From 72f3223b6a153cd1fae540f5d7388842e2f9ac1e Mon Sep 17 00:00:00 2001 From: bcbuild-github-agent <137281497+bcbuild-github-agent@users.noreply.github.com> Date: Wed, 21 Aug 2024 11:15:51 +0200 Subject: [PATCH] Deploying AL-Go from main (a2c4efcc730e9b264f74cb321e7c2193c8c96b8d) to main (#80) Deploying AL-Go from main (a2c4efcc730e9b264f74cb321e7c2193c8c96b8d) to main Co-authored-by: microsoft --- .AL-Go/cloudDevEnv.ps1 | 31 +-- .AL-Go/localDevEnv.ps1 | 31 +-- .github/RELEASENOTES.copy.md | 180 +++++++++++++++--- .../workflows/AddExistingAppOrTestApp.yaml | 22 ++- .github/workflows/CICD.yaml | 77 ++++---- .github/workflows/CreateApp.yaml | 22 ++- .../CreateOnlineDevelopmentEnvironment.yaml | 36 ++-- .../workflows/CreatePerformanceTestApp.yaml | 22 ++- .github/workflows/CreateRelease.yaml | 58 +++--- .github/workflows/CreateTestApp.yaml | 22 ++- .github/workflows/Current.yaml | 25 +-- .../DeployReferenceDocumentation.yaml | 41 ++-- .github/workflows/IncrementVersionNumber.yaml | 22 ++- .github/workflows/NextMajor.yaml | 25 +-- .github/workflows/NextMinor.yaml | 25 +-- .github/workflows/PublishToEnvironment.yaml | 52 ++--- .../workflows/PullPowerPlatformChanges.yaml | 21 +- .github/workflows/PullRequestHandler.yaml | 36 ++-- .../workflows/PushPowerPlatformChanges.yaml | 21 +- .github/workflows/Troubleshooting.yaml | 6 +- .../workflows/UpdateGitHubGoSystemFiles.yaml | 21 +- .github/workflows/_BuildALGoProject.yaml | 60 +++--- .../_BuildPowerPlatformSolution.yaml | 12 +- README.md | 1 + SECURITY.md | 16 +- 25 files changed, 538 insertions(+), 347 deletions(-) diff --git a/.AL-Go/cloudDevEnv.ps1 b/.AL-Go/cloudDevEnv.ps1 index 84a82ed..03f50cc 100644 --- a/.AL-Go/cloudDevEnv.ps1 +++ b/.AL-Go/cloudDevEnv.ps1 @@ -12,6 +12,21 @@ Param( $errorActionPreference = "Stop"; $ProgressPreference = "SilentlyContinue"; Set-StrictMode -Version 2.0 +function DownloadHelperFile { + param( + [string] $url, + [string] $folder + ) + + $prevProgressPreference = $ProgressPreference; $ProgressPreference = 'SilentlyContinue' + $name = [System.IO.Path]::GetFileName($url) + Write-Host "Downloading $name from $url" + $path = Join-Path $folder $name + Invoke-WebRequest -UseBasicParsing -uri $url -OutFile $path + $ProgressPreference = $prevProgressPreference + return $path +} + try { Clear-Host Write-Host @@ -25,17 +40,11 @@ Write-Host -ForegroundColor Yellow @' '@ -$webClient = New-Object System.Net.WebClient -$webClient.CachePolicy = New-Object System.Net.Cache.RequestCachePolicy -argumentList ([System.Net.Cache.RequestCacheLevel]::NoCacheNoStore) -$webClient.Encoding = [System.Text.Encoding]::UTF8 -$GitHubHelperUrl = 'https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.2/Github-Helper.psm1' -Write-Host "Downloading GitHub Helper module from $GitHubHelperUrl" -$GitHubHelperPath = "$([System.IO.Path]::GetTempFileName()).psm1" -$webClient.DownloadFile($GitHubHelperUrl, $GitHubHelperPath) -$ALGoHelperUrl = 'https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.2/AL-Go-Helper.ps1' -Write-Host "Downloading AL-Go Helper script from $ALGoHelperUrl" -$ALGoHelperPath = "$([System.IO.Path]::GetTempFileName()).ps1" -$webClient.DownloadFile($ALGoHelperUrl, $ALGoHelperPath) +$tmpFolder = Join-Path ([System.IO.Path]::GetTempPath()) "$([Guid]::NewGuid().ToString())" +New-Item -Path $tmpFolder -ItemType Directory -Force | Out-Null +$GitHubHelperPath = DownloadHelperFile -url 'https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.3/Github-Helper.psm1' -folder $tmpFolder +$ALGoHelperPath = DownloadHelperFile -url 'https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.3/AL-Go-Helper.ps1' -folder $tmpFolder +DownloadHelperFile -url 'https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.3/Packages.json' -folder $tmpFolder | Out-Null Import-Module $GitHubHelperPath . $ALGoHelperPath -local diff --git a/.AL-Go/localDevEnv.ps1 b/.AL-Go/localDevEnv.ps1 index 105816d..5f37848 100644 --- a/.AL-Go/localDevEnv.ps1 +++ b/.AL-Go/localDevEnv.ps1 @@ -16,6 +16,21 @@ Param( $errorActionPreference = "Stop"; $ProgressPreference = "SilentlyContinue"; Set-StrictMode -Version 2.0 +function DownloadHelperFile { + param( + [string] $url, + [string] $folder + ) + + $prevProgressPreference = $ProgressPreference; $ProgressPreference = 'SilentlyContinue' + $name = [System.IO.Path]::GetFileName($url) + Write-Host "Downloading $name from $url" + $path = Join-Path $folder $name + Invoke-WebRequest -UseBasicParsing -uri $url -OutFile $path + $ProgressPreference = $prevProgressPreference + return $path +} + try { Clear-Host Write-Host @@ -29,17 +44,11 @@ Write-Host -ForegroundColor Yellow @' '@ -$webClient = New-Object System.Net.WebClient -$webClient.CachePolicy = New-Object System.Net.Cache.RequestCachePolicy -argumentList ([System.Net.Cache.RequestCacheLevel]::NoCacheNoStore) -$webClient.Encoding = [System.Text.Encoding]::UTF8 -$GitHubHelperUrl = 'https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.2/Github-Helper.psm1' -Write-Host "Downloading GitHub Helper module from $GitHubHelperUrl" -$GitHubHelperPath = "$([System.IO.Path]::GetTempFileName()).psm1" -$webClient.DownloadFile($GitHubHelperUrl, $GitHubHelperPath) -$ALGoHelperUrl = 'https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.2/AL-Go-Helper.ps1' -Write-Host "Downloading AL-Go Helper script from $ALGoHelperUrl" -$ALGoHelperPath = "$([System.IO.Path]::GetTempFileName()).ps1" -$webClient.DownloadFile($ALGoHelperUrl, $ALGoHelperPath) +$tmpFolder = Join-Path ([System.IO.Path]::GetTempPath()) "$([Guid]::NewGuid().ToString())" +New-Item -Path $tmpFolder -ItemType Directory -Force | Out-Null +$GitHubHelperPath = DownloadHelperFile -url 'https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.3/Github-Helper.psm1' -folder $tmpFolder +$ALGoHelperPath = DownloadHelperFile -url 'https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.3/AL-Go-Helper.ps1' -folder $tmpFolder +DownloadHelperFile -url 'https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.3/Packages.json' -folder $tmpFolder | Out-Null Import-Module $GitHubHelperPath . $ALGoHelperPath -local diff --git a/.github/RELEASENOTES.copy.md b/.github/RELEASENOTES.copy.md index 402d720..aec9a40 100644 --- a/.github/RELEASENOTES.copy.md +++ b/.github/RELEASENOTES.copy.md @@ -1,6 +1,62 @@ +## v5.3 + +### Issues + +- Issue 1105 Increment Version Number - repoVersion in .github/AL-Go-Settings.json is not updated +- Issue 1073 Publish to AppSource - Automated validation: failure +- Issue 980 Allow Scope to be PTE in continuousDeployment for PTE extensions in Sandbox (enhancement request) +- Issue 1079 AppSource App deployment failes with PerTenantExtensionCop Error PTE0001 and PTE0002 +- Issue 866 Accessing GitHub Environment Variables in DeployToCustom Scenarios for PowerShell Scripts +- Issue 1083 SyncMode for custom deployments? +- Issue 1109 Why filter deployment settings? +- Fix issue with github ref when running reusable workflows +- Issue 1098 Support for specifying the name of the AZURE_CREDENTIALS secret by adding a AZURE_CREDENTIALSSecretName setting +- Fix placeholder syntax for git ref in PullRequestHandler.yaml +- Issue 1164 Getting secrets from Azure key vault fails in Preview + +### Dependencies to PowerShell modules + +AL-Go for GitHub relies on specific PowerShell modules, and the minimum versions required for these modules are tracked in [Packages.json](https://raw.githubusercontent.com/microsoft/AL-Go/main/Actions/Packages.json) file. Should the installed modules on the GitHub runner not meet these minimum requirements, the necessary modules will be installed as needed. + +### Support managed identities and federated credentials + +All authentication context secrets now supports managed identities and federated credentials. See more [here](Scenarios/secrets.md). Furthermore, you can now use https://aka.ms/algosecrets#authcontext to learn more about the formatting of that secret. + +### Business Central Performance Toolkit Test Result Viewer + +In the summary after a Test Run, you now also have the result of performance tests. + +### Support Ubuntu runners for all AL-Go workflows + +Previously, the workflows "Update AL-Go System Files" and "TroubleShooting" were hardcoded to always run on `windows-latest` to prevent deadlocks and security issues. +From now on, `ubuntu-lates` will also be allowed for these mission critical workflows, when changing the `runs-on` setting. Additionally, only the value `pwsh` for `shell` setting is allowed when using `ubuntu-latest` runners. + +### Updated AL-Go telemetry + +AL-Go for GitHub now includes a new telemetry module. For detailed information on how to enable or disable telemetry and to see what data AL-Go logs, check out [this article](https://github.com/microsoft/AL-Go/blob/main/Scenarios/EnablingTelemetry.md). + +### New Settings + +- `deployTo`: is not really new, but has a new property: + + - **Scope** = specifies the scope of the deployment: Dev, PTE. If not specified, AL-Go for GitHub will always use the Dev Scope for AppSource Apps, but also for PTEs when deploying to sandbox environments when impersonation (refreshtoken) is used for authentication. + - **BuildMode** = specifies which buildMode to use for the deployment. Default is to use the Default buildMode. + - **\** = custom properties are now supported and will be transferred to a custom deployment script in the hashtable. + +- `bcptThresholds` is a JSON object with properties for the default thresholds for the Business Central Performance Toolkit + + - **DurationWarning** - a warning is issued if the duration of a bcpt test degrades more than this percentage (default 10) + - **DurationError** - an error is issued if the duration of a bcpt test degrades more than this percentage (default 25) + - **NumberOfSqlStmtsWarning** - a warning is issued if the number of SQL statements from a bcpt test increases more than this percentage (default 5) + - **NumberOfSqlStmtsError** - an error is issued if the number of SQL statements from a bcpt test increases more than this percentage (default 10) + +> \[!NOTE\] +> Duration thresholds are subject to varying results depending on the performance of the agent running the tests. Number of SQL statements executed by a test is often the most reliable indicator of performance degredation. + ## v5.2 ### Issues + - Issue 1084 Automatic updates for AL-Go are failing when main branch requires Pull Request ### New Settings @@ -21,7 +77,7 @@ - **Pull PowerPlatform Changes** for pulling changes from your PowerPlatform development environment into your AL-Go for GitHub repository - **Push PowerPlatform Changes** for pushing changes from your AL-Go for GitHub repository to your PowerPlatform development environment -> [!NOTE] +> \[!NOTE\] > PowerPlatform workflows are only available in the PTE template and will be removed if no PowerPlatformSolutionFolder is defined in settings. ### New Scenarios (Documentation) @@ -31,7 +87,7 @@ - [Try one of the Business Central and Power Platform samples](https://github.com/microsoft/AL-Go/blob/main/Scenarios/TryPowerPlatformSamples.md) - [Publish To AppSource](https://github.com/microsoft/AL-Go/blob/main/Scenarios/PublishToAppSource.md) -> [!NOTE] +> \[!NOTE\] > PowerPlatform functionality are only available in the PTE template. ## v5.1 @@ -56,6 +112,7 @@ ### Better artifact selection The artifact setting in your project settings file can now contain a `*` instead of the version number. This means that AL-Go for GitHub will determine the application dependency for your projects together with the `applicationDependency` setting and determine which Business Central version is needed for the project. + - `"artifact": "//*//latest"` will give you the latest Business Central version, higher than your application dependency and with the same major.minor as your application dependency. - `"artifact": "//*//first"` will give you the first Business Central version, higher than your application dependency and with the same major.minor as your application dependency. @@ -81,35 +138,43 @@ Adding -clean when running localdevenv or clouddevenv will create a clean develo ## v5.0 ### Issues + - Issue 940 Publish to Environment is broken when specifying projects to publish - Issue 994 CI/CD ignores Deploy to GitHub Pages in private repositories ### New Settings -- `UpdateALGoSystemFilesEnvironment`: The name of the environment that is referenced in job `UpdateALGoSystemFiles` in the _Update AL-Go System Files_ workflow. See [jobs..environment](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idenvironment) for more information. Currently, only setting the environment name is supported. + +- `UpdateALGoSystemFilesEnvironment`: The name of the environment that is referenced in job `UpdateALGoSystemFiles` in the _Update AL-Go System Files_ workflow. See [jobs.