Skip to content

ci(pr): add ReSharper InspectCode job (canonical)#230

Open
Chris-Wolfgang wants to merge 2 commits into
mainfrom
chore/add-inspectcode
Open

ci(pr): add ReSharper InspectCode job (canonical)#230
Chris-Wolfgang wants to merge 2 commits into
mainfrom
chore/add-inspectcode

Conversation

@Chris-Wolfgang

Copy link
Copy Markdown
Owner

Adds the canonical ReSharper InspectCode CI job (repo-template #427) to pr.yaml.

Additive — only the inspectcode: job is inserted (after detect-projects, before the test stages). No existing job modified or removed (avoids the full-file-overwrite regression from Etl-DbClient #224).

  • runs-on: ubuntu-latest; needs: detect-projects, guarded by has-projects == 'true'.
  • Build Release → jb inspectcode → SARIF → Code Scanning. Gate fails only on level=error.

Proven green on AuditTrail, ETL-FixedWidth, System.Mail-Extensions. Protected file → merge via merge-fleet-prs.ps1 -Branch chore/add-inspectcode.

Copilot AI review requested due to automatic review settings July 13, 2026 00:44

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a new ReSharper InspectCode GitHub Actions job to this repo’s gated PR workflow (pull_request_target) to run InspectCode in parallel with existing test stages, emit SARIF, upload results to GitHub Code Scanning, and fail the job only when SARIF contains level=error.

Changes:

  • Introduces an inspectcode job that restores/builds Release, runs jb inspectcode to generate inspect.sarif, and uploads it via upload-sarif.
  • Adds a merge gate step that parses the SARIF and fails only when error-level findings are present.

Comment thread .github/workflows/pr.yaml
Comment on lines +264 to +269
- name: Checkout code
uses: actions/checkout@v7
with:
ref: refs/pull/${{ github.event.pull_request.number }}/head
persist-credentials: false

Comment thread .github/workflows/pr.yaml
Comment on lines +248 to +251
# SARIF uploads to GitHub Code Scanning (Security tab + inline PR
# annotations). `error`-severity findings fail the job; `warning`-severity
# surfaces in Code Scanning but doesn't fail (gated by --severity=WARNING
# filter). Tune the noise floor via .DotSettings at the repo root.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants