# yaml-language-server: $schema=https://json.schemastore.org/github-action.json # permissions: # - contents: read # Required for checking out repository # - security-events: write # Required for uploading SARIF results --- name: 'C# Lint Check' description: 'Runs linters like StyleCop or dotnet-format for C# code style checks.' author: 'Ismo Vuorinen' branding: icon: 'code' color: 'blue' inputs: dotnet-version: description: 'Version of .NET SDK to use.' required: false token: description: 'GitHub token for authentication' required: false default: '' outputs: lint_status: description: 'Overall lint status (success/failure)' value: ${{ steps.dotnet-format.outcome == 'success' && 'success' || 'failure' }} errors_count: description: 'Number of formatting errors found' value: ${{ steps.dotnet-format.outputs.errors_count || '0' }} warnings_count: description: 'Number of formatting warnings found' value: ${{ steps.dotnet-format.outputs.warnings_count || '0' }} runs: using: composite steps: - name: Validate Inputs id: validate shell: bash env: DOTNET_VERSION: ${{ inputs.dotnet-version }} run: | set -euo pipefail # Validate .NET version format if provided if [[ -n "$DOTNET_VERSION" ]]; then if ! [[ "$DOTNET_VERSION" =~ ^[0-9]+(\.[0-9]+(\.[0-9]+)?)?$ ]]; then echo "::error::Invalid dotnet-version format: '$DOTNET_VERSION'. Expected format: X.Y or X.Y.Z (e.g., 7.0, 8.0.100)" exit 1 fi # Check for reasonable version range (prevent malicious inputs) major_version=$(echo "$DOTNET_VERSION" | cut -d'.' -f1) if [ "$major_version" -lt 3 ] || [ "$major_version" -gt 20 ]; then echo "::error::Invalid dotnet-version: '$DOTNET_VERSION'. Major version should be between 3 and 20" exit 1 fi fi echo "Input validation completed successfully" - name: Checkout Repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: token: ${{ inputs.token || github.token }} - name: Detect .NET SDK Version id: detect-dotnet-version uses: ./dotnet-version-detect with: default-version: ${{ inputs.dotnet-version || '7.0' }} - name: Setup .NET SDK uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d # v5.0.0 with: dotnet-version: ${{ steps.detect-dotnet-version.outputs.dotnet-version }} - name: Install dotnet-format shell: bash run: | set -euo pipefail dotnet tool install --global dotnet-format --version 7.0.1 - name: Run dotnet-format id: dotnet-format shell: bash run: | set -euo pipefail # Initialize counters errors_count=0 warnings_count=0 if ! dotnet format --check --report sarif --report-file dotnet-format.sarif; then # Parse SARIF file to count errors and warnings if it exists if [ -f "dotnet-format.sarif" ]; then if command -v jq >/dev/null 2>&1; then errors_count=$(jq '[.runs[].results[]? | select(.level == "error" or (.level // "error") == "error")] | length' dotnet-format.sarif 2>/dev/null || echo "0") warnings_count=$(jq '[.runs[].results[]? | select(.level == "warning")] | length' dotnet-format.sarif 2>/dev/null || echo "0") fi fi echo "errors_count=$errors_count" >> $GITHUB_OUTPUT echo "warnings_count=$warnings_count" >> $GITHUB_OUTPUT echo "::error::Code formatting issues found. Check the SARIF report for details." exit 1 else echo "errors_count=0" >> $GITHUB_OUTPUT echo "warnings_count=0" >> $GITHUB_OUTPUT fi - name: Upload SARIF Report uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 with: sarif_file: dotnet-format.sarif