\.environment](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idenvironment) for more information. Currently, only setting the environment name is supported. ### Issues + - Support release branches that start with releases/ - Issue 870 Improve Error Handling when CLI is missing - Issue 889 CreateRelease and IncrementVersionNumber workflow did not handle wild characters in `appFolders`, `testFolders` or `bcptTestFolders` settings. - Issue 973 Prerelease is not used for deployment ### Build modes + AL-Go ships with Default, Translated and Clean mode out of the box. Now you can also define custom build modes in addition to the ones shipped with AL-Go. This allows you to define your own build modes, which can be used to build your apps in different ways. By default, a custom build mode will build the apps similarly to the Default mode but this behavior can be overridden in e.g. script overrides in your repository. ## v4.1 ### New Settings + - `templateSha`: The SHA of the version of AL-Go currently used ### New Actions + - `DumpWorkflowInfo`: Dump information about running workflow - `Troubleshooting` : Run troubleshooting for repository ### Update AL-Go System Files + Add another parameter when running Update AL-Go System Files, called downloadLatest, used to indicate whether to download latest version from template repository. Default value is true. If false, the templateSha repository setting is used to download specific AL-Go System Files when calculating new files. ### Issues + - Issue 782 Exclude '.altestrunner/' from template .gitignore - Issue 823 Dependencies from prior build jobs are not included when using useProjectDependencies - App artifacts for version 'latest' are now fetched from the latest CICD run that completed and successfully built all the projects for the corresponding branch. @@ -132,10 +197,12 @@ If false, the templateSha repository setting is used to download specific AL-Go - *Note that in header, footer, defaultIndexMD and defaultReleaseMD you can use the following placeholders: {REPOSITORY}, {VERSION}, {INDEXTEMPLATERELATIVEPATH}, {RELEASENOTES}* ### New Workflows + - **Deploy Reference Documentation** is a workflow, which you can invoke manually or on a schedule to generate and deploy reference documentation using the aldoc tool, using the ALDoc setting properties described above. - **Troubleshooting** is a workflow, which you can invoke manually to run troubleshooting on the repository and check for settings or secrets, containing illegal values. When creating issues on https://github.com/microsoft/AL-Go/issues, we might ask you to run the troubleshooter to help identify common problems. ### Support for ALDoc reference documentation tool + ALDoc reference documentation tool is now supported for generating and deploying reference documentation for your projects either continuously or manually/scheduled. ## v4.0 @@ -147,19 +214,22 @@ As of October 1st 2023, Business Central insider builds are now publicly availab AL-Go for GitHub allows you to build and test using insider builds without any explicit approval, but please note that the insider artifacts contains the insider Eula and you automatically accept this when using the builds. ### Issues + - Issue 730 Support for external rulesets. - Issue 739 Workflow specific KeyVault settings doesn't work for localDevEnv -- Using self-hosted runners while using Azure KeyVault for secrets or signing might fail with C:\Modules doesn't exist +- Using self-hosted runners while using Azure KeyVault for secrets or signing might fail with C:\\Modules doesn't exist - PullRequestHandler wasn't triggered if only .md files where changes. This lead to PRs which couldn't be merged if a PR status check was mandatory. - Artifacts names for PR Builds were using the merge branch instead of the head branch. ### New Settings + - `enableExternalRulesets`: set this setting to true if you want to allow AL-Go to automatically download external references in rulesets. - `deliverTo`: is not really new, but has new properties and wasn't documented. The complete list of properties is here (note that some properties are deliveryTarget specific): - - **Branches** = an array of branch patterns, which are allowed to deliver to this deliveryTarget. (Default [ "main" ]) - - **CreateContainerIfNotExist** = *[Only for DeliverToStorage]* Create Blob Storage Container if it doesn't already exist. (Default false) + - **Branches** = an array of branch patterns, which are allowed to deliver to this deliveryTarget. (Default \[ "main" \]) + - **CreateContainerIfNotExist** = *\[Only for DeliverToStorage\]* Create Blob Storage Container if it doesn't already exist. (Default false) ### Deployment + Environment URL is now displayed underneath the environment being deployed to in the build summary. For Custom Deployment, the script can set the GitHub Output variable `environmentUrl` in order to show a custom URL. ## v3.3 @@ -185,18 +255,20 @@ This mechanism is no longer supported and you will get an error if your reposito Earlier, you could also specify the projects you want to deploy to an environment in a setting called `_Projects` or `-Projects`. This is also no longer supported. Instead use the `DeployTo` and remove the old settings. ### New Actions + - `DetermineDeliveryTargets`: Determine which delivery targets should be used for delivering artifacts from the build job. - `DetermineDeploymentEnvironments`: Determine which deployment environments should be used for the workflow. ### New Settings + - `projectName`: project setting used as friendly name for an AL-Go project, to be used in the UI for various workflows, e.g. CICD, Pull Request Build. - `fullBuildPatterns`: used by `DetermineProjectsToBuild` action to specify changes in which files and folders would trigger a full build (building all AL-Go projects). - `excludeEnvironments`: used by `DetermineDeploymentEnvironments` action to exclude environments from the list of environments considered for deployment. - `deployTo`: is not really new, but has new properties. The complete list of properties is here: - **EnvironmentType** = specifies the type of environment. The environment type can be used to invoke a custom deployment. (Default SaaS) - **EnvironmentName** = specifies the "real" name of the environment if it differs from the GitHub environment - - **Branches** = an array of branch patterns, which are allowed to deploy to this environment. (Default [ "main" ]) - - **Projects** = In multi-project repositories, this property can be a comma separated list of project patterns to deploy to this environment. (Default *) + - **Branches** = an array of branch patterns, which are allowed to deploy to this environment. (Default \[ "main" \]) + - **Projects** = In multi-project repositories, this property can be a comma separated list of project patterns to deploy to this environment. (Default \*) - **SyncMode** = ForceSync if deployment to this environment should happen with ForceSync, else Add. If deploying to the development endpoint you can also specify Development or Clean. (Default Add) - **ContinuousDeployment** = true if this environment should be used for continuous deployment, else false. (Default: AL-Go will continuously deploy to sandbox environments or environments, which doesn't end in (PROD) or (FAT) - **runs-on** = specifies which GitHub runner to use when deploying to this environment. (Default is settings.runs-on) @@ -223,6 +295,7 @@ By specifying a custom EnvironmentType in the DeployTo structure for an environm AL-Go for GitHub now adds status checks to Pull Requests Builds. In your GitHub branch protection rules, you can set up "Pull Request Status Check" to be a required status check to ensure Pull Request Builds succeed before merging. ### Secrets in AL-Go for GitHub + In v3.2 of AL-Go for GitHub, all secrets requested by AL-Go for GitHub were available to all steps in a job one compressed JSON structure in env:Secrets. With this update, only the steps that actually requires secrets will have the secrets available. @@ -243,6 +316,7 @@ Create Online Development environment workflow didn't work if runs-on was set to Special characters are not supported in RepoName, Project names or other settings - Use UTF8 encoding to handle special characters in GITHUB_OUTPUT and GITHUB_ENV ### Issue 555 + AL-Go contains several workflows, which create a Pull Request or pushes code directly. All (except Update AL-Go System Files) earlier used the GITHUB_TOKEN to create the PR or commit. The problem using GITHUB_TOKEN is that is doesn't trigger a pull request build or a commit build. @@ -250,20 +324,23 @@ This is by design: https://docs.github.com/en/actions/using-workflows/triggering Now, you can set the checkbox called Use GhTokenWorkflow to allowing you to use the GhTokenWorkflow instead of the GITHUB_TOKEN - making sure that workflows are triggered ### New Settings + - `keyVaultCodesignCertificateName`: With this setting you can delegate the codesigning to an Azure Key Vault. This can be useful if your certificate has to be stored in a Hardware Security Module - `PullRequestTrigger`: With this setting you can set which trigger to use for Pull Request Builds. By default AL-Go will use pull_request_target. ### New Actions + - `DownloadProjectDependencies`: Downloads the dependency apps for a given project and build mode. ### Settings and Secrets in AL-Go for GitHub + In earlier versions of AL-Go for GitHub, all settings were available as individual environment variables to scripts and overrides, this is no longer the case. Settings were also available as one compressed JSON structure in env:Settings, this is still the case. Settings can no longer contain line breaks. It might have been possible to use line breaks earlier, but it would likely have unwanted consequences. Use `$settings = $ENV:Settings | ConvertFrom-Json` to get all settings in PowerShell. In earlier versions of AL-Go for GitHub, all secrets requested by AL-Go for GitHub were available as individual environment variables to scripts and overrides, this is no longer the case. -As described in bug 647, all secrets available to the workflow were also available in env:_Secrets, this is no longer the case. +As described in bug 647, all secrets available to the workflow were also available in env:\_Secrets, this is no longer the case. All requested secrets were also available (base64 encoded) as one compressed JSON structure in env:Secrets, this is still the case. Use `$secrets = $ENV:Secrets | ConvertFrom-Json` to get all requested secrets in PowerShell. You cannot get to any secrets that weren't requested by AL-Go for GitHub. @@ -277,7 +354,6 @@ Issue #453 DeliverToStorage - override fails reading secrets Issue #434 Use gh auth token to get authentication token instead of gh auth status Issue #501 The Create New App action will now use 22.0.0.0 as default application reference and include NoImplicitwith feature. - ### New behavior The following workflows: @@ -298,8 +374,8 @@ All these actions now uses the selected branch in the **Run workflow** dialog as ### New Workflows -- **_BuildALGoProject** is a reusable workflow that unites the steps for building an AL-Go projects. It has been reused in the following workflows: _CI/CD_, _Pull Request Build_, _NextMinor_, _NextMajor_ and _Current_. -The workflow appears under the _Actions_ tab in GitHub, but it is not actionable in any way. +- **\_BuildALGoProject** is a reusable workflow that unites the steps for building an AL-Go projects. It has been reused in the following workflows: _CI/CD_, _Pull Request Build_, _NextMinor_, _NextMajor_ and _Current_. + The workflow appears under the _Actions_ tab in GitHub, but it is not actionable in any way. ### New Actions @@ -313,29 +389,36 @@ Obviously, if you build and test your app for Business Central versions prior to ## v3.0 ### **NOTE:** When upgrading to this version + When upgrading to this version form earlier versions of AL-Go for GitHub, you will need to run the _Update AL-Go System Files_ workflow twice if you have the `useProjectDependencies` setting set to _true_. ### Publish to unknown environment + You can now run the **Publish To Environment** workflow without creating the environment in GitHub or settings up-front, just by specifying the name of a single environment in the Environment Name when running the workflow. Subsequently, if an AuthContext secret hasn't been created for this environment, the Device Code flow authentication will be initiated from the Publish To Environment workflow and you can publish to the new environment without ever creating a secret. Open Workflow details to get the device Code for authentication in the job summary for the initialize job. ### Create Online Dev. Environment + When running the **Create Online Dev. Environment** workflow without having the _adminCenterApiCredentials_ secret created, the workflow will intiate the deviceCode flow and allow you to authenticate to the Business Central Admin Center. Open Workflow details to get the device Code for authentication in the job summary for the initialize job. ### Issues + - Issue #391 Create release action - CreateReleaseBranch error - Issue 434 Building local DevEnv, downloading dependencies: Authentication fails when using "gh auth status" ### Changes to Pull Request Process + In v2.4 and earlier, the PullRequestHandler would trigger the CI/CD workflow to run the PR build. Now, the PullRequestHandler will perform the build and the CI/CD workflow is only run on push (or manual dispatch) and will perform a complete build. ### Build modes per project + Build modes can now be specified per project ### New Actions + - **DetermineProjectsToBuild** is used to determine which projects to build in PullRequestHandler, CI/CD, Current, NextMinor and NextMajor workflows. - **CalculateArtifactNames** is used to calculate artifact names in PullRequestHandler, CI/CD, Current, NextMinor and NextMajor workflows. - **VerifyPRChanges** is used to verify whether a PR contains changes, which are not allowed from a fork. @@ -343,6 +426,7 @@ Build modes can now be specified per project ## v2.4 ### Issues + - Issue #171 create a workspace file when creating a project - Issue #356 Publish to AppSource fails in multi project repo - Issue #358 Publish To Environment Action stopped working in v2.3 @@ -352,9 +436,11 @@ Build modes can now be specified per project - Issue #376 CICD jobs that are triggered by the pull request trigger run directly to an error if title contains quotes ### Release Branches + **NOTE:** Release Branches are now only named after major.minor if the patch value is 0 in the release tag (which must be semver compatible) This version contains a number of bug fixes to release branches, to ensure that the recommended branching strategy is fully supported. Bugs fixed includes: + - Release branches was named after the full tag (1.0.0), even though subsequent hotfixes released from this branch would be 1.0.x - Release branches named 1.0 wasn't picked up as a release branch - Release notes contained the wrong changelog @@ -367,9 +453,11 @@ Recommended branching strategy: ![Branching Strategy](https://raw.githubusercontent.com/microsoft/AL-Go/main/Scenarios/images/branchingstrategy.png) ### New Settings + New Project setting: EnableTaskScheduler in container executing tests and when setting up local development environment ### Support for GitHub variables: ALGoOrgSettings and ALGoRepoSettings + Recently, GitHub added support for variables, which you can define on your organization or your repository. AL-Go now supports that you can define a GitHub variable called ALGoOrgSettings, which will work for all repositories (with access to the variable) Org Settings will be applied before Repo settings and local repository settings files will override values in the org settings @@ -378,11 +466,13 @@ Example for usage could be setup of branching strategies, versioning or an appDe appDependencyProbingPaths from settings variables are merged together with appDependencyProbingPaths defined in repositories ### Refactoring and tests + ReadSettings has been refactored to allow organization wide settings to be added as well. CI Tests have been added to cover ReadSettings. ## v2.3 ### Issues + - Issue #312 Branching enhancements - Issue #229 Create Release action tags wrong commit - Issue #283 Create Release workflow uses deprecated actions @@ -392,45 +482,56 @@ ReadSettings has been refactored to allow organization wide settings to be added - Issue #345 LocalDevEnv.ps1 can't Dowload the file license file ### New Settings + New Project setting: AssignPremiumPlan on user in container executing tests and when setting up local development environment New Repo setting: unusedALGoSystemFiles is an array of AL-Go System Files, which won't be updated during Update AL-Go System Files. They will instead be removed. Use with care, as this can break the AL-Go for GitHub functionality and potentially leave your repo no longer functional. ### Build modes support + AL-Go projects can now be built in different modes, by specifying the _buildModes_ setting in AL-Go-Settings.json. Read more about build modes in the [Basic Repository settings](https://github.com/microsoft/AL-Go/blob/main/Scenarios/settings.md#basic-repository-settings). ### LocalDevEnv / CloudDevEnv + With the support for PowerShell 7 in BcContainerHelper, the scripts LocalDevEnv and CloudDevEnv (placed in the .AL-Go folder) for creating development environments have been modified to run inside VS Code instead of spawning a new powershell 5.1 session. ### Continuous Delivery -Continuous Delivery can now run from other branches than main. By specifying a property called branches, containing an array of branches in the deliveryContext json construct, the artifacts generated from this branch are also delivered. The branch specification can include wildcards (like release/*). Default is main, i.e. no changes to functionality. + +Continuous Delivery can now run from other branches than main. By specifying a property called branches, containing an array of branches in the deliveryContext json construct, the artifacts generated from this branch are also delivered. The branch specification can include wildcards (like release/\*). Default is main, i.e. no changes to functionality. ### Continuous Deployment -Continuous Deployment can now run from other branches than main. By creating a repo setting (.github/AL-Go-Settings.json) called **`-Branches`**, which is an array of branches, which will deploy the generated artifacts to this environment. The branch specification can include wildcards (like release/*), although this probably won't be used a lot in continuous deployment. Default is main, i.e. no changes to functionality. + +Continuous Deployment can now run from other branches than main. By creating a repo setting (.github/AL-Go-Settings.json) called **`-Branches`**, which is an array of branches, which will deploy the generated artifacts to this environment. The branch specification can include wildcards (like release/\*), although this probably won't be used a lot in continuous deployment. Default is main, i.e. no changes to functionality. ### Create Release + When locating artifacts for the various projects, the SHA used to build the artifact is used for the release tag If all projects are not available with the same SHA, this error is thrown: **The build selected for release doesn't contain all projects. Please rebuild all projects by manually running the CI/CD workflow and recreate the release.** There is no longer a hard dependency on the main branch name from Create Release. ### AL-Go Tests + Some unit tests have been added and AL-Go unit tests can now be run directly from VS Code. Another set of end to end tests have also been added and in the documentation on contributing to AL-Go, you can see how to run these in a local fork or from VS Code. ### LF, UTF8 and JSON + GitHub natively uses LF as line seperator in source files. In earlier versions of AL-Go for GitHub, many scripts and actions would use CRLF and convert back and forth. Some files were written with UTF8 BOM (Byte Order Mark), other files without and JSON formatting was done using PowerShell 5.1 (which is different from PowerShell 7). In the latest version, we always use LF as line seperator, UTF8 without BOM and JSON files are written using PowerShell 7. If you have self-hosted runners, you need to ensure that PS7 is installed to make this work. ### Experimental Support + Setting the repo setting "shell" to "pwsh", followed by running Update AL-Go System Files, will cause all PowerShell code to be run using PowerShell 7 instead of PowerShell 5. This functionality is experimental. Please report any issues at https://github.com/microsoft/AL-Go/issues Setting the repo setting "runs-on" to "Ubuntu-Latest", followed by running Update AL-Go System Files, will cause all non-build jobs to run using Linux. This functionality is experimental. Please report any issues at https://github.com/microsoft/AL-Go/issues ## v2.2 ### Enhancements + - Container Event log is added as a build artifact if builds or tests are failing ### Issues + - Issue #280 Overflow error when test result summary was too big - Issue #282, 292 AL-Go for GitHub causes GitHub to issue warnings - Issue #273 Potential security issue in Pull Request Handler in Open Source repositories @@ -440,25 +541,30 @@ Setting the repo setting "runs-on" to "Ubuntu-Latest", followed by running Updat - Issue #287 AL-Go pipeline fails in ReadSettings step ### Changes + - VersioningStrategy 1 is no longer supported. GITHUB_ID has changed behavior (Issue #277) ## v2.1 ### Issues + - Issue #233 AL-Go for GitHub causes GitHub to issue warnings - Issue #244 Give error if AZURE_CREDENTIALS contains line breaks ### Changes + - New workflow: PullRequestHandler to handle all Pull Requests and pass control safely to CI/CD - Changes to yaml files, PowerShell scripts and codeowners files are not permitted from fork Pull Requests - Test Results summary (and failed tests) are now displayed directly in the CI/CD workflow and in the Pull Request Check ### Continuous Delivery + - Proof Of Concept Delivery to GitHub Packages and Nuget ## v2.0 ### Issues + - Issue #143 Commit Message for **Increment Version Number** workflow - Issue #160 Create local DevEnv aith appDependencyProbingPaths - Issue #156 Versioningstrategy 2 doesn't use 24h format @@ -472,15 +578,18 @@ Setting the repo setting "runs-on" to "Ubuntu-Latest", followed by running Updat - Special characters wasn't supported in parameters to GitHub actions (Create New App etc.) ### Continuous Delivery + - Added new GitHub Action "Deliver" to deliver build output to Storage or AppSource - Refactor CI/CD and Release workflows to use new deliver action -- Custom delivery supported by creating scripts with the naming convention DeliverTo*.ps1 in the .github folder +- Custom delivery supported by creating scripts with the naming convention DeliverTo\*.ps1 in the .github folder ### AppSource Apps + - New workflow: Publish to AppSource - Continuous Delivery to AppSource validation supported ### Settings + - New Repo setting: CICDPushBranches can be specified as an array of branches, which triggers a CI/CD workflow on commit. Default is main', release/\*, feature/\* - New Repo setting: CICDPullRequestBranches can be specified as an array of branches, which triggers a CI/CD workflow on pull request. Default is main - New Repo setting: