From 566954ad5a2f5407735d502e498e494e334e6eec Mon Sep 17 00:00:00 2001 From: Bertrand THOMAS Date: Wed, 11 Mar 2026 11:13:14 +0100 Subject: [PATCH 1/5] Add additional-vars as secrets for dotnet quality --- .github/workflows/reusable-dotnet-quality.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.github/workflows/reusable-dotnet-quality.yml b/.github/workflows/reusable-dotnet-quality.yml index e994229..d9e8ea5 100644 --- a/.github/workflows/reusable-dotnet-quality.yml +++ b/.github/workflows/reusable-dotnet-quality.yml @@ -85,6 +85,9 @@ on: sonar-token: description: Sonar token for login required: false + additional-vars: + description: "Additional variables" + required: false jobs: dotnet-quality: @@ -100,6 +103,16 @@ jobs: if [[ -n "${{ inputs.extra-vars }}" ]]; then echo "${{ inputs.extra-vars }}" >> "$GITHUB_ENV" fi + - name: Set additional secrets + run: | + if [[ -n "${{ inputs.additional-vars }}" ]]; then + echo "${{ secrets.additional-vars }}" | while IFS='=' read -r key val; do + if [[ -n "$val" ]]; then + echo "::add-mask::$val" + fi + done + echo "${{ secrets.additional-vars }}" >> "$GITHUB_ENV" + fi - name: Disable git autocrlf if: ${{ inputs.operating-system == 'windows-latest' }} run: git config --global core.autocrlf false From 04b0d4e5cd2c4914d567efc8bdba59a8a48df25e Mon Sep 17 00:00:00 2001 From: Bertrand THOMAS Date: Wed, 11 Mar 2026 12:27:40 +0100 Subject: [PATCH 2/5] Add FORCE_JAVASCRIPT_ACTIONS_TO_NODE24 --- .github/workflows/reusable-container-scan.yml | 3 ++- .github/workflows/reusable-dotnet-quality.yml | 2 +- .github/workflows/reusable-markup-lint.yml | 2 ++ 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/reusable-container-scan.yml b/.github/workflows/reusable-container-scan.yml index c2c0726..9a11f37 100644 --- a/.github/workflows/reusable-container-scan.yml +++ b/.github/workflows/reusable-container-scan.yml @@ -89,5 +89,6 @@ jobs: vuln-type: 'os,library' severity: 'CRITICAL,HIGH' env: - IMAGE_REF: ${{ inputs.image-path }}/${{ inputs.image-name }}:${{ inputs.image-tag }} + FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true" GITHUB_TOKEN: ${{ github.token }} + IMAGE_REF: ${{ inputs.image-path }}/${{ inputs.image-name }}:${{ inputs.image-tag }} diff --git a/.github/workflows/reusable-dotnet-quality.yml b/.github/workflows/reusable-dotnet-quality.yml index d9e8ea5..9dd06ed 100644 --- a/.github/workflows/reusable-dotnet-quality.yml +++ b/.github/workflows/reusable-dotnet-quality.yml @@ -186,5 +186,5 @@ jobs: env: DOTNET_CLI_TELEMETRY_OPTOUT: 1 DOTNET_NOLOGO: 1 - # https://docs.github.com/en/actions/reference/workflows-and-actions/contexts + FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true" GITHUB_TOKEN: ${{ github.token }} diff --git a/.github/workflows/reusable-markup-lint.yml b/.github/workflows/reusable-markup-lint.yml index 8d131ff..e3b8fcf 100644 --- a/.github/workflows/reusable-markup-lint.yml +++ b/.github/workflows/reusable-markup-lint.yml @@ -44,3 +44,5 @@ jobs: python -m pip install --upgrade pip pip install yamllint yamllint . + env: + FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true" From 3194f3fe1116fb6cdb5e2578f2ac9f5b22a07122 Mon Sep 17 00:00:00 2001 From: Bertrand THOMAS Date: Wed, 11 Mar 2026 12:44:46 +0100 Subject: [PATCH 3/5] Fix typo --- .github/workflows/reusable-dotnet-quality.