V4.0.1/package maintenance

[gimlichael]

This pull request introduces updates to dependencies, workflows, and Docker configurations, alongside version bumps and changelog updates. The changes aim to streamline CI/CD processes, ensure compatibility with the latest frameworks, and improve maintainability.

Dependency Updates:

• Updated package versions in Directory.Packages.props, including upgrades for Codebelt.Extensions.Swashbuckle.AspNetCore, Cuemon.Core, and Microsoft.NET.Test.Sdk, among others. These updates ensure compatibility with the latest .NET frameworks.

Workflow Simplifications:

• Refactored .github/workflows/pipelines.yml to use modular workflow templates (jobs-dotnet-build, jobs-dotnet-pack, jobs-dotnet-test, and jobs-nuget-push) instead of inline steps, reducing duplication and improving maintainability. [1] [2]

Docker Configuration:

• Updated .docfx/Dockerfile.docfx to specify --platform=$BUILDPLATFORM for multi-platform builds and upgraded the base images to the latest versions (nginx:1.27.5-alpine and codebeltnet/docfx:2.78.3).

Release Notes and Changelog:

• Added release notes for version 4.0.1 in multiple PackageReleaseNotes.txt files, documenting dependency upgrades for all supported target frameworks. [1] [2] [3] [4]
• Updated CHANGELOG.md with an entry for version 4.0.1, highlighting the focus on package dependency updates.

Test Environment:

• Updated the Docker image in testenvironments.json to gimlichael/ubuntu-testrunner:net8.0.409-9.0.300 for testing environments.

Summary by CodeRabbit

• Chores
  • Upgraded multiple dependencies to their latest compatible versions for improved stability and support.
  • Updated Docker and test environment images to newer versions.
  • Simplified and modularized CI/CD pipelines for easier maintenance.
• Documentation
  • Added release notes and changelog entries for version 4.0.1, highlighting updated dependencies and .NET 9/.NET 8 support.

[coderabbitai]

Walkthrough

This update upgrades multiple dependencies, Docker images, and test runner versions across the project. It modularizes the GitHub Actions pipeline by switching to reusable workflow calls, updates package release notes and changelog for version 4.0.1, and bumps several NuGet package versions to their latest compatible releases for .NET 8 and .NET 9.

Changes

File(s)	Change Summary
.docfx/Dockerfile.docfx	Upgraded nginx and docfx build images, added explicit platform flags for multi-platform support.
.github/workflows/pipelines.yml	Refactored jobs to use reusable workflow calls, simplifying and modularizing the pipeline.
Directory.Packages.props	Updated versions for several NuGet packages, including .NET 8/9 specific dependencies.
testenvironments.json	Updated Docker test runner image tag to newer .NET 8.0.409 and 9.0.300.
.nuget/Codebelt.Bootstrapper.Console/PackageReleaseNotes.txt .nuget/Codebelt.Bootstrapper.Web/PackageReleaseNotes.txt .nuget/Codebelt.Bootstrapper.Worker/PackageReleaseNotes.txt .nuget/Codebelt.Bootstrapper/PackageReleaseNotes.txt	Added 4.0.1 release notes for .NET 8/9 with dependency upgrades.
CHANGELOG.md	Added changelog entry for version 4.0.1, noting service update focused on dependencies.

Sequence Diagram(s)

sequenceDiagram
    participant Developer
    participant GitHub Actions
    participant Reusable Workflow
    participant NuGet
    participant Docker

    Developer->>GitHub Actions: Push code / open PR
    GitHub Actions->>Reusable Workflow: Call build/pack/test/deploy workflows with parameters
    Reusable Workflow->>NuGet: Restore, build, pack, test, deploy packages
    Reusable Workflow->>Docker: Build images using updated Dockerfile and test runner
    Reusable Workflow-->>GitHub Actions: Return results/artifacts
    GitHub Actions-->>Developer: Report pipeline status

Loading

Possibly related PRs

• codebeltnet/bootstrapper#1: Introduces the initial .github/workflows/pipelines.yml with explicit job steps, directly related to the current refactoring to reusable workflows.
• codebeltnet/bootstrapper#7: Upgrades the nginx base image in .docfx/Dockerfile.docfx, directly preceding the further image version bump in this PR.