CICDSchedule can specify a CRONTab on when you want to run CI/CD on a schedule. Note that this will disable Push and Pull Request triggers unless specified specifically using CICDPushBranches or CICDPullRequestBranches @@ -491,16 +600,19 @@ Setting the repo setting "runs-on" to "Ubuntu-Latest", followed by running Updat - New project Setting: AppSourceMainAppFolder. If you have multiple appFolders, this is the folder name of the main app to submit to AppSource. ### All workflows -- Support 2 folder levels projects (apps\w1, apps\dk etc.) + +- Support 2 folder levels projects (apps\\w1, apps\\dk etc.) - Better error messages for if an error occurs within an action - Special characters are now supported in secrets - Initial support for agents running inside containers on a host - Optimized workflows to have fewer jobs ### Update AL-Go System Files Workflow + - workflow now displays the currently used template URL when selecting the Run Workflow action ### CI/CD workflow + - Better detection of changed projects - appDependencyProbingPaths did not support multiple projects in the same repository for latestBuild dependencies - appDependencyProbingPaths with release=latestBuild only considered the last 30 artifacts @@ -509,45 +621,56 @@ Setting the repo setting "runs-on" to "Ubuntu-Latest", followed by running Updat - Continue on error with Deploy and Deliver ### CI/CD and Publish To New Environment + - Base functionality for selecting a specific GitHub runner for an environment - Include dependencies artifacts when deploying (if generateDependencyArtifacts is true) ### localDevEnv.ps1 and cloudDevEnv.ps1 + - Display clear error message if something goes wrong ## v1.5 ### Issues + - Issue #100 - Add more resilience to localDevEnv.ps1 and cloudDevEnv.ps1 - Issue #131 - Special characters are not allowed in secrets ### All workflows + - During initialize, all AL-Go settings files are now checked for validity and reported correctly - During initialize, the version number of AL-Go for GitHub is printed in large letters (incl. preview or dev.) ### New workflow: Create new Performance Test App + - Create BCPT Test app and add to bcptTestFolders to run bcpt Tests in workflows (set doNotRunBcptTests in workflow settings for workflows where you do NOT want this) ### Update AL-Go System Files Workflow + - Include release notes of new version in the description of the PR (and in the workflow output) ### CI/CD workflow + - Apps are not signed when the workflow is running as a Pull Request validation - if a secret called applicationInsightsConnectionString exists, then the value of that will be used as ApplicationInsightsConnectionString for the app ### Increment Version Number Workflow + - Bugfix: increment all apps using f.ex. +0.1 would fail. ### Environments -- Add suport for EnvironmentName redirection by adding an Environment Secret under the environment or a repo secret called \_EnvironmentName with the actual environment name. + +- Add suport for EnvironmentName redirection by adding an Environment Secret under the environment or a repo secret called \\_EnvironmentName with the actual environment name. - No default environment name on Publish To Environment -- For multi-project repositories, you can specify an environment secret called Projects or a repo setting called \_Projects, containing the projects you want to deploy to this environment. +- For multi-project repositories, you can specify an environment secret called Projects or a repo setting called \\_Projects, containing the projects you want to deploy to this environment. ### Settings + - New setting: **runs-on** to allow modifying runs-on for all jobs (requires Update AL-Go System files after changing the setting) - New setting: **DoNotSignApps** - setting this to true causes signing of the app to be skipped - New setting: **DoNotPublishApps** - setting this to true causes the workflow to skip publishing, upgrading and testing the app to improve performance. - New setting: **ConditionalSettings** to allow to use different settings for specific branches. Example: + ``` "ConditionalSettings": [ { @@ -561,6 +684,7 @@ Setting the repo setting "runs-on" to "Ubuntu-Latest", followed by running Updat } ] ``` + - Default **BcContainerHelperVersion** is now based on AL-Go version. Preview AL-Go selects preview bcContainerHelper, normal selects latest. - New Setting: **bcptTestFolders** contains folders with BCPT tests, which will run in all build workflows - New Setting: set **doNotRunBcptTest** to true (in workflow specific settings file?) to avoid running BCPT tests @@ -569,54 +693,64 @@ Setting the repo setting "runs-on" to "Ubuntu-Latest", followed by running Updat ## v1.4 ### All workflows + - Add requested permissions to avoid dependency on user/org defaults being too permissive ### Update AL-Go System Files Workflow + - Default host to https://github.com/ (you can enter **myaccount/AL-Go-PTE@main** to change template) -- Support for "just" changing branch (ex. **\@Preview**) to shift to the preview version +- Support for "just" changing branch (ex. **@Preview**) to shift to the preview version ### CI/CD Workflow + - Support for feature branches (naming **feature/\***) - CI/CD workflow will run, but not generate artifacts nor deploy to QA ### Create Release Workflow + - Support for release branches - Force Semver format on release tags - Add support for creating release branches on release (naming release/\*) - Add support for incrementing main branch after release ### Increment version number workflow + - Add support for incremental (and absolute) version number change ### Environments + - Support environmentName redirection in CI/CD and Publish To Environments workflows - If the name in Environments or environments settings doesn't match the actual environment name, -- You can add a secret called EnvironmentName under the environment (or \_ENVIRONMENTNAME globally) - +- You can add a secret called EnvironmentName under the environment (or \\_ENVIRONMENTNAME globally) ## v1.3 ### Issues -- Issue #90 - Environments did not work. Secrets for environments specified in settings can now be **\_AUTHCONTEXT** + +- Issue #90 - Environments did not work. Secrets for environments specified in settings can now be **\\_AUTHCONTEXT** ### CI/CD Workflow + - Give warning instead of error If no artifacts are found in **appDependencyProbingPaths** ## v1.2 ### Issues + - Issue #90 - Environments did not work. Environments (even if only defined in the settings file) did not work for private repositories if you didn't have a premium subscription. ### Local scripts -- **LocalDevEnv.ps1** and ***CloudDevEnv.ps1** will now spawn a new PowerShell window as admin instead of running inside VS Code. Normally people doesn't run VS Code as administrator, and they shouldn't have to. Furthermore, I have seen a some people having problems when running these scripts inside VS Code. +- **LocalDevEnv.ps1** and \***CloudDevEnv.ps1** will now spawn a new PowerShell window as admin instead of running inside VS Code. Normally people doesn't run VS Code as administrator, and they shouldn't have to. Furthermore, I have seen a some people having problems when running these scripts inside VS Code. ## v1.1 ### Settings + - New Repo Setting: **GenerateDependencyArtifact** (default **false**). When true, CI/CD pipeline generates an artifact with the external dependencies used for building the apps in this repo. - New Repo Setting: **UpdateDependencies** (default **false**). When true, the default artifact for building the apps in this repo is not the latest available artifacts for this country, but instead the first compatible version (after calculating application dependencies). It is recommended to run Test Current, Test NextMinor and Test NextMajor in order to test your app against current and future builds. ### CI/CD Workflow + - New Artifact: BuildOutput.txt. All compiler warnings and errors are emitted to this file to make it easier to investigate compiler errors and build a better UI for build errors and test results going forward. - TestResults artifact name to include repo version number and workflow name (for Current, NextMinor and NextMajor) - Default dependency version in appDependencyProbingPaths setting used is now latest Release instead of LatestBuild diff --git a/.github/workflows/AddExistingAppOrTestApp.yaml b/.github/workflows/AddExistingAppOrTestApp.yaml index 88ba0d7..ba48181 100644 --- a/.github/workflows/AddExistingAppOrTestApp.yaml +++ b/.github/workflows/AddExistingAppOrTestApp.yaml @@ -22,7 +22,9 @@ on: default: false permissions: + actions: read contents: write + id-token: write pull-requests: write defaults: @@ -39,28 +41,27 @@ jobs: runs-on: [ windows-latest ] steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0090" - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} @@ -68,19 +69,20 @@ jobs: useGhTokenWorkflowForPush: '${{ github.event.inputs.useGhTokenWorkflow }}' - name: Add existing app - uses: microsoft/AL-Go-Actions/AddExistingApp@v5.2 + uses: microsoft/AL-Go-Actions/AddExistingApp@v5.3 with: shell: powershell token: ${{ steps.ReadSecrets.outputs.TokenForPush }} - parentTelemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} project: ${{ github.event.inputs.project }} url: ${{ github.event.inputs.url }} directCommit: ${{ github.event.inputs.directCommit }} - name: Finalize the workflow if: always() - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0090" telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/CICD.yaml b/.github/workflows/CICD.yaml index af7e1d2..726efe7 100644 --- a/.github/workflows/CICD.yaml +++ b/.github/workflows/CICD.yaml @@ -14,8 +14,9 @@ defaults: shell: powershell permissions: - contents: read actions: read + contents: read + id-token: write pages: read env: @@ -44,25 +45,24 @@ jobs: workflowDepth: ${{ steps.DetermineWorkflowDepth.outputs.WorkflowDepth }} steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: lfs: true - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0091" - name: Read settings id: ReadSettings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell get: type, powerPlatformSolutionFolder @@ -74,7 +74,7 @@ jobs: - name: Determine Projects To Build id: determineProjectsToBuild - uses: microsoft/AL-Go-Actions/DetermineProjectsToBuild@v5.2 + uses: microsoft/AL-Go-Actions/DetermineProjectsToBuild@v5.3 with: shell: powershell maxBuildDepth: ${{ env.workflowDepth }} @@ -87,7 +87,7 @@ jobs: - name: Determine Delivery Target Secrets id: DetermineDeliveryTargetSecrets - uses: microsoft/AL-Go-Actions/DetermineDeliveryTargets@v5.2 + uses: microsoft/AL-Go-Actions/DetermineDeliveryTargets@v5.3 with: shell: powershell projectsJson: '${{ steps.determineProjectsToBuild.outputs.ProjectsJson }}' @@ -95,7 +95,7 @@ jobs: - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} @@ -103,7 +103,7 @@ jobs: - name: Determine Delivery Targets id: DetermineDeliveryTargets - uses: microsoft/AL-Go-Actions/DetermineDeliveryTargets@v5.2 + uses: microsoft/AL-Go-Actions/DetermineDeliveryTargets@v5.3 env: Secrets: '${{ steps.ReadSecrets.outputs.Secrets }}' with: @@ -113,7 +113,7 @@ jobs: - name: Determine Deployment Environments id: DetermineDeploymentEnvironments - uses: microsoft/AL-Go-Actions/DetermineDeploymentEnvironments@v5.2 + uses: microsoft/AL-Go-Actions/DetermineDeploymentEnvironments@v5.3 env: GITHUB_TOKEN: ${{ github.token }} with: @@ -126,16 +126,16 @@ jobs: runs-on: [ windows-latest ] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell get: templateUrl - name: Check for updates to AL-Go system files - uses: microsoft/AL-Go-Actions/CheckForUpdates@v5.2 + uses: microsoft/AL-Go-Actions/CheckForUpdates@v5.3 with: shell: powershell templateUrl: ${{ env.templateUrl }} @@ -154,7 +154,6 @@ jobs: with: shell: ${{ needs.Initialization.outputs.githubRunnerShell }} runsOn: ${{ needs.Initialization.outputs.githubRunner }} - parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} project: ${{ matrix.project }} projectName: ${{ matrix.projectName }} buildMode: ${{ matrix.buildMode }} @@ -182,7 +181,7 @@ jobs: DeployALDoc: needs: [ Initialization, Build ] if: (!cancelled()) && needs.Build.result == 'Success' && needs.Initialization.outputs.generateALDocArtifact == 1 && github.ref_name == 'main' - runs-on: windows-latest + runs-on: [ windows-latest ] name: Deploy Reference Documentation permissions: contents: read @@ -194,37 +193,37 @@ jobs: url: ${{ steps.deployment.outputs.page_url }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Download artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: path: '.artifacts' - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell - name: Setup Pages if: needs.Initialization.outputs.deployALDocArtifact == 1 - uses: actions/configure-pages@v5 + uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0 - name: Build Reference Documentation - uses: microsoft/AL-Go-Actions/BuildReferenceDocumentation@v5.2 + uses: microsoft/AL-Go-Actions/BuildReferenceDocumentation@v5.3 with: shell: powershell artifacts: '.artifacts' - name: Upload pages artifact - uses: actions/upload-pages-artifact@v3 + uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1 with: path: ".aldoc/_site/" - name: Deploy to GitHub Pages if: needs.Initialization.outputs.deployALDocArtifact == 1 id: deployment - uses: actions/deploy-pages@v4 + uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5 Deploy: needs: [ Initialization, Build, BuildPP ] @@ -240,15 +239,15 @@ jobs: url: ${{ steps.Deploy.outputs.environmentUrl }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Download artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: path: '.artifacts' - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: ${{ matrix.shell }} get: type,powerPlatformSolutionFolder @@ -262,15 +261,15 @@ jobs: - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: ${{ matrix.shell }} gitHubSecrets: ${{ toJson(secrets) }} - getSecrets: '${{ steps.envName.outputs.envName }}-AuthContext,${{ steps.envName.outputs.envName }}_AuthContext,AuthContext,${{ steps.envName.outputs.envName }}-EnvironmentName,${{ steps.envName.outputs.envName }}_EnvironmentName,EnvironmentName,projects' + getSecrets: '${{ steps.envName.outputs.envName }}-AuthContext,${{ steps.envName.outputs.envName }}_AuthContext,AuthContext' - name: Deploy to Business Central id: Deploy - uses: microsoft/AL-Go-Actions/Deploy@v5.2 + uses: microsoft/AL-Go-Actions/Deploy@v5.3 env: Secrets: '${{ steps.ReadSecrets.outputs.Secrets }}' with: @@ -282,7 +281,7 @@ jobs: - name: Deploy to Power Platform if: env.type == 'PTE' && env.powerPlatformSolutionFolder != '' - uses: microsoft/AL-Go-Actions/DeployPowerPlatform@v5.2 + uses: microsoft/AL-Go-Actions/DeployPowerPlatform@v5.3 env: Secrets: '${{ steps.ReadSecrets.outputs.Secrets }}' with: @@ -302,28 +301,28 @@ jobs: name: Deliver to ${{ matrix.deliveryTarget }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Download artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: path: '.artifacts' - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} getSecrets: '${{ matrix.deliveryTarget }}Context' - name: Deliver - uses: microsoft/AL-Go-Actions/Deliver@v5.2 + uses: microsoft/AL-Go-Actions/Deliver@v5.3 env: Secrets: '${{ steps.ReadSecrets.outputs.Secrets }}' with: @@ -339,12 +338,14 @@ jobs: runs-on: [ windows-latest ] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Finalize the workflow id: PostProcess - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0091" telemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/CreateApp.yaml b/.github/workflows/CreateApp.yaml index a65256e..32ca5f4 100644 --- a/.github/workflows/CreateApp.yaml +++ b/.github/workflows/CreateApp.yaml @@ -32,7 +32,9 @@ on: default: false permissions: + actions: read contents: write + id-token: write pull-requests: write defaults: @@ -49,29 +51,28 @@ jobs: runs-on: [ windows-latest ] steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0092" - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell get: type - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} @@ -79,11 +80,10 @@ jobs: useGhTokenWorkflowForPush: '${{ github.event.inputs.useGhTokenWorkflow }}' - name: Creating a new app - uses: microsoft/AL-Go-Actions/CreateApp@v5.2 + uses: microsoft/AL-Go-Actions/CreateApp@v5.3 with: shell: powershell token: ${{ steps.ReadSecrets.outputs.TokenForPush }} - parentTelemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} project: ${{ github.event.inputs.project }} type: ${{ env.type }} name: ${{ github.event.inputs.name }} @@ -94,8 +94,10 @@ jobs: - name: Finalize the workflow if: always() - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0092" telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/CreateOnlineDevelopmentEnvironment.yaml b/.github/workflows/CreateOnlineDevelopmentEnvironment.yaml index e2998c3..f3e906e 100644 --- a/.github/workflows/CreateOnlineDevelopmentEnvironment.yaml +++ b/.github/workflows/CreateOnlineDevelopmentEnvironment.yaml @@ -26,7 +26,9 @@ on: default: false permissions: + actions: read contents: write + id-token: write pull-requests: write defaults: @@ -43,34 +45,33 @@ jobs: runs-on: [ windows-latest ] outputs: deviceCode: ${{ steps.authenticate.outputs.deviceCode }} - telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} githubRunner: ${{ steps.ReadSettings.outputs.GitHubRunnerJson }} githubRunnerShell: ${{ steps.ReadSettings.outputs.GitHubRunnerShell }} + telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0093" - name: Read settings id: ReadSettings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} @@ -83,17 +84,17 @@ jobs: $settings = $env:Settings | ConvertFrom-Json if ('${{ fromJson(steps.ReadSecrets.outputs.Secrets).adminCenterApiCredentials }}') { Write-Host "AdminCenterApiCredentials provided in secret $($settings.adminCenterApiCredentialsSecretName)!" - Set-Content -Path $ENV:GITHUB_STEP_SUMMARY -value "Admin Center Api Credentials was provided in a secret called $($settings.adminCenterApiCredentialsSecretName). Using this information for authentication." + Add-Content -Encoding UTF8 -path $ENV:GITHUB_STEP_SUMMARY -value "Admin Center Api Credentials was provided in a secret called $($settings.adminCenterApiCredentialsSecretName). Using this information for authentication." } else { Write-Host "AdminCenterApiCredentials not provided, initiating Device Code flow" $ALGoHelperPath = "$([System.IO.Path]::GetTempFileName()).ps1" $webClient = New-Object System.Net.WebClient - $webClient.DownloadFile('https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.2/AL-Go-Helper.ps1', $ALGoHelperPath) + $webClient.DownloadFile('https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.3/AL-Go-Helper.ps1', $ALGoHelperPath) . $ALGoHelperPath DownloadAndImportBcContainerHelper $authContext = New-BcAuthContext -includeDeviceLogin -deviceLoginTimeout ([TimeSpan]::FromSeconds(0)) - Set-Content -Path $ENV:GITHUB_STEP_SUMMARY -value "AL-Go needs access to the Business Central Admin Center Api and could not locate a secret called $($settings.adminCenterApiCredentialsSecretName) (https://aka.ms/ALGoSettings#AdminCenterApiCredentialsSecretName)`n`n$($authContext.message)" + Add-Content -Encoding UTF8 -path $ENV:GITHUB_STEP_SUMMARY -value "AL-Go needs access to the Business Central Admin Center Api and could not locate a secret called $($settings.adminCenterApiCredentialsSecretName) (https://aka.ms/ALGoSettings#AdminCenterApiCredentialsSecretName)`n`n$($authContext.message)" Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "deviceCode=$($authContext.deviceCode)" } @@ -108,16 +109,16 @@ jobs: deviceCode: ${{ needs.Initialization.outputs.deviceCode }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} @@ -136,11 +137,10 @@ jobs: Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -value "adminCenterApiCredentials=$adminCenterApiCredentials" - name: Create Development Environment - uses: microsoft/AL-Go-Actions/CreateDevelopmentEnvironment@v5.2 + uses: microsoft/AL-Go-Actions/CreateDevelopmentEnvironment@v5.3 with: shell: powershell token: ${{ steps.ReadSecrets.outputs.TokenForPush }} - parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} environmentName: ${{ github.event.inputs.environmentName }} project: ${{ github.event.inputs.project }} reUseExistingEnvironment: ${{ github.event.inputs.reUseExistingEnvironment }} @@ -149,8 +149,10 @@ jobs: - name: Finalize the workflow if: always() - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0093" telemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/CreatePerformanceTestApp.yaml b/.github/workflows/CreatePerformanceTestApp.yaml index 516531b..6ce474b 100644 --- a/.github/workflows/CreatePerformanceTestApp.yaml +++ b/.github/workflows/CreatePerformanceTestApp.yaml @@ -38,7 +38,9 @@ on: default: false permissions: + actions: read contents: write + id-token: write pull-requests: write defaults: @@ -55,28 +57,27 @@ jobs: runs-on: [ windows-latest ] steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0102" - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} @@ -84,11 +85,10 @@ jobs: useGhTokenWorkflowForPush: '${{ github.event.inputs.useGhTokenWorkflow }}' - name: Creating a new test app - uses: microsoft/AL-Go-Actions/CreateApp@v5.2 + uses: microsoft/AL-Go-Actions/CreateApp@v5.3 with: shell: powershell token: ${{ steps.ReadSecrets.outputs.TokenForPush }} - parentTelemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} project: ${{ github.event.inputs.project }} type: 'Performance Test App' name: ${{ github.event.inputs.name }} @@ -100,8 +100,10 @@ jobs: - name: Finalize the workflow if: always() - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0102" telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/CreateRelease.yaml b/.github/workflows/CreateRelease.yaml index 3d9c7e5..1e96a6b 100644 --- a/.github/workflows/CreateRelease.yaml +++ b/.github/workflows/CreateRelease.yaml @@ -46,9 +46,10 @@ on: default: false permissions: + actions: read contents: write + id-token: write pull-requests: write - actions: read concurrency: release @@ -65,51 +66,50 @@ jobs: needs: [ ] runs-on: [ windows-latest ] outputs: - telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} artifacts: ${{ steps.analyzeartifacts.outputs.artifacts }} releaseId: ${{ steps.createrelease.outputs.releaseId }} commitish: ${{ steps.analyzeartifacts.outputs.commitish }} releaseVersion: ${{ steps.createreleasenotes.outputs.releaseVersion }} + telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0094" - name: Read settings id: ReadSettings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell get: templateUrl,repoName,type,powerPlatformSolutionFolder - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} getSecrets: 'TokenForPush' useGhTokenWorkflowForPush: '${{ github.event.inputs.useGhTokenWorkflow }}' - + - name: Determine Projects id: determineProjects - uses: microsoft/AL-Go-Actions/DetermineProjectsToBuild@v5.2 + uses: microsoft/AL-Go-Actions/DetermineProjectsToBuild@v5.3 with: shell: powershell - name: Check for updates to AL-Go system files - uses: microsoft/AL-Go-Actions/CheckForUpdates@v5.2 + uses: microsoft/AL-Go-Actions/CheckForUpdates@v5.3 with: shell: powershell templateUrl: ${{ env.templateUrl }} @@ -203,15 +203,14 @@ jobs: - name: Prepare release notes id: createreleasenotes - uses: microsoft/AL-Go-Actions/CreateReleaseNotes@v5.2 + uses: microsoft/AL-Go-Actions/CreateReleaseNotes@v5.3 with: shell: powershell - parentTelemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} tag_name: ${{ github.event.inputs.tag }} target_commitish: ${{ steps.analyzeartifacts.outputs.commitish }} - name: Create release - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 id: createrelease env: bodyMD: ${{ steps.createreleasenotes.outputs.releaseNotes }} @@ -243,16 +242,16 @@ jobs: fail-fast: true steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} @@ -271,7 +270,7 @@ jobs: Invoke-WebRequest -UseBasicParsing -Headers $headers -Uri '${{ matrix.url }}' -OutFile '${{ matrix.name }}.zip' - name: Upload release artifacts - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 env: releaseId: ${{ needs.createrelease.outputs.releaseId }} with: @@ -290,7 +289,7 @@ jobs: }); - name: Deliver to NuGet - uses: microsoft/AL-Go-Actions/Deliver@v5.2 + uses: microsoft/AL-Go-Actions/Deliver@v5.3 if: ${{ fromJson(steps.ReadSecrets.outputs.Secrets).nuGetContext != '' }} env: Secrets: '${{ steps.ReadSecrets.outputs.Secrets }}' @@ -303,7 +302,7 @@ jobs: atypes: 'Apps,TestApps' - name: Deliver to Storage - uses: microsoft/AL-Go-Actions/Deliver@v5.2 + uses: microsoft/AL-Go-Actions/Deliver@v5.3 if: ${{ fromJson(steps.ReadSecrets.outputs.Secrets).storageContext != '' }} env: Secrets: '${{ steps.ReadSecrets.outputs.Secrets }}' @@ -321,7 +320,7 @@ jobs: runs-on: [ windows-latest ] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: ref: '${{ needs.createRelease.outputs.commitish }}' @@ -344,16 +343,16 @@ jobs: runs-on: [ windows-latest ] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} @@ -361,11 +360,10 @@ jobs: useGhTokenWorkflowForPush: '${{ github.event.inputs.useGhTokenWorkflow }}' - name: Update Version Number - uses: microsoft/AL-Go-Actions/IncrementVersionNumber@v5.2 + uses: microsoft/AL-Go-Actions/IncrementVersionNumber@v5.3 with: shell: powershell token: ${{ steps.ReadSecrets.outputs.TokenForPush }} - parentTelemetryScopeJson: ${{ needs.CreateRelease.outputs.telemetryScopeJson }} versionNumber: ${{ github.event.inputs.updateVersionNumber }} directCommit: ${{ github.event.inputs.directCommit }} @@ -375,12 +373,14 @@ jobs: runs-on: [ windows-latest ] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Finalize the workflow id: PostProcess - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0094" telemetryScopeJson: ${{ needs.CreateRelease.