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-dotnet-quality.yml b/.github/workflows/reusable-dotnet-quality.yml index 9dd06ed..dc79279 100644 --- a/.github/workflows/reusable-dotnet-quality.yml +++ b/.github/workflows/reusable-dotnet-quality.yml @@ -105,7 +105,7 @@ jobs: fi - name: Set additional secrets run: | - if [[ -n "${{ inputs.additional-vars }}" ]]; then + if [[ -n "${{ secrets.additional-vars }}" ]]; then echo "${{ secrets.additional-vars }}" | while IFS='=' read -r key val; do if [[ -n "$val" ]]; then echo "::add-mask::$val" From 4b5a3a936b522c4ea0e7461af395348b9173005c Mon Sep 17 00:00:00 2001 From: Bertrand THOMAS Date: Wed, 11 Mar 2026 12:56:14 +0100 Subject: [PATCH 4/5] Better handle var in scripts --- .github/workflows/reusable-container-scan.yml | 1 - .github/workflows/reusable-dotnet-quality.yml | 16 ++++++++++------ .github/workflows/reusable-markup-lint.yml | 2 -- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/.github/workflows/reusable-container-scan.yml b/.github/workflows/reusable-container-scan.yml index 9a11f37..97ce169 100644 --- a/.github/workflows/reusable-container-scan.yml +++ b/.github/workflows/reusable-container-scan.yml @@ -89,6 +89,5 @@ jobs: vuln-type: 'os,library' severity: 'CRITICAL,HIGH' env: - FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true" GITHUB_TOKEN: ${{ github.token }} IMAGE_REF: ${{ inputs.image-path }}/${{ inputs.image-name }}:${{ inputs.image-tag }} diff --git a/.github/workflows/reusable-dotnet-quality.yml b/.github/workflows/reusable-dotnet-quality.yml index dc79279..fbdb45c 100644 --- a/.github/workflows/reusable-dotnet-quality.yml +++ b/.github/workflows/reusable-dotnet-quality.yml @@ -99,19 +99,24 @@ jobs: steps: - name: Set additional variables shell: bash + env: + EXTRA_VARS: ${{ inputs.extra-vars }} run: | - if [[ -n "${{ inputs.extra-vars }}" ]]; then - echo "${{ inputs.extra-vars }}" >> "$GITHUB_ENV" + if [[ -n "$EXTRA_VARS" ]]; then + echo "$EXTRA_VARS" >> "$GITHUB_ENV" fi - name: Set additional secrets + shell: bash + env: + ADDITIONAL_VARS: ${{ secrets.additional-vars }} run: | - if [[ -n "${{ secrets.additional-vars }}" ]]; then - echo "${{ secrets.additional-vars }}" | while IFS='=' read -r key val; do + if [[ -n "$ADDITIONAL_VARS" ]]; then + echo "$ADDITIONAL_VARS" | while IFS='=' read -r key val; do if [[ -n "$val" ]]; then echo "::add-mask::$val" fi done - echo "${{ secrets.additional-vars }}" >> "$GITHUB_ENV" + echo "$ADDITIONAL_VARS" >> "$GITHUB_ENV" fi - name: Disable git autocrlf if: ${{ inputs.operating-system == 'windows-latest' }} @@ -186,5 +191,4 @@ jobs: env: DOTNET_CLI_TELEMETRY_OPTOUT: 1 DOTNET_NOLOGO: 1 - FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true" GITHUB_TOKEN: ${{ github.token }} diff --git a/.github/workflows/reusable-markup-lint.yml b/.github/workflows/reusable-markup-lint.yml index e3b8fcf..8d131ff 100644 --- a/.github/workflows/reusable-markup-lint.yml +++ b/.github/workflows/reusable-markup-lint.yml @@ -44,5 +44,3 @@ jobs: python -m pip install --upgrade pip pip install yamllint yamllint . - env: - FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true" From 87fc4cf004979998211b2c2126e903e7ea06f9c1 Mon Sep 17 00:00:00 2001 From: Bertrand THOMAS Date: Wed, 11 Mar 2026 14:50:03 +0100 Subject: [PATCH 5/5] Always archive test results --- .github/workflows/reusable-dotnet-quality.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/reusable-dotnet-quality.yml b/.github/workflows/reusable-dotnet-quality.yml index fbdb45c..60bbe5a 100644 --- a/.github/workflows/reusable-dotnet-quality.yml +++ b/.github/workflows/reusable-dotnet-quality.yml @@ -170,6 +170,7 @@ jobs: - name: Create FOSSA report file if: ${{ inputs.fossa-enabled && steps.fossa.outputs.report != '' }} run: echo '${{ steps.fossa.outputs.report }}' > report/fossa.html + continue-on-error: true - name: Generate SBOM with Syft uses: anchore/sbom-action@v0 # with: @@ -178,6 +179,7 @@ jobs: # output-file: sbom.json # upload-artifact: true # Auto-upload to workflow artifacts - name: Archive test results + if: always() uses: actions/upload-artifact@v4 with: name: dotnet-test-results