Poem

A hop, a skip, a version jump,
New packages land with a gentle thump.
Docker’s fresher, pipelines neat,
Dependencies updated, a tidy feat!
With .NET 9 and 8 in tow,
The codebase gleams—onward we go!
🐇✨

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (5)

.nuget/Codebelt.Bootstrapper.Console/PackageReleaseNotes.txt (1)

1-6: Add console package release notes for 4.0.1
The new section correctly adds the 4.0.1 entry with ALM notes for .NET 9 & 8.
Consider removing the leading BOM () on line 1 for consistent encoding.

.nuget/Codebelt.Bootstrapper.Web/PackageReleaseNotes.txt (1)

1-6: Add web package release notes for 4.0.1
The Web release notes align with the overall dependency upgrade and mirror other components.
Remove the leading BOM () on line 1 to avoid encoding issues.

.docfx/Dockerfile.docfx (2)

6-6: Use COPY instead of ADD for local folders.
Switch to COPY to follow Docker best practices and avoid unintended behaviors of ADD:

-ADD [".", "docfx"]
+COPY ["docfx", "/docfx"]

🧰 Tools

🪛 Hadolint (2.12.0)

[error] 6-6: Use COPY instead of ADD for files and folders

(DL3020)

---

11-11: Optional: Add platform flag to final stage.
Consider adding --platform=$BUILDPLATFORM to the final image for consistency:

-FROM nginx:1.27.5-alpine AS final
+FROM --platform=$BUILDPLATFORM nginx:1.27.5-alpine AS final

Directory.Packages.props (1)

25-26: Updated .NET8-specific OpenAPI and Razor compilation versions.
Aligning these two packages to 8.0.16 follows the same pattern as the main props. Verify if other .NET8 packages should also be reviewed for minor version updates for uniformity.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 537b655 and 536e574.

📒 Files selected for processing (9)

• .docfx/Dockerfile.docfx (1 hunks)
• .github/workflows/pipelines.yml (2 hunks)
• .nuget/Codebelt.Bootstrapper.Console/PackageReleaseNotes.txt (1 hunks)
• .nuget/Codebelt.Bootstrapper.Web/PackageReleaseNotes.txt (1 hunks)
• .nuget/Codebelt.Bootstrapper.Worker/PackageReleaseNotes.txt (1 hunks)
• .nuget/Codebelt.Bootstrapper/PackageReleaseNotes.txt (1 hunks)
• CHANGELOG.md (1 hunks)
• Directory.Packages.props (1 hunks)
• testenvironments.json (1 hunks)

🧰 Additional context used

🪛 Hadolint (2.12.0)

.docfx/Dockerfile.docfx

[error] 6-6: Use COPY instead of ADD for files and folders

(DL3020)

🔇 Additional comments (12)

CHANGELOG.md (1)

7-10: Changelog entry for 4.0.1 looks good
The new section follows the Keep a Changelog format and the date aligns with the release notes in .nuget/*.

testenvironments.json (1)

12-12: Update test environment Docker image
The Docker image tag has been bumped to net8.0.409-9.0.300, matching the updated test runner version in the PR objectives.

.nuget/Codebelt.Bootstrapper.Worker/PackageReleaseNotes.txt (1)

1-5: New version entry is clear and descriptive.
The release notes correctly introduce the 4.0.1 entry above the 4.0.0 section, specifying supported TFMs and summarizing the dependency upgrades. This aligns with other Bootstrapper package notes.

