fix: Remove workflow-level permissions to resolve CodeQL GITHUB_TOKEN… #19

Workflow file for this run

	name: CI/CD Pipeline

	on:
	push:
	branches: [ main, develop ]
	pull_request:
	branches: [ main ]

	jobs:
	test:
	name: Test
	runs-on: ubuntu-latest
	permissions:
	contents: read
	pull-requests: read

	steps:
	- uses: actions/checkout@v4

	- name: Setup .NET
	uses: actions/setup-dotnet@v4
	with:
	dotnet-version: '9.0.x'

	- name: Restore dependencies
	run: dotnet restore

	- name: Build
	run: dotnet build --no-restore --configuration Release

	- name: Test
	run: dotnet test --no-build --configuration Release --verbosity normal --collect:"XPlat Code Coverage" --logger trx --results-directory ./TestResults

	- name: Upload coverage reports to Codecov
	uses: codecov/codecov-action@v5
	with:
	token: ${{ secrets.CODECOV_TOKEN }}
	directory: ./TestResults
	flags: unittests
	name: codecov-umbrella
	fail_ci_if_error: false

	build:
	name: Build & Package
	runs-on: ubuntu-latest
	needs: test
	if: github.ref == 'refs/heads/main'
	permissions:
	contents: read
	pull-requests: read

	steps:
	- uses: actions/checkout@v4

	- name: Setup .NET
	uses: actions/setup-dotnet@v4
	with:
	dotnet-version: '9.0.x'

	- name: Restore dependencies
	run: dotnet restore

	- name: Build
	run: dotnet build --no-restore --configuration Release

	- name: Pack
	run: dotnet pack src/SmartRAG/SmartRAG.csproj --no-build --configuration Release --output ./nupkgs

	- name: Upload artifacts
	uses: actions/upload-artifact@v4
	with:
	name: nuget-packages
	path: ./nupkgs/*.nupkg

	publish:
	name: Publish to NuGet
	runs-on: ubuntu-latest
	needs: build
	if: github.ref == 'refs/heads/main' && contains(github.event.head_commit.message, '[release]')
	permissions:
	contents: read
	packages: write

	steps:
	- name: Download artifacts
	uses: actions/download-artifact@v4
	with:
	name: nuget-packages
	path: ./nupkgs

	- name: Setup .NET
	uses: actions/setup-dotnet@v4
	with:
	dotnet-version: '9.0.x'

	- name: Publish to NuGet
	run: dotnet nuget push ./nupkgs/*.nupkg --api-key ${{ secrets.NUGET_API_KEY }} --source https://api.nuget.org/v3/index.json --skip-duplicate

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix: Remove workflow-level permissions to resolve CodeQL GITHUB_TOKEN… #19

Workflow file

fix: Remove workflow-level permissions to resolve CodeQL GITHUB_TOKEN… #19

Uh oh!

Jobs

Run details

Workflow file for this run