Skip to content

Commit

Permalink
Remove build projects
Browse files Browse the repository at this point in the history 
- move and use crt in workflows directory
- regen'd workflows
  • Loading branch information
@damianh
damianh committed Nov 5, 2024
1 parent f59375b commit aab79f6
Show file tree
Hide file tree
Showing 40 changed files with 112 additions and 1,711 deletions.
37 changes: 18 additions & 19 deletions .github/workflow-gen/Program.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ void GenerateCiWorkflow(Component component)

foreach (var project in component.Projects)
{
job.StepPack(component.Name, project);
job.StepPack(project);
}

job.StepSign();
Expand Down Expand Up @@ -115,7 +115,7 @@ git push origin it-${{ github.event.inputs.version }}

foreach (var project in component.Projects)
{
tagJob.StepPack(component.Name, project);
tagJob.StepPack(project);
}

tagJob.StepSign();
Expand Down Expand Up @@ -157,9 +157,6 @@ void WriteWorkflow(Workflow workflow, string fileName)
Console.WriteLine($"Wrote workflow to {filePath}");
}




record Component(string Name, string[] Projects, string[] Tests);

public static class StepExtensions
Expand All @@ -185,45 +182,47 @@ public static void StepTestAndReport(this Job job, string componentName, string
$"--logger \"trx;LogFileName={logFileName}\" " +
$"--collect:\"XPlat Code Coverage\"";
job.Step()
.Name("Test")
.Name($"Test - {testProject}")
.Run($"dotnet test -c Release {path} {flags}");

job.Step("test-report")
.Name("Test report")
job.Step()
.Name($"Test report - {testProject}")
.Uses("dorny/test-reporter@v1")
.If("success() || failure()")
.With(
("name", "Test Report"),
("name", $"Test Report - {testProject}"),
("path", $"{componentName}/{path}/TestResults/{logFileName}"),
("reporter", "dotnet-trx"),
("fail-on-error", "true"),
("fail-on-empty", "true"));
}

// These intermediate certificates are required for signing and are not installed on the GitHub runners by default.
public static void StepInstallCACerts(this Job job)
=> job.Step()
.Name("Install Sectigo CodeSiging CA certificates")
.IfRefMain()
.Name("Install Sectigo CodeSiging CA certificates")
.WorkingDirectory(".github/workflows")
//.IfRefMain()
.Run("""
sudo apt-get update
sudo apt-get install -y ca-certificates
sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
""");

public static void StepToolRestore(this Job job)
=> job.Step()
.Name("Tool restore")
.IfRefMain()
//.IfRefMain()
.Run("dotnet tool restore");

public static void StepPack(this Job job, string componentName, string project)
public static void StepPack(this Job job, string project)
{
var path = $"{componentName}/src/{project}";
var path = $"src/{project}";
job.Step()
.Name($"Pack {project}")
.IfRefMain()
.Run($"dotnet pack -c Release {path} --no-build -o artifacts");
//.IfRefMain()
.Run($"dotnet pack -c Release {path} -o artifacts");
}