.docfx/Dockerfile.docfx (2)

1-1: Good: Multi-platform base image specified.
Specifying --platform=$BUILDPLATFORM on the base stage ensures builds target the correct architecture.

---

4-4: Good: DocFX build image updated with platform flag.
Upgrading to codebeltnet/docfx:2.78.3 and adding --platform=$BUILDPLATFORM aligns with multi-platform build goals.

Directory.Packages.props (3)

6-10: Dependency versions have been consistently bumped in the central props.
The updates for Codebelt.Extensions.*, Cuemon.*, and Microsoft.NET.Test.Sdk ensure all packages align to the latest minor releases, matching the 4.0.1 release notes.

---

15-15: xunit.runner.visualstudio version upgrade noted.
Bumping the test runner to 3.1.0 is appropriate for .NET 9/.NET 8 test projects. Confirm compatibility with any custom test adapters.

---

18-22: Updated .NET9-specific Microsoft package versions.
The net9 condition now references 9.0.5 for OpenAPI, Razor runtime compilation, Configuration, DI abstractions, and Hosting, keeping them in sync with the SDK.

.github/workflows/pipelines.yml (4)

26-34: Build Step: Adopt reusable jobs-dotnet-build workflow.
Switching to the external workflow centralizes your build logic and reduces duplication. Verify it still handles the expected matrix (Debug, Release), restores, builds, and strong-name signs correctly.

---

40-49: Pack Step: Modularize packaging with reusable pack workflow.
Delegating to jobs-dotnet-pack cleans up your CI and ensures a consistent packaging process. Confirm the version output from build is correctly applied to the artifact.

---

52-64: Test Step: DRY up test definitions with a reusable workflow.
Centralizing test runs in jobs-dotnet-test is a solid improvement. Ensure the OS matrix and custom build switches are supported by the reusable job.

---

93-99: Deploy Step: Reuse jobs-nuget-push for NuGet publishing.
Good move delegating the NuGet push. Double-check that the conditional expression for configuration resolves correctly when inputs.configuration is empty, and that inherited secrets provide the needed package permissions.

Also applies to: 103-103

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Add release notes for version 4.0.1
The new entry correctly sits above 4.0.0 and documents the dependency upgrade.
The leading BOM () on line 1 may interfere with some text processors—consider removing it to ensure clean UTF-8.
Please verify that the Worker package release notes have also been updated to 4.0.1.

---

🏁 Script executed:

#!/bin/bash
# Verify Worker package release notes contains version 4.0.1 entry.
if ! grep -R "Version 4.0.1" .nuget/Codebelt.Bootstrapper.Worker/PackageReleaseNotes.txt; then
  echo "Error: Missing 4.0.1 entry in Worker package release notes"
  exit 1
fi
echo "Worker package release notes are up to date"

Length of output: 197

---

Release notes for v4.0.1 are in place and Worker package updated
The new entry sits correctly above 4.0.0 and documents the dependency upgrade. Worker package release notes also include the 4.0.1 entry.

Please remove the leading BOM from line 1 of .nuget/Codebelt.Bootstrapper/PackageReleaseNotes.txt to ensure clean UTF-8.

Locations to update:

• .nuget/Codebelt.Bootstrapper/PackageReleaseNotes.txt: remove BOM on line 1

🤖 Prompt for AI Agents

In .nuget/Codebelt.Bootstrapper/PackageReleaseNotes.txt at lines 1 to 6, remove
the leading Byte Order Mark (BOM) character from line 1 to ensure the file is
clean UTF-8 and compatible with all text processors. Open the file in a text
editor that can display hidden characters and delete the BOM before the "Version
4.0.1" text, then save the file without BOM encoding.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 76.17%. Comparing base (537b655) to head (536e574).
Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #13   +/-   ##
=======================================
  Coverage   76.17%   76.17%           
=======================================
  Files          20       20           
  Lines         256      256           
  Branches       16       16           
=======================================
  Hits          195      195           
  Misses         61       61           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud