8-49C3-8323-4B25BB78F3E1} + {D8F799DD-04AC-4A13-B344-45A5B944450A} = {6357D7FD-2DE4-4900-ADB9-ABC37052040A} + {1D2E0C6E-B103-4CB6-912E-D56FA1501296} = {6357D7FD-2DE4-4900-ADB9-ABC37052040A} EndGlobalSection GlobalSection(ExtensibilityGlobals) = postSolution SolutionGuid = {9F171EFC-0DB5-4B10-ABFA-AF48D52CC565} diff --git a/README.md b/README.md index 9405526bf..c804787c1 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ |--|--| |Models and Writers|[![nuget](https://img.shields.io/nuget/v/Microsoft.OpenApi.svg)](https://www.nuget.org/packages/Microsoft.OpenApi/) | |Readers | [![nuget](https://img.shields.io/nuget/v/Microsoft.OpenApi.Readers.svg)](https://www.nuget.org/packages/Microsoft.OpenApi.Readers/) | +|Hidi|[![nuget](https://img.shields.io/nuget/v/Microsoft.OpenApi.Hidi.svg)](https://www.nuget.org/packages/Microsoft.OpenApi.Hidi/) The **OpenAPI.NET** SDK contains a useful object model for OpenAPI documents in .NET along with common serializers to extract raw OpenAPI JSON and YAML documents from the model. @@ -21,8 +22,8 @@ Project Objectives # Installation -- Install core Nuget package `Microsoft.OpenApi` -- Install readers Nuget package `Microsoft.OpenApi.Readers` +- Install core Nuget package [**Microsoft.OpenApi**](https://www.nuget.org/packages/Microsoft.OpenApi) +- Install readers Nuget package [**Microsoft.OpenApi.Readers**](https://www.nuget.org/packages/Microsoft.OpenApi.Readers) # Processors The OpenAPI.NET project holds the base object model for representing OpenAPI documents as .NET objects. Some developers have found the need to write processors that convert other data formats into this OpenAPI.NET object model. We'd like to curate that list of processors in this section of the readme. @@ -72,7 +73,7 @@ var document = new OpenApiDocument }; ``` -Reading and writing a OpenAPI description +Reading and writing an OpenAPI description ```C# var httpClient = new HttpClient @@ -90,11 +91,27 @@ var outputString = openApiDocument.Serialize(OpenApiSpecVersion.OpenApi2_0, Open ``` -# Build Status +# Validating/Testing OpenAPI descriptions +In order to test the validity of an OpenApi document, we avail the following tools: +- [Microsoft.OpenApi.Hidi](https://www.nuget.org/packages/Microsoft.OpenApi.Hidi) -|**master**| -|--| -|[![Build status](https://ci.appveyor.com/api/projects/status/9l6hly3vjeu0tmtx/branch/master?svg=true)](https://ci.appveyor.com/project/MicrosoftOpenAPINETAdmin/openapi-net-54e7i/branch/master)| + A commandline tool for validating and transforming OpenAPI descriptions. [Installation guidelines and documentation](https://github.com/microsoft/OpenAPI.NET/blob/vnext/src/Microsoft.OpenApi.Hidi/readme.md) + +- Microsoft.OpenApi.Workbench + + A workbench tool consisting of a GUI where you can test and convert OpenAPI descriptions in both JSON and YAML from v2-->v3 and vice versa. + + #### Installation guidelines: + 1. Clone the repo locally by running this command: + `git clone https://github.com/microsoft/OpenAPI.NET.git` + 2. Open the solution file `(.sln)` in the root of the project with Visual Studio + 3. Navigate to the `src/Microsoft.OpenApi.Workbench` directory and set it as the startup project + 4. Run the project and you'll see a GUI pop up resembling the one below: + + + + + 5. Copy and paste your OpenAPI descriptions in the **Input Content** window or paste the path to the descriptions file in the **Input File** textbox and click on `Convert` to render the results. # Contributing @@ -110,4 +127,4 @@ This project has adopted the [Microsoft Open Source Code of Conduct](https://ope For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments. -To provide feedback and ask questions you can use Stack Overflow with the [OpenAPI.NET](https://stackoverflow.com/questions/tagged/openapi.net) tag or use the OpenAPI.NET Slack channel which you can join by registering for the HTTP APIs team at http://slack.httpapis.com. +To provide feedback and ask questions you can use Stack Overflow with the [OpenAPI.NET](https://stackoverflow.com/questions/tagged/openapi.net) tag. diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..766e6f887 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,41 @@ + + +## Security + +Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/). + +If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://docs.microsoft.com/previous-versions/tn-archive/cc751383(v=technet.10)), please report it to us as described below. + +## Reporting Security Issues + +**Please do not report security vulnerabilities through public GitHub issues.