Add a build target for convenient creation of local nuget packages #177
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This was generated by tool. Edits will be overwritten. | |
name: access-token-management/ci | |
on: | |
workflow_dispatch: | |
push: | |
paths: | |
- .github/workflows/access-token-management-** | |
- access-token-management/** | |
- Directory.Packages.props | |
pull_request: | |
paths: | |
- .github/workflows/access-token-management-** | |
- access-token-management/** | |
- Directory.Packages.props | |
env: | |
DOTNETT_NOLOGO: true | |
DOTNET_CLI_TELEMETRY_OPTOUT: true | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
shell: bash | |
working-directory: access-token-management | |
timeout-minutes: 15 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup Dotnet | |
uses: actions/setup-dotnet@v4 | |
with: | |
dotnet-version: |- | |
6.0.x | |
8.0.x | |
9.0.x | |
- name: Test - AccessTokenManagement.Tests | |
run: dotnet test -c Release test/AccessTokenManagement.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage" | |
- name: Test report - AccessTokenManagement.Tests | |
if: success() || failure() | |
uses: dorny/test-reporter@v1 | |
with: | |
name: Test Report - AccessTokenManagement.Tests | |
path: access-token-management/test/AccessTokenManagement.Tests/TestResults/Tests.trx | |
reporter: dotnet-trx | |
fail-on-error: true | |
fail-on-empty: true | |
- name: Install Sectigo CodeSiging CA certificates | |
run: |- | |
sudo apt-get update | |
sudo apt-get install -y ca-certificates | |
sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/ | |
sudo update-ca-certificates | |
working-directory: .github/workflows | |
- name: Tool restore | |
run: dotnet tool restore | |
- name: Pack AccessTokenManagement | |
run: dotnet pack -c Release src/AccessTokenManagement -o artifacts | |
- name: Pack AccessTokenManagement.OpenIdConnect | |
run: dotnet pack -c Release src/AccessTokenManagement.OpenIdConnect -o artifacts | |
- name: Sign packages | |
run: |- | |
for file in artifacts/*.nupkg; do | |
dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning | |
done | |
- name: Push packages to MyGet | |
if: github.ref == 'refs/heads/main' | |
run: dotnet nuget push artifacts/*.nupkg --source https://www.myget.org/F/duende_identityserver/api/v2/package --api-key ${{ secrets.MYGET }} --skip-duplicate | |
- name: Push packages to GitHub | |
if: github.ref == 'refs/heads/main' | |
run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Upload Artifacts | |
if: github.ref == 'refs/heads/main' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: artifacts | |
path: access-token-management/artifacts/*.nupkg | |
overwrite: true | |
retention-days: 15 |