Skip to content

Unified Master Workflow#100

Open
MichielOda wants to merge 1 commit intomainfrom
MasterWorkflow
Open

Unified Master Workflow#100
MichielOda wants to merge 1 commit intomainfrom
MasterWorkflow

Conversation

@MichielOda
Copy link
Member

@MichielOda MichielOda commented Mar 26, 2026
edited
Loading

PR Summary: Introduce Unified Master Workflow

Overview

This PR introduces a new centralized Master Workflow (Master Workflow.yml) that consolidates the full CI/CD pipeline for .NET solutions. The existing NuGet Solution, Internal NuGet Solution, and DataMiner App Packages wrapper workflows are refactored to delegate to this new Master Workflow, eliminating duplicated pipeline logic.

New File

Master Workflow.yml

A new reusable workflow_call workflow that provides an end-to-end CI/CD pipeline with first-class support for both NuGet packages and DataMiner SDK packages (.dmapp/.dmtest). It dynamically adapts behavior based on project types discovered in the calling repo.

Jobs (5):

Job Runner Purpose
check_oidc ubuntu Resolves Azure OIDC credentials (caller-provided, SkylineCommunications defaults, or disabled)
discover_projects ubuntu Finds the .sln/.slnx file and detects DataMiner SDK projects via DataMinerType in .csproj
ci ubuntu Secrets retrieval, validation, build, test, SonarCloud analysis, artifact detection & upload
sign_nuget windows Signs NuGet packages via Azure Key Vault (passes through unsigned if OIDC unavailable)
push_nuget ubuntu Pushes signed NuGet packages on tag (to GitHub Packages or custom source)
upload_to_catalog windows Signs DataMiner packages, extracts release notes, publishes to DataMiner Catalog on tag

Key capabilities:

  • Dynamic project detection (DataMiner SDK vs. plain NuGet)
  • Azure OIDC integration with Key Vault secret retrieval
  • SonarCloud analysis with initial analysis bootstrapping
  • Dual test runner support (VSTest / Microsoft.Testing.Platform)
  • NuGet code-signing via dotnet sign + Azure Key Vault
  • DataMiner package signing via dataminer-package-signature
  • SBOM generation for DataMiner packages
  • Catalog identifier override via multi-line input mapping
  • Source code URL injection in manifest.yml
  • Configurable NuGet push destination (defaults to GitHub Packages)
  • SDK version pinning (Skyline.DataMiner.Sdk 2.4.7, AppPackageInstaller 4.0.0)
  • Dependabot-aware (skips SonarCloud and signing for Dependabot PRs)

Inputs: oidc-client-id, oidc-tenant-id, oidc-subscription-id, sonarcloud-project-name (required), configuration, solution-filter-name, debug, override-catalog-identifiers, nuget-push-source

Secrets (all optional): SONAR_TOKEN, DATAMINER_TOKEN, AZURE_TOKEN, OVERRIDE_CATALOG_DOWNLOAD_TOKEN, NUGET_API_KEY

Modified Files

DataMiner App Packages Master Workflow.yml

  • Refactored to act as a thin wrapper that delegates to Master Workflow.yml.
  • Retains the check_deprecated_item job (warns callers about obsolete inputs/secrets).
  • Passes through inputs (sonarcloud-project-name, configuration, solution-filter-name, override-catalog-identifiers, debug) and secrets (SONAR_TOKEN, AZURE_TOKEN, DATAMINER_TOKEN, OVERRIDE_CATALOG_DOWNLOAD_TOKEN) to the Master Workflow.
  • All inline CI/CD logic (build, test, SonarCloud, artifact handling, catalog upload) is removed in favor of the centralized workflow.

NuGet Solution Master Workflow.yml

  • Refactored to act as a thin wrapper that delegates to Master Workflow.yml.
  • Retains the check_deprecated_item job (warns about obsolete inputs like referenceName, pfx, pfxPassword, etc.).
  • Maps legacy input names to new ones (e.g., solutionNamesolution-filter-name).
  • Sets nuget-push-source to https://api.nuget.org/v3/index.json (public NuGet.org).
  • Passes NUGET_API_KEY, SONAR_TOKEN, AZURE_TOKEN secrets.

Internal NuGet Solution Master Workflow.yml

  • Refactored to act as a thin wrapper that delegates to Master Workflow.yml.
  • Retains the check_deprecated_item job.
  • Maps legacy input names (e.g., solutionFilterNamesolution-filter-name).
  • Does not set nuget-push-source (defaults to GitHub Packages registry).
  • Passes NUGET_API_KEY, SONAR_TOKEN, AZURE_TOKEN secrets.

Unchanged Files

  • Automation Master Workflow.yml — still routes to Legacy/SDK sub-workflows via SDKChecker
  • Automation Master Legacy Workflow.yml — standalone legacy pipeline (windows-latest)
  • Automation Master SDK Workflow.yml — standalone SDK pipeline (windows-latest)
  • Connector Master Workflow.yml — still routes to Legacy/SDK sub-workflows via SDKChecker
  • Connector Master Legacy Workflow.yml — standalone legacy pipeline (windows-latest)
  • Connector Master SDK Workflow.yml — standalone SDK pipeline (windows-latest)
  • SRM Function Master Workflow.yml — standalone legacy pipeline
  • Update Catalog Details Workflow.yml — standalone catalog details updater

@MichielOda MichielOda requested a review from a team March 26, 2026 11:31
@MichielOda
Introduce Master Workflow
ee61492 
Supports MTP testing
Supports both Skyline.DataMiner.Sdk & NuGet projects
Redirect existing NuGet & App Package workflows towards the Master Workflow
Fix security concerns
@MichielOda MichielOda changed the title Master workflow Unified Master Workflow Mar 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@MichielOda