identity-model/release #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This was generated by tool. Edits will be overwritten. | |
| name: identity-model/release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: 'Version in format X.Y.Z or X.Y.Z-preview.' | |
| type: string | |
| required: true | |
| default: '0.0.0' | |
| env: | |
| DOTNETT_NOLOGO: true | |
| DOTNET_CLI_TELEMETRY_OPTOUT: true | |
| jobs: | |
| tag: | |
| name: Tag and Pack | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| packages: write | |
| defaults: | |
| run: | |
| shell: bash | |
| working-directory: identity-model | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Dotnet | |
| uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 | |
| with: | |
| dotnet-version: |- | |
| 6.0.x | |
| 8.0.x | |
| 9.0.x | |
| - name: Git tag | |
| run: |- | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "Duende Software GitHub Bot" | |
| git tag -a im-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}" | |
| git push origin im-${{ github.event.inputs.version }} | |
| - name: Install Sectigo CodeSiging CA certificates | |
| run: |- | |
| sudo apt-get update | |
| sudo apt-get install -y ca-certificates | |
| sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/ | |
| sudo update-ca-certificates | |
| working-directory: .github/workflows | |
| - name: Pack IdentityModel | |
| run: dotnet pack -c Release src/IdentityModel -o artifacts | |
| - name: Tool restore | |
| run: dotnet tool restore | |
| - name: Sign packages | |
| run: |- | |
| for file in artifacts/*.nupkg; do | |
| dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning | |
| done | |
| - name: Push packages to MyGet | |
| if: github.ref == 'refs/heads/main' | |
| run: dotnet nuget push artifacts/*.nupkg --source https://www.myget.org/F/duende_identityserver/api/v2/package --api-key ${{ secrets.MYGET }} --skip-duplicate | |
| - name: Push packages to GitHub | |
| if: github.ref == 'refs/heads/main' | |
| run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Upload Artifacts | |
| if: github.ref == 'refs/heads/main' | |
| uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 | |
| with: | |
| name: artifacts | |
| path: identity-model/artifacts/*.nupkg | |
| overwrite: true | |
| retention-days: 15 | |
| publish: | |
| name: Publish to nuget.org | |
| needs: | |
| - tag | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: nuget.org | |
| steps: | |
| - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 | |
| with: | |
| name: artifacts | |
| path: artifacts | |
| - name: Setup Dotnet | |
| uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 | |
| with: | |
| dotnet-version: |- | |
| 6.0.x | |
| 8.0.x | |
| 9.0.x | |
| - name: List files | |
| run: tree | |
| shell: bash | |
| - name: Push packages to nuget.org | |
| if: github.ref == 'refs/heads/main' | |
| run: dotnet nuget push artifacts/*.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_ORG_API_KEY }} --skip-duplicate |