** + +Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report). + +If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/msrc/pgp-key-msrc). + +You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc). + +Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: + + * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) + * Full paths of source file(s) related to the manifestation of the issue + * The location of the affected source code (tag/branch/commit or direct URL) + * Any special configuration required to reproduce the issue + * Step-by-step instructions to reproduce the issue + * Proof-of-concept or exploit code (if possible) + * Impact of the issue, including how an attacker might exploit the issue + +This information will help us triage your report more quickly. + +If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://microsoft.com/msrc/bounty) page for more details about our active programs. + +## Preferred Languages + +We prefer all communications to be in English. + +## Policy + +Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/msrc/cvd). + + diff --git a/build.cmd b/build.cmd index b3612c9ed..43cc95956 100644 --- a/build.cmd +++ b/build.cmd @@ -1,21 +1,21 @@ @echo off -Echo Building Microsoft.OpenApi +Echo Building Microsoft.OpenApi -SET PROJ=%~dp0src\Microsoft.OpenApi\Microsoft.OpenApi.csproj +SET PROJ=%~dp0src\Microsoft.OpenApi\Microsoft.OpenApi.csproj dotnet msbuild %PROJ% /t:restore /p:Configuration=Release dotnet msbuild %PROJ% /t:build /p:Configuration=Release dotnet msbuild %PROJ% /t:pack /p:Configuration=Release;PackageOutputPath=%~dp0artifacts Echo Building Microsoft.OpenApi.Readers -SET PROJ=%~dp0src\Microsoft.OpenApi.Readers\Microsoft.OpenApi.Readers.csproj +SET PROJ=%~dp0src\Microsoft.OpenApi.Readers\Microsoft.OpenApi.Readers.csproj dotnet msbuild %PROJ% /t:restore /p:Configuration=Release dotnet msbuild %PROJ% /t:build /p:Configuration=Release dotnet msbuild %PROJ% /t:pack /p:Configuration=Release;PackageOutputPath=%~dp0artifacts -Echo Building Microsoft.OpenApi.Tool +Echo Building Microsoft.OpenApi.Hidi -SET PROJ=%~dp0src\Microsoft.OpenApi.Tool\Microsoft.OpenApi.Tool.csproj +SET PROJ=%~dp0src\Microsoft.OpenApi.Hidi\Microsoft.OpenApi.Hidi.csproj dotnet msbuild %PROJ% /t:restore /p:Configuration=Release dotnet msbuild %PROJ% /t:build /p:Configuration=Release dotnet msbuild %PROJ% /t:pack /p:Configuration=Release;PackageOutputPath=%~dp0artifacts diff --git a/docs/CI-CD_DOCUMENTATION.md b/docs/CI-CD_DOCUMENTATION.md deleted file mode 100644 index 40053cf82..000000000 --- a/docs/CI-CD_DOCUMENTATION.md +++ /dev/null @@ -1,81 +0,0 @@ -# CI/CD documentation - -## 1. Run workflow manually - -1. Go to the project's GitHub repository and click on the **Actions** tab - -2. From the "Workflows" list on the left, click on "CI/CD Pipeline" - -3. On the right, next to the "This workflow has a workflow_dispatch event trigger" label, click on the "Run workflow" dropdown, make sure the default branch is selected (if not manually changed, should be main or master) in the "Use workflow from" dropdown and click the "Run workflow" button - -![Actions_workflow_dispatch](images/Actions_workflow_dispatch.png) - -NOTE: **screenshots are only exemplary** - -
- -## 2. Automated NuGet publishing - -To setup the automated publishing to NuGet: - -1. Go to the repo **Settings** tab -> **Secrets** - -2. Add a secret with the name `NUGET_API_KEY` and as value use an API key from NuGet.org that is assigned to the packages for this project - -NOTE: the automated NuGet publishing is execute **only** when a release is triggered by the ["Automated versioning" feature](#3-automated-versioning) - -
- -## 3. Automated versioning - -Automatically bumps up the GitHub tag in the repo and executes the CD job - -Note: **not every commit to your default branch creates a release** - -Follow these instructions for any commit (push or PR merge) to your default branch, you would like to execute the automated versioning. - -You would need one of three keywords at the start of your commit title. Each of the three keywords corresponds to a number in your release version i.e. v1.2.3. The release versioning uses the ["Conventional Commits" specification](https://www.conventionalcommits.org/en/v1.0.0/): - -- "fix: ..." - this keyword corresponds to the last number v1.2.**3**, also known as PATCH; -- "feat: ..." - this keyword corresponds to the middle number v1.**2**.3, also known as MINOR; -- "perf: ..." - this keyword corresponds to the first number v**1**.2.3, also known as MAJOR. In addition, to trigger a MAJOR release, you would need to write "BREAKING CHANGE: ..." in the description of the commit, with an empty line above it to indicate it is in the