-
Notifications
You must be signed in to change notification settings - Fork 1
83 lines (82 loc) · 3.12 KB
/
identity-model-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
# This was generated by tool. Edits will be overwritten.
name: identity-model/ci
on:
workflow_dispatch:
push:
paths:
- .github/workflows/identity-model-**
- identity-model/**
- Directory.Packages.props
pull_request:
paths:
- .github/workflows/identity-model-**
- identity-model/**
- Directory.Packages.props
env:
DOTNETT_NOLOGO: true
DOTNET_CLI_TELEMETRY_OPTOUT: true
jobs:
build:
name: Build
runs-on: ubuntu-latest
defaults:
run:
shell: bash
working-directory: identity-model
timeout-minutes: 15
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Dotnet
uses: actions/setup-dotnet@v4
with:
dotnet-version: |-
6.0.x
8.0.x
9.0.x
- name: Test - IdentityModel.Tests
run: dotnet test -c Release test/IdentityModel.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage"
- name: Test report - IdentityModel.Tests
if: success() || failure()
uses: dorny/test-reporter@v1
with:
name: Test Report - IdentityModel.Tests
path: identity-model/test/IdentityModel.Tests/TestResults/Tests.trx
reporter: dotnet-trx
fail-on-error: true
fail-on-empty: true
- name: Install Sectigo CodeSiging CA certificates
run: |-
sudo apt-get update
sudo apt-get install -y ca-certificates
sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
working-directory: .github/workflows
- name: Tool restore
run: dotnet tool restore
- name: Pack IdentityModel
run: dotnet pack -c Release src/IdentityModel -o artifacts
- name: Sign packages
run: |-
for file in artifacts/*.nupkg; do
dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning
done
- name: Push packages to MyGet
if: github.ref == 'refs/heads/main'
run: dotnet nuget push artifacts/*.nupkg --source https://www.myget.org/F/duende_identityserver/api/v2/package --api-key ${{ secrets.MYGET }} --skip-duplicate
- name: Push packages to GitHub
if: github.ref == 'refs/heads/main'
run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Artifacts
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@v4
with:
name: artifacts
path: identity-model/artifacts/*.nupkg
overwrite: true
retention-days: 15