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/CreateTestApp.yaml b/.github/workflows/CreateTestApp.yaml index 35efcdc..87610ab 100644 --- a/.github/workflows/CreateTestApp.yaml +++ b/.github/workflows/CreateTestApp.yaml @@ -34,7 +34,9 @@ on: default: false permissions: + actions: read contents: write + id-token: write pull-requests: write defaults: @@ -51,28 +53,27 @@ jobs: runs-on: [ windows-latest ] steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0095" - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} @@ -80,11 +81,10 @@ jobs: useGhTokenWorkflowForPush: '${{ github.event.inputs.useGhTokenWorkflow }}' - name: Creating a new test app - uses: microsoft/AL-Go-Actions/CreateApp@v5.2 + uses: microsoft/AL-Go-Actions/CreateApp@v5.3 with: shell: powershell token: ${{ steps.ReadSecrets.outputs.TokenForPush }} - parentTelemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} project: ${{ github.event.inputs.project }} type: 'Test App' name: ${{ github.event.inputs.name }} @@ -95,8 +95,10 @@ jobs: - name: Finalize the workflow if: always() - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0095" telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/Current.yaml b/.github/workflows/Current.yaml index 7185430..6eeea06 100644 --- a/.github/workflows/Current.yaml +++ b/.github/workflows/Current.yaml @@ -4,8 +4,9 @@ on: workflow_dispatch: permissions: - contents: read actions: read + contents: read + id-token: write defaults: run: @@ -21,34 +22,33 @@ jobs: needs: [ ] runs-on: [ windows-latest ] outputs: - telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} githubRunner: ${{ steps.ReadSettings.outputs.GitHubRunnerJson }} githubRunnerShell: ${{ steps.ReadSettings.outputs.GitHubRunnerShell }} projects: ${{ steps.determineProjectsToBuild.outputs.ProjectsJson }} projectDependenciesJson: ${{ steps.determineProjectsToBuild.outputs.ProjectDependenciesJson }} buildOrderJson: ${{ steps.determineProjectsToBuild.outputs.BuildOrderJson }} workflowDepth: ${{ steps.DetermineWorkflowDepth.outputs.WorkflowDepth }} + telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: lfs: true - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0101" - name: Read settings id: ReadSettings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell @@ -59,7 +59,7 @@ jobs: - name: Determine Projects To Build id: determineProjectsToBuild - uses: microsoft/AL-Go-Actions/DetermineProjectsToBuild@v5.2 + uses: microsoft/AL-Go-Actions/DetermineProjectsToBuild@v5.3 with: shell: powershell maxBuildDepth: ${{ env.workflowDepth }} @@ -77,7 +77,6 @@ jobs: with: shell: ${{ needs.Initialization.outputs.githubRunnerShell }} runsOn: ${{ needs.Initialization.outputs.githubRunner }} - parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} project: ${{ matrix.project }} projectName: ${{ matrix.projectName }} buildMode: ${{ matrix.buildMode }} @@ -92,12 +91,14 @@ jobs: runs-on: [ windows-latest ] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Finalize the workflow id: PostProcess - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0101" telemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/DeployReferenceDocumentation.yaml b/.github/workflows/DeployReferenceDocumentation.yaml index 32701ee..a9eb97a 100644 --- a/.github/workflows/DeployReferenceDocumentation.yaml +++ b/.github/workflows/DeployReferenceDocumentation.yaml @@ -4,10 +4,10 @@ on: workflow_dispatch: permissions: - contents: read actions: read - pages: write + contents: read id-token: write + pages: write defaults: run: @@ -26,46 +26,55 @@ jobs: url: ${{ steps.deployment.outputs.page_url }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0097" - + - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell - name: Determine Deployment Environments id: DetermineDeploymentEnvironments - uses: microsoft/AL-Go-Actions/DetermineDeploymentEnvironments@v5.2 + uses: microsoft/AL-Go-Actions/DetermineDeploymentEnvironments@v5.3 env: GITHUB_TOKEN: ${{ github.token }} with: shell: powershell getEnvironments: 'github-pages' type: 'Publish' - + - name: Setup Pages if: steps.DetermineDeploymentEnvironments.outputs.deployALDocArtifact == 1 - uses: actions/configure-pages@v5 - + uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0 + - name: Build Reference Documentation - uses: microsoft/AL-Go-Actions/BuildReferenceDocumentation@v5.2 + uses: microsoft/AL-Go-Actions/BuildReferenceDocumentation@v5.3 with: shell: powershell artifacts: 'latest' - + - name: Upload pages artifact - uses: actions/upload-pages-artifact@v3 + uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1 with: path: ".aldoc/_site/" - + - name: Deploy to GitHub Pages if: steps.DetermineDeploymentEnvironments.outputs.deployALDocArtifact == 1 id: deployment - uses: actions/deploy-pages@v4 + uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5 + + - name: Finalize the workflow + if: always() + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} + with: + shell: powershell + telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/IncrementVersionNumber.yaml b/.github/workflows/IncrementVersionNumber.yaml index c6c65d3..5f81392 100644 --- a/.github/workflows/IncrementVersionNumber.yaml +++ b/.github/workflows/IncrementVersionNumber.yaml @@ -22,7 +22,9 @@ on: default: false permissions: + actions: read contents: write + id-token: write pull-requests: write defaults: @@ -39,28 +41,27 @@ jobs: runs-on: [ windows-latest ] steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0096" - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} @@ -68,19 +69,20 @@ jobs: useGhTokenWorkflowForPush: '${{ github.event.inputs.useGhTokenWorkflow }}' - name: Increment Version Number - uses: microsoft/AL-Go-Actions/IncrementVersionNumber@v5.2 + uses: microsoft/AL-Go-Actions/IncrementVersionNumber@v5.3 with: shell: powershell token: ${{ steps.ReadSecrets.outputs.TokenForPush }} - parentTelemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} projects: ${{ github.event.inputs.projects }} versionNumber: ${{ github.event.inputs.versionNumber }} directCommit: ${{ github.event.inputs.directCommit }} - name: Finalize the workflow if: always() - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0096" telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/NextMajor.yaml b/.github/workflows/NextMajor.yaml index e6914a0..56d2d42 100644 --- a/.github/workflows/NextMajor.yaml +++ b/.github/workflows/NextMajor.yaml @@ -4,8 +4,9 @@ on: workflow_dispatch: permissions: - contents: read actions: read + contents: read + id-token: write defaults: run: @@ -21,34 +22,33 @@ jobs: needs: [ ] runs-on: [ windows-latest ] outputs: - telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} githubRunner: ${{ steps.ReadSettings.outputs.GitHubRunnerJson }} githubRunnerShell: ${{ steps.ReadSettings.outputs.GitHubRunnerShell }} projects: ${{ steps.determineProjectsToBuild.outputs.ProjectsJson }} projectDependenciesJson: ${{ steps.determineProjectsToBuild.outputs.ProjectDependenciesJson }} buildOrderJson: ${{ steps.determineProjectsToBuild.outputs.BuildOrderJson }} workflowDepth: ${{ steps.DetermineWorkflowDepth.outputs.WorkflowDepth }} + telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: lfs: true - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0099" - name: Read settings id: ReadSettings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell @@ -59,7 +59,7 @@ jobs: - name: Determine Projects To Build id: determineProjectsToBuild - uses: microsoft/AL-Go-Actions/DetermineProjectsToBuild@v5.2 + uses: microsoft/AL-Go-Actions/DetermineProjectsToBuild@v5.3 with: shell: powershell maxBuildDepth: ${{ env.workflowDepth }} @@ -77,7 +77,6 @@ jobs: with: shell: ${{ needs.Initialization.outputs.githubRunnerShell }} runsOn: ${{ needs.Initialization.outputs.githubRunner }} - parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} project: ${{ matrix.project }} projectName: ${{ matrix.projectName }} buildMode: ${{ matrix.buildMode }} @@ -92,12 +91,14 @@ jobs: runs-on: [ windows-latest ] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Finalize the workflow id: PostProcess - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0099" telemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/NextMinor.yaml b/.github/workflows/NextMinor.yaml index 8f8cf54..ec8ea4d 100644 --- a/.github/workflows/NextMinor.yaml +++ b/.github/workflows/NextMinor.yaml @@ -4,8 +4,9 @@ on: workflow_dispatch: permissions: - contents: read actions: read + contents: read + id-token: write defaults: run: @@ -21,34 +22,33 @@ jobs: needs: [ ] runs-on: [ windows-latest ] outputs: - telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} githubRunner: ${{ steps.ReadSettings.outputs.GitHubRunnerJson }} githubRunnerShell: ${{ steps.ReadSettings.outputs.GitHubRunnerShell }} projects: ${{ steps.determineProjectsToBuild.outputs.ProjectsJson }} projectDependenciesJson: ${{ steps.determineProjectsToBuild.outputs.ProjectDependenciesJson }} buildOrderJson: ${{ steps.determineProjectsToBuild.outputs.BuildOrderJson }} workflowDepth: ${{ steps.DetermineWorkflowDepth.outputs.WorkflowDepth }} + telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: lfs: true - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0100" - name: Read settings id: ReadSettings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell @@ -59,7 +59,7 @@ jobs: - name: Determine Projects To Build id: determineProjectsToBuild - uses: microsoft/AL-Go-Actions/DetermineProjectsToBuild@v5.2 + uses: microsoft/AL-Go-Actions/DetermineProjectsToBuild@v5.3 with: shell: powershell maxBuildDepth: ${{ env.workflowDepth }} @@ -77,7 +77,6 @@ jobs: with: shell: ${{ needs.Initialization.outputs.githubRunnerShell }} runsOn: ${{ needs.Initialization.outputs.githubRunner }} - parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} project: ${{ matrix.project }} projectName: ${{ matrix.projectName }} buildMode: ${{ matrix.buildMode }} @@ -92,12 +91,14 @@ jobs: runs-on: [ windows-latest ] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Finalize the workflow id: PostProcess - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0100" telemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/PublishToEnvironment.yaml b/.github/workflows/PublishToEnvironment.yaml index 90c0372..c0df556 100644 --- a/.github/workflows/PublishToEnvironment.yaml +++ b/.github/workflows/PublishToEnvironment.yaml @@ -12,8 +12,9 @@ on: required: true permissions: - contents: read actions: read + contents: read + id-token: write defaults: run: @@ -28,36 +29,35 @@ jobs: needs: [ ] runs-on: [ windows-latest ] outputs: - telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} environmentsMatrixJson: ${{ steps.DetermineDeploymentEnvironments.outputs.EnvironmentsMatrixJson }} environmentCount: ${{ steps.DetermineDeploymentEnvironments.outputs.EnvironmentCount }} deploymentEnvironmentsJson: ${{ steps.DetermineDeploymentEnvironments.outputs.DeploymentEnvironmentsJson }} deviceCode: ${{ steps.Authenticate.outputs.deviceCode }} + telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0097" - name: Read settings id: ReadSettings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell - name: Determine Deployment Environments id: DetermineDeploymentEnvironments - uses: microsoft/AL-Go-Actions/DetermineDeploymentEnvironments@v5.2 + uses: microsoft/AL-Go-Actions/DetermineDeploymentEnvironments@v5.3 env: GITHUB_TOKEN: ${{ github.token }} with: @@ -75,7 +75,7 @@ jobs: - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 if: steps.DetermineDeploymentEnvironments.outputs.UnknownEnvironment == 1 with: shell: powershell @@ -101,17 +101,17 @@ jobs: } if ($authContext) { Write-Host "AuthContext provided in secret $secretName!" - Set-Content -Path $ENV:GITHUB_STEP_SUMMARY -value "AuthContext was provided in a secret called $secretName. Using this information for authentication." + Add-Content -Encoding UTF8 -path $ENV:GITHUB_STEP_SUMMARY -value "AuthContext was provided in a secret called $secretName. Using this information for authentication." } else { Write-Host "No AuthContext provided for $envName, initiating Device Code flow" $ALGoHelperPath = "$([System.IO.Path]::GetTempFileName()).ps1" $webClient = New-Object System.Net.WebClient - $webClient.DownloadFile('https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.2/AL-Go-Helper.ps1', $ALGoHelperPath) + $webClient.DownloadFile('https://raw.githubusercontent.com/microsoft/AL-Go-Actions/v5.3/AL-Go-Helper.ps1', $ALGoHelperPath) . $ALGoHelperPath DownloadAndImportBcContainerHelper $authContext = New-BcAuthContext -includeDeviceLogin -deviceLoginTimeout ([TimeSpan]::FromSeconds(0)) - Set-Content -Path $ENV:GITHUB_STEP_SUMMARY -value "AL-Go needs access to the Business Central Environment $('${{ steps.envName.outputs.envName }}'.Split(' ')[0]) and could not locate a secret called ${{ steps.envName.outputs.envName }}_AuthContext`n`n$($authContext.message)" + Add-Content -Encoding UTF8 -path $ENV:GITHUB_STEP_SUMMARY -value "AL-Go needs access to the Business Central Environment $('${{ steps.envName.outputs.envName }}'.Split(' ')[0]) and could not locate a secret called ${{ steps.envName.outputs.envName }}_AuthContext`n`n$($authContext.message)" Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "deviceCode=$($authContext.deviceCode)" } @@ -131,7 +131,7 @@ jobs: deviceCode: ${{ needs.Initialization.outputs.deviceCode }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: EnvName id: envName @@ -141,29 +141,29 @@ jobs: Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "envName=$envName" - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: ${{ matrix.shell }} get: type,powerPlatformSolutionFolder - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: ${{ matrix.shell }} gitHubSecrets: ${{ toJson(secrets) }} - getSecrets: '${{ steps.envName.outputs.envName }}-AuthContext,${{ steps.envName.outputs.envName }}_AuthContext,AuthContext,${{ steps.envName.outputs.envName }}-EnvironmentName,${{ steps.envName.outputs.envName }}_EnvironmentName,EnvironmentName,projects' + getSecrets: '${{ steps.envName.outputs.envName }}-AuthContext,${{ steps.envName.outputs.envName }}_AuthContext,AuthContext' - name: Get Artifacts for deployment - uses: microsoft/AL-Go-Actions/GetArtifactsForDeployment@v5.2 + uses: microsoft/AL-Go-Actions/GetArtifactsForDeployment@v5.3 with: - shell: powershell + shell: ${{ matrix.shell }} artifactsVersion: ${{ github.event.inputs.appVersion }} artifactsFolder: '.artifacts' - name: Deploy to Business Central id: Deploy - uses: microsoft/AL-Go-Actions/Deploy@v5.2 + uses: microsoft/AL-Go-Actions/Deploy@v5.3 env: Secrets: '${{ steps.ReadSecrets.outputs.Secrets }}' with: @@ -175,11 +175,11 @@ jobs: - name: Deploy to Power Platform if: env.type == 'PTE' && env.powerPlatformSolutionFolder != '' - uses: microsoft/AL-Go-Actions/DeployPowerPlatform@v5.2 + uses: microsoft/AL-Go-Actions/DeployPowerPlatform@v5.3 env: Secrets: '${{ steps.ReadSecrets.outputs.Secrets }}' with: - shell: powershell + shell: ${{ matrix.shell }} environmentName: ${{ matrix.environment }} artifactsFolder: '.artifacts' deploymentEnvironmentsJson: ${{ needs.Initialization.outputs.deploymentEnvironmentsJson }} @@ -190,12 +190,14 @@ jobs: runs-on: [ windows-latest ] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Finalize the workflow id: PostProcess - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: - shell: powershell - eventId: "DO0097" + shell: ${{ matrix.shell }} telemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/PullPowerPlatformChanges.yaml b/.github/workflows/PullPowerPlatformChanges.yaml index ac32a0a..21281ae 100644 --- a/.github/workflows/PullPowerPlatformChanges.yaml +++ b/.github/workflows/PullPowerPlatformChanges.yaml @@ -19,7 +19,9 @@ on: default: false permissions: + actions: read contents: write + id-token: write pull-requests: write defaults: @@ -32,14 +34,13 @@ jobs: name: Pull changes from ${{ inputs.environment }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0103" - name: EnvName env: @@ -50,14 +51,14 @@ jobs: Add-Content -encoding utf8 -Path $env:GITHUB_ENV -Value "envName=$envName" - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell get: powerPlatformSolutionFolder - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} @@ -66,7 +67,7 @@ jobs: - name: Determine Deployment Environments id: DetermineDeploymentEnvironments - uses: microsoft/AL-Go-Actions/DetermineDeploymentEnvironments@v5.2 + uses: microsoft/AL-Go-Actions/DetermineDeploymentEnvironments@v5.3 env: GITHUB_TOKEN: ${{ github.token }} with: @@ -88,7 +89,7 @@ jobs: Add-Content -encoding utf8 -Path $env:GITHUB_ENV -Value "solutionFolder=$solutionFolder" - name: Pull changes from Power Platform environment - uses: microsoft/AL-Go-Actions/PullPowerPlatformChanges@v5.2 + uses: microsoft/AL-Go-Actions/PullPowerPlatformChanges@v5.3 env: Secrets: '${{ steps.ReadSecrets.outputs.Secrets }}' with: @@ -101,8 +102,10 @@ jobs: - name: Finalize the workflow if: always() - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0103" telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/PullRequestHandler.yaml b/.github/workflows/PullRequestHandler.yaml index 53dea08..0b36d9d 100644 --- a/.github/workflows/PullRequestHandler.yaml +++ b/.github/workflows/PullRequestHandler.yaml @@ -13,8 +13,9 @@ defaults: shell: powershell permissions: - contents: read actions: read + contents: read + id-token: write pull-requests: read env: @@ -27,14 +28,13 @@ jobs: if: (github.event.pull_request.base.repo.full_name != github.event.pull_request.head.repo.full_name) && (github.event_name != 'pull_request') runs-on: windows-latest steps: - - uses: microsoft/AL-Go-Actions/VerifyPRChanges@v5.2 + - uses: microsoft/AL-Go-Actions/VerifyPRChanges@v5.3 Initialization: needs: [ PregateCheck ] if: (!failure() && !cancelled()) runs-on: [ windows-latest ] outputs: - telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} githubRunner: ${{ steps.ReadSettings.outputs.GitHubRunnerJson }} githubRunnerShell: ${{ steps.ReadSettings.outputs.GitHubRunnerShell }} projects: ${{ steps.determineProjectsToBuild.outputs.ProjectsJson }} @@ -42,28 +42,28 @@ jobs: buildOrderJson: ${{ steps.determineProjectsToBuild.outputs.BuildOrderJson }} baselineWorkflowRunId: ${{ steps.determineProjectsToBuild.outputs.BaselineWorkflowRunId }} workflowDepth: ${{ steps.DetermineWorkflowDepth.outputs.WorkflowDepth }} + telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: lfs: true - ref: refs/pull/${{ github.event.number }}/merge + ref: ${{ github.event_name == 'pull_request' && github.sha || format('refs/pull/{0}/merge', github.event.pull_request.number) }} - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0104" - name: Read settings id: ReadSettings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell @@ -74,7 +74,7 @@ jobs: - name: Determine Projects To Build id: determineProjectsToBuild - uses: microsoft/AL-Go-Actions/DetermineProjectsToBuild@v5.2 + uses: microsoft/AL-Go-Actions/DetermineProjectsToBuild@v5.3 with: shell: powershell maxBuildDepth: ${{ env.workflowDepth }} @@ -92,8 +92,7 @@ jobs: with: shell: ${{ needs.Initialization.outputs.githubRunnerShell }} runsOn: ${{ needs.Initialization.outputs.githubRunner }} - checkoutRef: refs/pull/${{ github.event.number }}/merge - parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} + checkoutRef: ${{ github.event_name == 'pull_request' && github.sha || format('refs/pull/{0}/merge', github.event.pull_request.number) }} project: ${{ matrix.project }} projectName: ${{ matrix.projectName }} buildMode: ${{ matrix.buildMode }} @@ -111,8 +110,19 @@ jobs: steps: - name: Pull Request Status Check id: PullRequestStatusCheck - uses: microsoft/AL-Go-Actions/PullRequestStatusCheck@v5.2 + uses: microsoft/AL-Go-Actions/PullRequestStatusCheck@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} + with: + shell: powershell + + - name: Finalize the workflow + id: PostProcess + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + if: success() || failure() env: GITHUB_TOKEN: ${{ github.token }} with: shell: powershell + telemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/PushPowerPlatformChanges.yaml b/.github/workflows/PushPowerPlatformChanges.yaml index 4090c8b..c7885e8 100644 --- a/.github/workflows/PushPowerPlatformChanges.yaml +++ b/.github/workflows/PushPowerPlatformChanges.yaml @@ -11,7 +11,9 @@ on: required: false permissions: + actions: read contents: read + id-token: write defaults: run: @@ -23,14 +25,13 @@ jobs: name: Push changes to ${{ inputs.environment }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0103" - name: EnvName env: @@ -42,14 +43,14 @@ jobs: Add-Content -encoding utf8 -Path $env:GITHUB_ENV -Value "envName=$envName" - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell get: powerPlatformSolutionFolder - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} @@ -57,7 +58,7 @@ jobs: - name: Determine Deployment Environments id: DetermineDeploymentEnvironments - uses: microsoft/AL-Go-Actions/DetermineDeploymentEnvironments@v5.2 + uses: microsoft/AL-Go-Actions/DetermineDeploymentEnvironments@v5.3 env: GITHUB_TOKEN: ${{ github.token }} with: @@ -79,7 +80,7 @@ jobs: Add-Content -encoding utf8 -Path $env:GITHUB_ENV -Value "solutionFolder=$solutionFolder" - name: Export and push changes to Power Platform - uses: microsoft/AL-Go-Actions/DeployPowerPlatform@v5.2 + uses: microsoft/AL-Go-Actions/DeployPowerPlatform@v5.3 env: Secrets: '${{ steps.ReadSecrets.outputs.Secrets }}' with: @@ -90,8 +91,10 @@ jobs: - name: Finalize the workflow if: always() - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0103" telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/Troubleshooting.yaml b/.github/workflows/Troubleshooting.yaml index 9d578fd..9a5bce5 100644 --- a/.github/workflows/Troubleshooting.yaml +++ b/.github/workflows/Troubleshooting.yaml @@ -9,8 +9,8 @@ on: default: false permissions: - contents: read actions: read + contents: read defaults: run: @@ -25,12 +25,12 @@ jobs: runs-on: [ windows-latest ] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: lfs: true - name: Troubleshooting - uses: microsoft/AL-Go-Actions/Troubleshooting@v5.2 + uses: microsoft/AL-Go-Actions/Troubleshooting@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} diff --git a/.github/workflows/UpdateGitHubGoSystemFiles.yaml b/.github/workflows/UpdateGitHubGoSystemFiles.yaml index 86a7b0c..3829d27 100644 --- a/.github/workflows/UpdateGitHubGoSystemFiles.yaml +++ b/.github/workflows/UpdateGitHubGoSystemFiles.yaml @@ -17,7 +17,9 @@ on: default: false permissions: + actions: read contents: read + id-token: write defaults: run: @@ -34,29 +36,28 @@ jobs: runs-on: [ windows-latest ] steps: - name: Dump Workflow Information - uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.2 + uses: microsoft/AL-Go-Actions/DumpWorkflowInfo@v5.3 with: shell: powershell - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Initialize the workflow id: init - uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowInitialize@v5.3 with: shell: powershell - eventId: "DO0098" - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: powershell get: templateUrl - name: Read secrets id: ReadSecrets - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: powershell gitHubSecrets: ${{ toJson(secrets) }} @@ -92,7 +93,7 @@ jobs: Add-Content -Encoding UTF8 -Path $env:GITHUB_ENV -Value "downloadLatest=$downloadLatest" - name: Update AL-Go system files - uses: microsoft/AL-Go-Actions/CheckForUpdates@v5.2 + uses: microsoft/AL-Go-Actions/CheckForUpdates@v5.3 with: shell: powershell token: ${{ fromJson(steps.ReadSecrets.outputs.Secrets).ghTokenWorkflow }} @@ -103,8 +104,10 @@ jobs: - name: Finalize the workflow if: always() - uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.2 + uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v5.3 + env: + GITHUB_TOKEN: ${{ github.token }} with: shell: powershell - eventId: "DO0098" telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} + currentJobContext: ${{ toJson(job) }} diff --git a/.github/workflows/_BuildALGoProject.yaml b/.github/workflows/_BuildALGoProject.yaml index c2014f8..56b1255 100644 --- a/.github/workflows/_BuildALGoProject.yaml +++ b/.github/workflows/_BuildALGoProject.yaml @@ -17,7 +17,7 @@ on: checkoutRef: description: Ref to checkout required: false - default: ${{ github.ref }} + default: ${{ github.sha }} type: string project: description: Name of the built project @@ -67,14 +67,11 @@ on: description: Flag determining whether to use the Artifacts Cache type: boolean default: false - parentTelemetryScopeJson: - description: Specifies the telemetry scope for the telemetry signal - required: false - type: string permissions: - contents: read actions: read + contents: read + id-token: write env: ALGoOrgSettings: ${{ vars.ALGoOrgSettings }} @@ -90,13 +87,13 @@ jobs: name: ${{ inputs.projectName }} (${{ inputs.buildMode }}) steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: ref: ${{ inputs.checkoutRef }} lfs: true - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: ${{ inputs.shell }} project: ${{ inputs.project }} @@ -105,30 +102,29 @@ jobs: - name: Read secrets id: ReadSecrets if: github.event_name != 'pull_request' - uses: microsoft/AL-Go-Actions/ReadSecrets@v5.2 + uses: microsoft/AL-Go-Actions/ReadSecrets@v5.3 with: shell: ${{ inputs.shell }} gitHubSecrets: ${{ toJson(secrets) }} - getSecrets: '${{ inputs.secrets }},appDependencyProbingPathsSecrets' + getSecrets: '${{ inputs.secrets }},appDependencyProbingPathsSecrets,AZURE_CREDENTIALS' - name: Determine ArtifactUrl - uses: microsoft/AL-Go-Actions/DetermineArtifactUrl@v5.2 + uses: microsoft/AL-Go-Actions/DetermineArtifactUrl@v5.3 id: determineArtifactUrl with: shell: ${{ inputs.shell }} - parentTelemetryScopeJson: ${{ inputs.parentTelemetryScopeJson }} project: ${{ inputs.project }} - name: Cache Business Central Artifacts if: env.useCompilerFolder == 'True' && inputs.useArtifactCache && env.artifactCacheKey - uses: actions/cache@v4 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: .artifactcache key: ${{ env.artifactCacheKey }} - name: Download Project Dependencies id: DownloadProjectDependencies - uses: microsoft/AL-Go-Actions/DownloadProjectDependencies@v5.2 + uses: microsoft/AL-Go-Actions/DownloadProjectDependencies@v5.3 env: Secrets: '${{ steps.ReadSecrets.outputs.Secrets }}' with: @@ -139,13 +135,12 @@ jobs: baselineWorkflowRunId: ${{ inputs.baselineWorkflowRunId }} - name: Build - uses: microsoft/AL-Go-Actions/RunPipeline@v5.2 + uses: microsoft/AL-Go-Actions/RunPipeline@v5.3 env: Secrets: '${{ steps.ReadSecrets.outputs.Secrets }}' BuildMode: ${{ inputs.buildMode }} with: shell: ${{ inputs.shell }} - parentTelemetryScopeJson: ${{ inputs.parentTelemetryScopeJson }} artifact: ${{ env.artifact }} project: ${{ inputs.project }} buildMode: ${{ inputs.buildMode }} @@ -155,16 +150,15 @@ jobs: - name: Sign if: inputs.signArtifacts && env.doNotSignApps == 'False' && env.keyVaultCodesignCertificateName != '' id: sign - uses: microsoft/AL-Go-Actions/Sign@v5.2 + uses: microsoft/AL-Go-Actions/Sign@v5.3 with: shell: ${{ needs.Initialization.outputs.githubRunnerShell }} - azureCredentialsJson: ${{ secrets.AZURE_CREDENTIALS }} + azureCredentialsJson: '${{ fromJson(steps.ReadSecrets.outputs.Secrets).AZURE_CREDENTIALS }}' pathToFiles: '${{ inputs.project }}/.buildartifacts/Apps/*.app' - parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} - name: Calculate Artifact names id: calculateArtifactsNames - uses: microsoft/AL-Go-Actions/CalculateArtifactNames@v5.2 + uses: microsoft/AL-Go-Actions/CalculateArtifactNames@v5.3 if: success() || failure() with: shell: ${{ inputs.shell }} @@ -174,7 +168,7 @@ jobs: - name: Upload thisbuild artifacts - apps if: inputs.publishThisBuildArtifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: ${{ steps.calculateArtifactsNames.outputs.ThisBuildAppsArtifactsName }} path: '${{ inputs.project }}/.buildartifacts/Apps/' @@ -183,7 +177,7 @@ jobs: - name: Upload thisbuild artifacts - dependencies if: inputs.publishThisBuildArtifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: ${{ steps.calculateArtifactsNames.outputs.ThisBuildDependenciesArtifactsName }} path: '${{ inputs.project }}/.buildartifacts/Dependencies/' @@ -192,7 +186,7 @@ jobs: - name: Upload thisbuild artifacts - test apps if: inputs.publishThisBuildArtifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: ${{ steps.calculateArtifactsNames.outputs.ThisBuildTestAppsArtifactsName }} path: '${{ inputs.project }}/.buildartifacts/TestApps/' @@ -200,7 +194,7 @@ jobs: retention-days: 1 - name: Publish artifacts - apps - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 if: inputs.publishArtifacts with: name: ${{ steps.calculateArtifactsNames.outputs.AppsArtifactsName }} @@ -208,7 +202,7 @@ jobs: if-no-files-found: ignore - name: Publish artifacts - dependencies - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 if: inputs.publishArtifacts && env.generateDependencyArtifact == 'True' with: name: ${{ steps.calculateArtifactsNames.outputs.DependenciesArtifactsName }} @@ -216,7 +210,7 @@ jobs: if-no-files-found: ignore - name: Publish artifacts - test apps - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 if: inputs.publishArtifacts with: name: ${{ steps.calculateArtifactsNames.outputs.TestAppsArtifactsName }} @@ -224,7 +218,7 @@ jobs: if-no-files-found: ignore - name: Publish artifacts - build output - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 if: (success() || failure()) && (hashFiles(format('{0}/BuildOutput.txt',inputs.project)) != '') with: name: ${{ steps.calculateArtifactsNames.outputs.BuildOutputArtifactsName }} @@ -232,7 +226,7 @@ jobs: if-no-files-found: ignore - name: Publish artifacts - container event log - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 if: (failure()) && (hashFiles(format('{0}/ContainerEventLog.evtx',inputs.project)) != '') with: name: ${{ steps.calculateArtifactsNames.outputs.ContainerEventLogArtifactsName }} @@ -240,7 +234,7 @@ jobs: if-no-files-found: ignore - name: Publish artifacts - test results - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 if: (success() || failure()) && (hashFiles(format('{0}/TestResults.xml',inputs.project)) != '') with: name: ${{ steps.calculateArtifactsNames.outputs.TestResultsArtifactsName }} @@ -248,7 +242,7 @@ jobs: if-no-files-found: ignore - name: Publish artifacts - bcpt test results - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 if: (success() || failure()) && (hashFiles(format('{0}/bcptTestResults.json',inputs.project)) != '') with: name: ${{ steps.calculateArtifactsNames.outputs.BcptTestResultsArtifactsName }} @@ -258,16 +252,14 @@ jobs: - name: Analyze Test Results id: analyzeTestResults if: (success() || failure()) && env.doNotRunTests == 'False' - uses: microsoft/AL-Go-Actions/AnalyzeTests@v5.2 + uses: microsoft/AL-Go-Actions/AnalyzeTests@v5.3 with: shell: ${{ inputs.shell }} - parentTelemetryScopeJson: ${{ inputs.parentTelemetryScopeJson }} project: ${{ inputs.project }} - name: Cleanup if: always() - uses: microsoft/AL-Go-Actions/PipelineCleanup@v5.2 + uses: microsoft/AL-Go-Actions/PipelineCleanup@v5.3 with: shell: ${{ inputs.shell }} - parentTelemetryScopeJson: ${{ inputs.parentTelemetryScopeJson }} project: ${{ inputs.project }} diff --git a/.github/workflows/_BuildPowerPlatformSolution.yaml b/.github/workflows/_BuildPowerPlatformSolution.yaml index e5ebbb0..dcc7348 100644 --- a/.github/workflows/_BuildPowerPlatformSolution.yaml +++ b/.github/workflows/_BuildPowerPlatformSolution.yaml @@ -17,7 +17,7 @@ on: checkoutRef: description: Ref to checkout required: false - default: ${{ github.ref }} + default: ${{ github.sha }} type: string project: description: Name of the built project @@ -55,20 +55,20 @@ jobs: name: '${{ inputs.projectName }}' steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: ref: ${{ inputs.checkoutRef }} lfs: true - name: Read settings - uses: microsoft/AL-Go-Actions/ReadSettings@v5.2 + uses: microsoft/AL-Go-Actions/ReadSettings@v5.3 with: shell: ${{ inputs.shell }} project: ${{ inputs.project }} get: type,powerPlatformSolutionFolder,appRevision,appBuild - name: Build - uses: microsoft/AL-Go-Actions/BuildPowerPlatform@v5.2 + uses: microsoft/AL-Go-Actions/BuildPowerPlatform@v5.3 with: shell: ${{ inputs.shell }} solutionFolder: ${{ inputs.project }} @@ -79,7 +79,7 @@ jobs: - name: Calculate Artifact names id: calculateArtifactsNames - uses: microsoft/AL-Go-Actions/CalculateArtifactNames@v5.2 + uses: microsoft/AL-Go-Actions/CalculateArtifactNames@v5.3 if: success() || failure() with: shell: ${{ inputs.shell }} @@ -88,7 +88,7 @@ jobs: suffix: ${{ inputs.artifactsNameSuffix }} - name: Publish artifacts - Power Platform Solution - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 if: inputs.publishArtifacts with: name: ${{ steps.calculateArtifactsNames.outputs.PowerPlatformSolutionArtifactsName }} diff --git a/README.md b/README.md index dcd3e07..81dd895 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,5 @@ # AL-Go Per Tenant Extension Template + This template repository can be used for managing AppSource Apps for Business Central. [![Use this template](https://github.com/microsoft/AL-Go/assets/10775043/ca1ecc85-2fd3-4ab5-a866-bd2e7e80259d)](https://github.com/new?template_name=AL-Go-PTE&template_owner=microsoft) diff --git a/SECURITY.md b/SECURITY.md index a050f36..9657262 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -4,7 +4,7 @@ Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/). -If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)), please report it to us as described below. +If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](), please report it to us as described below. ## Reporting Security Issues @@ -18,13 +18,13 @@ You should receive a response within 24 hours. If for some reason you do not, pl Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: - * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) - * Full paths of source file(s) related to the manifestation of the issue - * The location of the affected source code (tag/branch/commit or direct URL) - * Any special configuration required to reproduce the issue - * Step-by-step instructions to reproduce the issue - * Proof-of-concept or exploit code (if possible) - * Impact of the issue, including how an attacker might exploit the issue +- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) +- Full paths of source file(s) related to the manifestation of the issue +- The location of the affected source code (tag/branch/commit or direct URL) +- Any special configuration required to reproduce the issue +- Step-by-step instructions to reproduce the issue +- Proof-of-concept or exploit code (if possible) +- Impact of the issue, including how an attacker might exploit the issue This information will help us triage your report more quickly.