contentstack · OMpawar-21 · Mar 10, 2026 · cs-raj · Mar 10, 2026 · cs-raj
@@ -20,4 +20,11 @@ jobs:
           name: DotNet unit Tests
           path: ./Contentstack.Management.Core.Unit.Tests/TestResults/Report-Contentstack-DotNet-Test-Case.trx
           reporter: dotnet-trx
-          fail-on-error: true
+          fail-on-error: true
+      - name: Upload enhanced HTML report
+        uses: actions/upload-artifact@v4
+        if: success() || failure()
+        with:
+          name: EnhancedReport-Contentstack-DotNet-Test-Case
+          path: ./Contentstack.Management.Core.Unit.Tests/TestResults/EnhancedReport-Contentstack-DotNet-Test-Case.html
+          if-no-files-found: warn
@@ -18,10 +18,22 @@ packages/
 *.config
 *.nupkg
 *.nuspec
+
+# VSTest TRX – may contain full test stdout (URLs, headers, bodies) from TestReportHelper
 *.trx
-*/TestResults/*
+
+# Test output root – TRX, Cobertura, ReportGenerator HTML, EnhancedTestReport HTML.
+# Reports must never be committed (credentials / stack / org data).
+**/TestResults/
+**/TestResults/**
+
+# Explicit report artifacts if generated outside TestResults by mistake
+**/EnhancedReport*.html
+**/Coverage-*/**/*.html
+**/Coverage-*/**/*.htm
+
 */app.config
 */mono**
 */appSettings.json
 api_referece/*
-.sonarqube/
+.sonarqube/
@@ -15,6 +15,10 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Contentstack.Management.Cor
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "contentstack.management.aspnetcore", "Contentstack.Management.ASPNETCore\contentstack.management.aspnetcore.csproj", "{C90C9782-D041-43A1-B13E-21B72B9A6BE2}"
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "tools", "tools", "{E94A86BE-2DDC-4F1B-A949-10814F99AE59}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "EnhancedTestReport", "tools\EnhancedTestReport\EnhancedTestReport.csproj", "{63FAB568-06EA-4E29-BBDA-6F6B75BD1176}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -37,6 +41,10 @@ Global
 		{C90C9782-D041-43A1-B13E-21B72B9A6BE2}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{C90C9782-D041-43A1-B13E-21B72B9A6BE2}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{C90C9782-D041-43A1-B13E-21B72B9A6BE2}.Release|Any CPU.Build.0 = Release|Any CPU
+		{63FAB568-06EA-4E29-BBDA-6F6B75BD1176}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{63FAB568-06EA-4E29-BBDA-6F6B75BD1176}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{63FAB568-06EA-4E29-BBDA-6F6B75BD1176}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{63FAB568-06EA-4E29-BBDA-6F6B75BD1176}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -49,6 +57,7 @@ Global
 		{FB3B9D93-5524-479A-85B5-2A7C24304D19} = {AE5BBF5C-BE98-4EA0-AA55-7E2F78C39B39}
 		{E0456E4C-F70F-4CDC-B0E9-76CCCF351514} = {AE5BBF5C-BE98-4EA0-AA55-7E2F78C39B39}
 		{C90C9782-D041-43A1-B13E-21B72B9A6BE2} = {0977D0FB-EACA-4FBE-A780-2DC2B6523E53}
+		{63FAB568-06EA-4E29-BBDA-6F6B75BD1176} = {E94A86BE-2DDC-4F1B-A949-10814F99AE59}
 	EndGlobalSection
 	GlobalSection(MonoDevelopProperties) = preSolution
 		version = 0.1.3

@@ -128,4 +128,8 @@ Stack stack = client.Stack("API_KEY");
 var path = Path.Combine(Environment.CurrentDirectory, "path/to/file");
 AssetModel asset = new AssetModel("Asset Title", path, "application/json");
 ContentstackResponse response = stack.Asset().Create(asset);
-```
+```
+
+### Test reports and security
+
+Generated test artifacts (TRX, coverage HTML, EnhancedReport HTML) **must not be committed**—they can contain stack URLs, tokens, and org data from test output. They are ignored via `.gitignore` under `**/TestResults/` and related patterns. See **[docs/TEST_REPORT_SECURITY.md](docs/TEST_REPORT_SECURITY.md)** for rationale and good practice.
@@ -0,0 +1,13 @@
+#!/bin/sh
+# Sample pre-commit hook: refuse commits that include test report artifacts.
+# Install: cp Scripts/pre-commit-no-test-artifacts.sample .git/hooks/pre-commit && chmod +x .git/hooks/pre-commit
+#
+# Why: TRX and HTML reports can contain tokens, URLs, and org/stack data from TestReportHelper output.
+
+if git diff --cached --name-only | grep -E '(^|/)TestResults/|EnhancedReport.*\.html$|Report-.*\.trx$|coverage\.cobertura\.xml$'; then
+  echo "Commit blocked: staged files match test report artifact patterns."
+  echo "Remove them from the index: git reset HEAD -- <path>"
+  echo "See docs/TEST_REPORT_SECURITY.md"
+  exit 1
+fi
+exit 0
@@ -34,3 +34,11 @@ do
 done
 
