Skip to content

Push to CI feed (#1585) #13

Push to CI feed (#1585)

Push to CI feed (#1585) #13

Workflow file for this run

name: Package
on:
push:
branches:
- 'main'
- 'release/*'
pull_request:
branches:
- 'main'
- 'release/*'
release:
types: [published]
jobs:
pack:
name: "Pack"
runs-on: windows-latest
env:
Configuration: Release
ProjectLoadStyle: All
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Install .NET Core
uses: actions/setup-dotnet@v3
with:
dotnet-version: 6.x
- name: Install .NET Core from global.json
uses: actions/setup-dotnet@v3
- name: Install GitVersion
uses: gittools/actions/gitversion/setup@v0.9.15
with:
# v5.10.0 of GitVersion has a fix for incorrect versions when building tags. See https://github.com/GitTools/GitVersion/issues/2838
# It appears that the fix then had a regression in a later version, so locking in 5.10.0. See https://github.com/GitTools/GitVersion/issues/3351#issuecomment-1403657689
versionSpec: '5.10.0'
- name: Determine Version
uses: gittools/actions/gitversion/execute@v0
with:
useConfigFile: true
- name: Display GitVersion variables (with prefix)
run: |
echo "Major: ${{ env.GitVersion_Major }}"
echo "Minor: ${{ env.GitVersion_Minor }}"
echo "Patch: ${{ env.GitVersion_Patch }}"
echo "PreReleaseTag: ${{ env.GitVersion_PreReleaseTag }}"
echo "PreReleaseTagWithDash: ${{ env.GitVersion_PreReleaseTagWithDash }}"
echo "PreReleaseLabel: ${{ env.GitVersion_PreReleaseLabel }}"
echo "PreReleaseNumber: ${{ env.GitVersion_PreReleaseNumber }}"
echo "WeightedPreReleaseNumber: ${{ env.GitVersion_WeightedPreReleaseNumber }}"
echo "BuildMetaData: ${{ env.GitVersion_BuildMetaData }}"
echo "BuildMetaDataPadded: ${{ env.GitVersion_BuildMetaDataPadded }}"
echo "FullBuildMetaData: ${{ env.GitVersion_FullBuildMetaData }}"
echo "MajorMinorPatch: ${{ env.GitVersion_MajorMinorPatch }}"
echo "SemVer: ${{ env.GitVersion_SemVer }}"
echo "LegacySemVer: ${{ env.GitVersion_LegacySemVer }}"
echo "LegacySemVerPadded: ${{ env.GitVersion_LegacySemVerPadded }}"
echo "AssemblySemVer: ${{ env.GitVersion_AssemblySemVer }}"
echo "AssemblySemFileVer: ${{ env.GitVersion_AssemblySemFileVer }}"
echo "FullSemVer: ${{ env.GitVersion_FullSemVer }}"
echo "InformationalVersion: ${{ env.GitVersion_InformationalVersion }}"
echo "BranchName: ${{ env.GitVersion_BranchName }}"
echo "EscapedBranchName: ${{ env.GitVersion_EscapedBranchName }}"
echo "Sha: ${{ env.GitVersion_Sha }}"
echo "ShortSha: ${{ env.GitVersion_ShortSha }}"
echo "NuGetVersionV2: ${{ env.GitVersion_NuGetVersionV2 }}"
echo "NuGetVersion: ${{ env.GitVersion_NuGetVersion }}"
echo "NuGetPreReleaseTagV2: ${{ env.GitVersion_NuGetPreReleaseTagV2 }}"
echo "NuGetPreReleaseTag: ${{ env.GitVersion_NuGetPreReleaseTag }}"
echo "VersionSourceSha: ${{ env.GitVersion_VersionSourceSha }}"
echo "CommitsSinceVersionSource: ${{ env.GitVersion_CommitsSinceVersionSource }}"
echo "CommitsSinceVersionSourcePadded: ${{ env.GitVersion_CommitsSinceVersionSourcePadded }}"
echo "UncommittedChanges: ${{ env.GitVersion_UncommittedChanges }}"
echo "CommitDate: ${{ env.GitVersion_CommitDate }}"
- name: Restore
run: dotnet restore --verbosity normal
- name: Build
