Update AppVeyor Configuration to Remove SONAR_TOKEN

[guibranco]

User description

Closes #

📑 Description

✅ Checks

• [ ] My pull request adheres to the code style of this project
• [ ] My code requires changes to the documentation
• [ ] I have updated the documentation as required
• [ ] All the tests have passed

☢️ Does this introduce a breaking change?

• [ ] Yes
• [ ] No

ℹ Additional Information

---

Description

• Enhanced the appveyor.yml configuration by removing the SONAR_TOKEN environment variable.
• This change helps streamline the environment setup for AppVeyor builds.

---

Changes walkthrough 📝

	Relevant files
Configuration changes	appveyor.yml Update AppVeyor configuration by removing SONAR_TOKEN        appveyor.yml Removed the SONAR_TOKEN environment variable. Kept other secure tokens intact. +0/-2

Summary by CodeRabbit

• Chores
  • Updated versioning format and build configuration settings.
  • Modified environment variables and setup commands for build preparation.
  • Enhanced build scripts for improved coverage reporting and artifact management.

[coderabbitai[bot]]

Walkthrough

The changes in the appveyor.yml configuration file involve updates to the versioning format, environment variables, and build processes. The versioning format is now set to 1.1.{build}, and the skip_tags option is enabled. The build environment is configured for Visual Studio 2022, with specific commands for setting up the environment, restoring packages, and executing tests. The deployment process for NuGet and GitHub is also specified, detailing conditions and authentication requirements for deployment.

Changes

File	Change Summary
appveyor.yml	Updated versioning format to 1.1.{build}, set skip_tags to true, specified Visual Studio 2022, and defined Release configuration. Removed SONAR_TOKEN, retained CODACY_PROJECT_TOKEN and CODECLIMATE_TOKEN. Modified init, before_build, build, build_script, after_build, artifacts, and deploy sections for improved setup and deployment processes.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant AppVeyor
    participant NuGet
    participant GitHub

    User->>AppVeyor: Trigger Build
    AppVeyor->>AppVeyor: Setup Environment
    AppVeyor->>AppVeyor: Restore Packages
    AppVeyor->>AppVeyor: Execute Tests
    AppVeyor->>NuGet: Publish Packages
    AppVeyor->>GitHub: Deploy Artifacts

🐰 "In the land of code where the rabbits play,
The build is set up in a brand new way.
With tokens and paths all neatly aligned,
Our artifacts zip up, oh so refined!
Hopping through tests, we cover each line,
With NuGet and GitHub, our projects will shine!" 🌟

---

📜 Recent review details

**Configuration used: CodeRabbit UI** **Review profile: CHILL**

📥 Commits

Files that changed from the base of the PR and between 37e5c2b64ba5dadad4a488178e8121e7fb101f84 and 8f8e7b79f26e21f6bc5e7faeea70b8f536038a5c.

📒 Files selected for processing (1)

* appveyor.yml (0 hunks)

💤 Files with no reviewable changes (1)

* appveyor.yml

--- Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

- [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)

🪧 Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit , please review it.` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` - `@coderabbitai help me debug CodeRabbit configuration file.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (Invoked using PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to do a full review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai configuration` to show the current CodeRabbit configuration for the repository. - `@coderabbitai help` to get help. ### Other keywords and placeholders - Add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. - Add `@coderabbitai summary` to generate the high-level summary at a specific location in the PR description. - Add `@coderabbitai` anywhere in the PR title to generate the title automatically. ### CodeRabbit Configuration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](http://discord.gg/coderabbit) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.

[penify-dev[bot]]

PR Review 🔍

⏱️ Estimated effort to review [1-5]	1, because the change is straightforward and involves removing a single environment variable without affecting the overall functionality.
🧪 Relevant tests	No
⚡ Possible issues	No
🔒 Security concerns	No

[github-actions[bot]]

Infisical secrets check: :white_check_mark: No secrets leaked!

Scan results:

1:01PM INF scanning for exposed secrets...
1:01PM INF 158 commits scanned.
1:01PM INF scan completed in 101ms
1:01PM INF no leaks found

[penify-dev[bot]]

PR Code Suggestions ✨

Category	Suggestion	Score
Security	Verify that sensitive tokens are managed securely to prevent unauthorized access ___ **Ensure that the CODACY_PROJECT_TOKEN is stored securely and not exposed in version control.** [appveyor.yml [7-9]](https://github.com/guibranco/PIX-BACEN-SDK-dotnet/pull/136/files#diff-92ab9a36df5d8e9f7076f2fdec59492d1ac2d9cf27ea046767a7fc4d542ef3dcR7-R9) ```diff -CODACY_PROJECT_TOKEN: - secure: bqp3Vwf5Ft5sm/p8WP1AwuSu8msKg1sRYqH28kx2mK39mEN9L15BWl2wKHAUlNKd +CODACY_PROJECT_TOKEN: # Ensure this is stored securely + secure: ``` Suggestion importance[1-10]: 9 Why: This suggestion emphasizes the importance of securely managing sensitive tokens, which is vital to prevent unauthorized access and maintain security.	9
	Evaluate the necessity of the CODECLIMATE_TOKEN and remove it if not required ___ **Consider removing the CODECLIMATE_TOKEN as well if it is not being used, to minimize the exposure of sensitive tokens.** [appveyor.yml [9]](https://github.com/guibranco/PIX-BACEN-SDK-dotnet/pull/136/files#diff-92ab9a36df5d8e9f7076f2fdec59492d1ac2d9cf27ea046767a7fc4d542ef3dcR9-R9) ```diff -CODECLIMATE_TOKEN: +# CODECLIMATE_TOKEN: # Uncomment if needed ``` Suggestion importance[1-10]: 8 Why: The suggestion addresses the potential security risk of exposing sensitive tokens, which is crucial for maintaining security in the configuration file.	8
Maintainability	Add comments to clarify the purpose of environment variables for future reference ___ **Consider adding a comment explaining the purpose of each token for better maintainability.** [appveyor.yml [7]](https://github.com/guibranco/PIX-BACEN-SDK-dotnet/pull/136/files#diff-92ab9a36df5d8e9f7076f2fdec59492d1ac2d9cf27ea046767a7fc4d542ef3dcR7-R7) ```diff +# Token for Codacy project integration CODACY_PROJECT_TOKEN: secure: bqp3Vwf5Ft5sm/p8WP1AwuSu8msKg1sRYqH28kx2mK39mEN9L15BWl2wKHAUlNKd ``` Suggestion importance[1-10]: 6 Why: While adding comments can improve maintainability, this suggestion does not address a critical issue and is more of a minor enhancement.	6
	Clean up the configuration file by removing any deprecated or unused settings ___ **Review the overall configuration for any deprecated or unused settings to keep the file clean.** [appveyor.yml [6]](https://github.com/guibranco/PIX-BACEN-SDK-dotnet/pull/136/files#diff-92ab9a36df5d8e9f7076f2fdec59492d1ac2d9cf27ea046767a7fc4d542ef3dcR6-R6) ```diff -environment: +environment: # Review for deprecated settings ``` Suggestion importance[1-10]: 5 Why: This suggestion is relevant for maintainability but lacks specificity regarding which settings are deprecated or unused, making it less impactful.	5

[codacy-production[bot]]

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation	Diff coverage
Report missing for 37e5c2b64ba5dadad4a488178e8121e7fb101f84[^1]	:white_check_mark: ∅

Coverage variation details

| | Coverable lines | Covered lines | Coverage | | ------------- | ------------- | ------------- | ------------- | | Common ancestor commit (37e5c2b64ba5dadad4a488178e8121e7fb101f84) | Report Missing | Report Missing | Report Missing | | | Head commit (8f8e7b79f26e21f6bc5e7faeea70b8f536038a5c) | 75 | 1 | 1.33% | **Coverage variation** is the difference between the coverage for the head and common ancestor commits of the pull request branch: ` - `

Diff coverage details

| | Coverable lines | Covered lines | Diff coverage | | ------------- | ------------- | ------------- | ------------- | | Pull request (#136) | 0 | 0 | **∅ (not applicable)** | **Diff coverage** is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: `/ * 100%`

See your quality gate settings    Change summary preferences

_{Codacy stopped sending the deprecated coverage status on June 5th, 2024. Learn more} [^1]: Codacy didn't receive coverage data for the commit, or there was an error processing the received data. Check your integration for errors and validate that your coverage setup is correct.

[sonarcloud[bot]]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[AppVeyorBot]

:white_check_mark: Build PIX-BACEN-SDK-dotnet 1.1.410 completed (commit https://github.com/guibranco/PIX-BACEN-SDK-dotnet/commit/f8a737f290 by @guibranco)

[codecov[bot]]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 1.33%. Comparing base (dd33f11) to head (8f8e7b7). Report is 3 commits behind head on main.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #136 +/- ## ===================================== Coverage 1.33% 1.33% ===================================== Files 17 17 Lines 75 75 ===================================== Hits 1 1 Misses 74 74 ``` | [Flag](https://app.codecov.io/gh/guibranco/PIX-BACEN-SDK-dotnet/pull/136/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Guilherme+Branco+Stracini) | Coverage Δ | | |---|---|---| | [](https://app.codecov.io/gh/guibranco/PIX-BACEN-SDK-dotnet/pull/136/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Guilherme+Branco+Stracini) | `?` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Guilherme+Branco+Stracini#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.