 echo "Code coverage report generate."
+
+echo "Generating enhanced HTML report (merged TRX + Cobertura)..."
+dotnet run --project tools/EnhancedTestReport/EnhancedTestReport.csproj -- \
+  --trx-dir "Contentstack.Management.Core.Unit.Tests/TestResults" \
+  --trx-dir "Contentstack.Management.Core.Tests/TestResults" \
+  --cobertura-dir "Contentstack.Management.Core.Unit.Tests/TestResults" \
+  --cobertura-dir "Contentstack.Management.Core.Tests/TestResults" \
+  --output "Contentstack.Management.Core.Unit.Tests/TestResults/EnhancedReport-$FILE_NAME.html"
@@ -14,4 +14,10 @@ FILE_NAME="Contentstack-DotNet-Test-Case"
 echo "Running test case..."
 dotnet test "Contentstack.Management.Core.Unit.Tests/Contentstack.Management.Core.Unit.Tests.csproj" --logger "trx;LogFileName=Report-$FILE_NAME.trx" --collect:"XPlat code coverage"
 
+echo "Generating enhanced HTML report..."
+dotnet run --project tools/EnhancedTestReport/EnhancedTestReport.csproj -- \
+  --trx-dir "Contentstack.Management.Core.Unit.Tests/TestResults" \
+  --cobertura-dir "Contentstack.Management.Core.Unit.Tests/TestResults" \
+  --output "Contentstack.Management.Core.Unit.Tests/TestResults/EnhancedReport-$FILE_NAME.html"
+
 echo "Test case Completed..."   
@@ -0,0 +1,42 @@
+# Test report artifacts – do not commit
+
+## Why
+
+TRX files and HTML reports (EnhancedTestReport, ReportGenerator coverage) are built from test runs that capture **stdout**. Integration tests using `TestReportHelper` emit JSON that includes:
+
+- HTTP request URLs, query parameters, headers, and bodies  
+- HTTP response headers and bodies  
+- Assertion details  
+
+Those outputs can contain **management tokens, API keys, stack API URLs, org identifiers**, and other sensitive data. **Treat every generated report as confidential.**
+
+## What is ignored
+
+The repository `.gitignore` is configured so that:
+
+| Pattern | Purpose |
+|--------|--------|
+| `*.trx` | VSTest TRX may embed full StdOut from each test. |
+| `**/TestResults/` | Default location for TRX, Cobertura, and report HTML. |
+| `**/EnhancedReport*.html` | Single-file enhanced reports (if written outside `TestResults` by mistake). |
+| `**/Coverage-*/**/*.html` | ReportGenerator output trees. |
+
+## Good practice
+
+1. **Write reports only under `TestResults`**  
+   Scripts should pass `--output` / targetdir under each test project’s `TestResults` folder so one ignore rule covers everything.
+
+2. **CI only**  
+   Upload reports as **artifacts** (`actions/upload-artifact`) with `if: success() || failure()` for debugging—never commit them back to the branch.
+
+3. **Never `git add -f`** on ignored report paths  
+   If a file was tracked before it was ignored, remove it from the index:  
+   `git rm -r --cached path/to/TestResults`
+
+4. **Optional local hook**  
+   To block accidental commits, install a pre-commit hook that rejects staged paths under `TestResults/` or matching `EnhancedReport*.html`. See `Scripts/pre-commit-no-test-artifacts.sample`.
+
+## Related
+
+- **EnhancedTestReport** tool: `tools/EnhancedTestReport/` – run after `dotnet test` via `Scripts/run-unit-test-case.sh` or `Scripts/run-test-case.sh`. Output is always under `**/TestResults/` (ignored by git).
+- Test pipeline overview: see internal `TEST_REPORT_LOGIC.md` (or your team’s copy) for TRX + Cobertura + EnhancedTestReport flow.
@@ -0,0 +1,11 @@
+<Project Sdk="Microsoft.NET.Sdk">
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net7.0</TargetFramework>
+    <RootNamespace>EnhancedTestReport</RootNamespace>
+    <Nullable>enable</Nullable>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <AssemblyName>EnhancedTestReport</AssemblyName>
+  </PropertyGroup>
+  <!-- BCL only: System.Text.Json + System.Xml.Linq included in net7 -->
+</Project>