diff --git a/.github/workflows/deploy.and.test.yml b/.github/workflows/deploy.and.test.yml deleted file mode 100644 index 9d38071182..0000000000 --- a/.github/workflows/deploy.and.test.yml +++ /dev/null @@ -1,47 +0,0 @@ -name: Create a Scratch Org, Push Source and Run Apex Tests - -on: - push: - pull_request_target: - workflow_dispatch: - -jobs: - build: - - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - with: - ref: ${{github.event.pull_request.head.ref}} - repository: ${{github.event.pull_request.head.repo.full_name}} - - name: Install SF CLI and authorize DevHub - uses: apex-enterprise-patterns/setup-sfdx@v2 #We're using a fork of https://github.com/sfdx-actions/setup-sfdx for safety - with: - sfdx-auth-url: ${{ secrets.DEVHUB_SFDXURL }} - # - name: Install the required plugins - # run: echo y | sf plugins install shane-sfdx-plugins - - name: Setup the config parameters needed - run: sf config set target-dev-hub SFDX-ENV --global #Even though the setup-sfdx action uses --setdefaultdevhubusername, it doesn't seem to stick since it uses --setdefaultusername so we brute force it here - - name: Create the scratch org - run: sf org create scratch --definition-file config/project-scratch-def.json --set-default --duration-days 1 --no-track-source --alias fflibapexcommon - # - name: Install required dependency frameworks - # run: sf shane github src install --convert --githubuser apex-enterprise-patterns --repo fflib-apex-mocks --path sfdx-source/apex-mocks - - name: Clone fflib-apex-mocks repo - run: mkdir temp && git clone https://github.com/apex-enterprise-patterns/fflib-apex-mocks.git "temp/fflib-apex-mocks" - - name: Deploy and compile the fflib-apex-mocks codebase - run: cd temp/fflib-apex-mocks && sf project deploy start --ignore-conflicts --target-org fflibapexcommon && cd ../.. - - name: Deploy and compile the codebase - run: sf project deploy start - - name: Run the core framework tests - run: sf apex run test --wait 5 - # Intentionally install the Sample Code after the core AEP Commons test pass succeeds so that we don't deploy anything in Sample Code - # that could mask a test failure. A much more involved solution would've been to do a workflow_dispatch to the samplecode project. - - name: Install sample code project to verify with - # run: sf shane github src install --convert --githubuser apex-enterprise-patterns --repo fflib-apex-common-samplecode --path sfdx-source/apex-common-samplecode - run: git clone https://github.com/apex-enterprise-patterns/fflib-apex-common-samplecode.git "temp/fflib-apex-common-samplecode" && cd temp/fflib-apex-common-samplecode && sf project deploy start --ignore-conflicts --target-org fflibapexcommon && cd ../.. - - name: Run the core framework tests and the sample code project tests - run: sf apex run test --wait 5 - - name: Destroy scratch org - run: sf org delete scratch --no-prompt - if: always() diff --git a/.github/workflows/manage.sf.api.versions.yml b/.github/workflows/manage.sf.api.versions.yml deleted file mode 100644 index 6900179c01..0000000000 --- a/.github/workflows/manage.sf.api.versions.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: Manage SF API Versions -on: - workflow_dispatch: - inputs: - api-version: - description: 'api version in the format XX e.g 58' - required: true - type: string -jobs: - update: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - uses: apex-enterprise-patterns/manage-sf-api-version@v1.0.0 - with: - api-version: ${{inputs.api-version}} - - uses: peter-evans/create-pull-request@v5 - with: - title: 'Bump API Versions to ${{inputs.api-version}}.0' - body: 'Automatically bumped by GitHub Actions ' - branch: 'devops/bump-api-versions-v${{inputs.api-version}}.0' - commit-message: 'chore: bump api to v${{inputs.api-version}}.0' diff --git a/.github/workflows/sf.yml b/.github/workflows/sf.yml new file mode 100644 index 0000000000..41ee15a671 --- /dev/null +++ b/.github/workflows/sf.yml @@ -0,0 +1,36 @@ +name: Salesforce Code Analyzer Workflow +on: + - push + - workflow_dispatch +jobs: + salesforce-code-analyzer-workflow: + runs-on: ubuntu-latest + steps: + - name: Check out files + uses: actions/checkout@v4 + + - name: Install Salesforce CLI + run: npm install -g @salesforce/cli@latest + + - name: Install Salesforce Code Analyzer Plugin + run: sf plugins install @salesforce/sfdx-scanner@latest + + - name: Run Salesforce Code Analyzer + id: run-code-analyzer + uses: forcedotcom/run-code-analyzer@v1 + with: + run-command: run + run-arguments: --category=security --target . --format=sarif --outfile results.sarif + results-artifact-name: salesforce-code-analyzer-results + + # - name: Check the outputs to determine whether to fail + # if: | + # steps.run-code-analyzer.outputs.exit-code > 0 || + # steps.run-code-analyzer.outputs.num-sev1-violations > 0 || + # steps.run-code-analyzer.outputs.num-violations > 10 + # run: exit 1 + + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: results.sarif \ No newline at end of file