public static void StepSign(this Job job)
Expand All @@ -237,10 +236,10 @@ public static void StepSign(this Job job)
"--azure-key-vault-certificate CodeSigning";
job.Step()
.Name("Sign packages")
.IfRefMain()
//.IfRefMain()
.Run($"""
for file in artifacts/*.nupkg; do
dotnet NuGetKeyVaultSignTool sign \"$file\" {flags}
dotnet NuGetKeyVaultSignTool sign "$file" {flags}
done
""");
}
Expand Down
0 .../SectigoPublicCodeSigningRootCrossAAA.crt → .../SectigoPublicCodeSigningRootCrossAAA.crt
View file
File renamed without changes.
21 changes: 8 additions & 13 deletions .github/workflows/access-token-management-ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,39 +31,34 @@ jobs:
uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.0.x
- name: Test
- name: Test - AccessTokenManagement.Tests
run: dotnet test -c Release test/AccessTokenManagement.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage"
- id: test-report
name: Test report
- name: Test report - AccessTokenManagement.Tests
if: success() || failure()
uses: dorny/test-reporter@v1
with:
name: Test Report
name: Test Report - AccessTokenManagement.Tests
path: access-token-management/test/AccessTokenManagement.Tests/TestResults/Tests.trx
reporter: dotnet-trx
fail-on-error: true
fail-on-empty: true
- name: Install Sectigo CodeSiging CA certificates
if: github.ref == 'refs/heads/main'
run: |-
sudo apt-get update
sudo apt-get install -y ca-certificates
sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
working-directory: .github/workflows
- name: Tool restore
if: github.ref == 'refs/heads/main'
run: dotnet tool restore
- name: Pack AccessTokenManagement
if: github.ref == 'refs/heads/main'
run: dotnet pack -c Release access-token-management/src/AccessTokenManagement --no-build -o artifacts
run: dotnet pack -c Release src/AccessTokenManagement -o artifacts
- name: Pack AccessTokenManagement.OpenIdConnect
if: github.ref == 'refs/heads/main'
run: dotnet pack -c Release access-token-management/src/AccessTokenManagement.OpenIdConnect --no-build -o artifacts
run: dotnet pack -c Release src/AccessTokenManagement.OpenIdConnect -o artifacts
- name: Sign packages
if: github.ref == 'refs/heads/main'
run: |-
for file in artifacts/*.nupkg; do
dotnet NuGetKeyVaultSignTool sign \"$file\" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning
dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning
done
- name: Push packages to MyGet
if: github.ref == 'refs/heads/main'
Expand Down
13 changes: 5 additions & 8 deletions .github/workflows/access-token-management-release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,23 +39,20 @@ jobs:
git tag -a it-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
git push origin it-${{ github.event.inputs.version }}
- name: Install Sectigo CodeSiging CA certificates
if: github.ref == 'refs/heads/main'
run: |-
sudo apt-get update
sudo apt-get install -y ca-certificates
sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
working-directory: .github/workflows
- name: Pack AccessTokenManagement
if: github.ref == 'refs/heads/main'
run: dotnet pack -c Release access-token-management/src/AccessTokenManagement --no-build -o artifacts
run: dotnet pack -c Release src/AccessTokenManagement -o artifacts
- name: Pack AccessTokenManagement.OpenIdConnect
if: github.ref == 'refs/heads/main'
run: dotnet pack -c Release access-token-management/src/AccessTokenManagement.OpenIdConnect --no-build -o artifacts
run: dotnet pack -c Release src/AccessTokenManagement.OpenIdConnect -o artifacts
- name: Sign packages
if: github.ref == 'refs/heads/main'
run: |-
for file in artifacts/*.nupkg; do
dotnet NuGetKeyVaultSignTool sign \"$file\" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning
dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning
done
- name: Push packages to MyGet
if: github.ref == 'refs/heads/main'
Expand Down
18 changes: 7 additions & 11 deletions .github/workflows/identity-model-ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,36 +31,32 @@ jobs:
uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.0.x
- name: Test
- name: Test - IdentityModel.Tests
run: dotnet test -c Release test/IdentityModel.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage"
- id: test-report
name: Test report
- name: Test report - IdentityModel.Tests
if: success() || failure()
uses: dorny/test-reporter@v1
with:
name: Test Report
name: Test Report - IdentityModel.Tests
path: identity-model/test/IdentityModel.Tests/TestResults/Tests.trx
reporter: dotnet-trx
fail-on-error: true
fail-on-empty: true
- name: Install Sectigo CodeSiging CA certificates
if: github.ref == 'refs/heads/main'
run: |-
sudo apt-get update
sudo apt-get install -y ca-certificates
sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
working-directory: .github/workflows
- name: Tool restore
if: github.ref == 'refs/heads/main'
run: dotnet tool restore
- name: Pack IdentityModel
if: github.ref == 'refs/heads/main'
run: dotnet pack -c Release identity-model/src/IdentityModel --no-build -o artifacts
run: dotnet pack -c Release src/IdentityModel -o artifacts
- name: Sign packages
if: github.ref == 'refs/heads/main'
run: |-
for file in artifacts/*.nupkg; do
dotnet NuGetKeyVaultSignTool sign \"$file\" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning
dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning
done
- name: Push packages to MyGet
if: github.ref == 'refs/heads/main'
Expand Down
103 changes: 0 additions & 103 deletions .github/workflows/identity-model-odic-client-release.yml
View file

This file was deleted.

Loading

0 comments on commit aab79f6

Please sign in to comment.