run: dotnet build --no-restore --verbosity normal
- name: Pack
run: dotnet pack --no-build
- name: Upload
uses: actions/upload-artifact@v3
with:
name: Unsigned
path: "bin/${{ env.Configuration }}/packages/shipping/*"
sign:
name: "Sign Package"
if: github.event_name != 'pull_request'
needs: [pack]
runs-on: windows-latest
steps:
- name: Install .NET Core
uses: actions/setup-dotnet@v3
with:
dotnet-version: 6.0.x
- name: Install SignTool tool
run: dotnet tool install --tool-path . sign --version 0.9.0-beta.23127.3
- name: Install Nuget Sign Tool
run: dotnet tool install --global NuGetKeyVaultSignTool
- name: Download Unsigned Packages
uses: actions/download-artifact@v3
with:
name: Unsigned
path: '${{ github.workspace }}/unsigned'
- name: Expand Packages For Signing
shell: pwsh
run: |
cd ${{ github.workspace }}/unsigned
mkdir raw
cd raw
gci ..\*.nupkg | % { Expand-Archive $_ }
cd ..\..
gci -r
- name: Sign the DLLs
shell: pwsh
run: >
./sign code azure-key-vault **/DocumentFormat.OpenXml*.dll --base-directory "${{ github.workspace }}/unsigned/raw" --publisher-name "Microsoft" --description "DocumentFormat.OpenXml DLL Signing" --description-url https://github.com/dotnet/sign --azure-key-vault-tenant-id "${{ secrets.SignTenantId }}" --azure-key-vault-client-id "${{ secrets.SignClientId }}" --azure-key-vault-client-secret "${{ secrets.SignClientSecret }}" --azure-key-vault-certificate "${{ secrets.SignKeyVaultCertificate }}" --azure-key-vault-url "${{ secrets.SignKeyVaultUrl }}"
- name: Create Signed NUPKG
shell: pwsh
run: |
cd ${{ github.workspace }}/unsigned/raw
gci -r CodeSignSummary | rm
gci -Directory | % { [IO.Compression.ZipFile]::CreateFromDirectory($_, "$_.nupkg") }
gci
- name: Sign the NUPKGs
shell: pwsh
run: >
./sign code azure-key-vault
*.nupkg
--base-directory "${{ github.workspace }}/unsigned/raw"
--publisher-name "Microsoft"
--description "DocumentFormat.OpenXml DLL Signing"
--description-url "https://github.com/dotnet/sign"
--azure-key-vault-tenant-id "${{ secrets.SignTenantId }}"
--azure-key-vault-client-id "${{ secrets.SignClientId }}"
--azure-key-vault-client-secret "${{ secrets.SignClientSecret }}"
--azure-key-vault-certificate "${{ secrets.SignKeyVaultCertificate }}"
--azure-key-vault-url "${{ secrets.SignKeyVaultUrl }}"
- uses: actions/upload-artifact@v3
with:
name: Signed
path: |
${{ github.workspace }}\unsigned\*.snupkg
${{ github.workspace }}\unsigned\raw\*.nupkg
CI:
name: "Push to CI feed"
needs: [sign]
runs-on: ubuntu-latest
steps:
- name: Install .NET Core
uses: actions/setup-dotnet@v3
- name: Download Packages
uses: actions/download-artifact@v3
with:
name: Signed
path: '${{ github.workspace }}/packages'
- name: Push to CI feed
env:
SLEET_FEED_TYPE: azure
SLEET_FEED_CONTAINER: feed
SLEET_FEED_CONNECTIONSTRING: ${{secrets.SLEET_CONNECTIONSTRING}}
run: |
cd $GITHUB_WORKSPACE/packages
dotnet tool install -g sleet
sleet push . --skip-existing
releaseInfo:
name: Release Info
runs-on: windows-latest
steps:
- name: Get Release Info
run: >
echo ${{ github.event_name == 'release' }} >> release-info.txt
- name: Upload Release Info
uses: actions/upload-artifact@v3
with:
name: release-info
path: release-info.txt