Fix CI, Followup #438 (#443) #161
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: .NET main | |
| on: | |
| push: | |
| branches: ["main"] | |
| workflow_dispatch: | |
| env: | |
| DEFAULT_DOTNET_VERSION: "8.0.x" | |
| jobs: | |
| build: | |
| strategy: | |
| matrix: | |
| os: [windows-latest, ubuntu-latest] | |
| fail-fast: false | |
| runs-on: "${{ matrix.os }}" | |
| env: | |
| DOTNET_CONFIGURATION: Release | |
| DAPR_VERSION: "1.14.1" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup Runtimes, Caching, and Tools | |
| uses: ./.github/actions/setup-runtimes-caching | |
| with: | |
| hash-file: ".github/workflows/dotnet-main.yml" | |
| - name: Restore dependencies | |
| run: dotnet restore | |
| - name: Build | |
| run: dotnet build --no-restore --configuration ${{ env.DOTNET_CONFIGURATION }} | |
| - name: Test | |
| run: dotnet test --no-build --configuration ${{ env.DOTNET_CONFIGURATION }} --collect "XPlat Code Coverage" --results-directory test-results --logger trx /p:TrxLogFileNameSuffix=${{ matrix.os }} | |
| - name: Publish NuGet package | |
| run: dotnet pack --no-build -c ${{ env.DOTNET_CONFIGURATION }} -o ./nuget -p:VersionSuffix='beta.${{ github.run_number }}' | |
| - name: Publish NuGet packages as artifacts | |
| uses: actions/upload-artifact@v4 | |
| if: ${{ matrix.os == 'ubuntu-latest' }} | |
| with: | |
| name: nuget-packages | |
| path: ./nuget | |
| - name: Upload Package List | |
| uses: actions/upload-artifact@v4 | |
| if: ${{ matrix.os == 'ubuntu-latest' }} | |
| with: | |
| name: nuget-list | |
| if-no-files-found: error | |
| path: | | |
| ${{ github.workspace }}/.github/workflows/SignClientFileList.txt | |
| - name: Upload test results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: test-results-${{ matrix.os }} | |
| path: | | |
| ${{ github.workspace }}/test-results/** | |
| - name: List NuGet packages in step summary | |
| if: ${{ matrix.os == 'ubuntu-latest' }} | |
| run: ls -1 ${{ github.workspace }}/nuget/*.nupkg >> $GITHUB_STEP_SUMMARY | |
| test-reporting: | |
| permissions: | |
| contents: read | |
| actions: read | |
| checks: write | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: ${{ always() }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| merge-multiple: true | |
| - name: Test Report | |
| uses: dorny/test-reporter@v1 | |
| if: success() || failure() | |
| with: | |
| name: ".NET Tests" | |
| path: "*.trx" | |
| reporter: dotnet-trx | |
| sign: | |
| needs: build | |
| runs-on: windows-latest | |
| permissions: | |
| id-token: write # Required for requesting the JWT | |
| steps: | |
| - name: Install .NET SDK v${{ env.DEFAULT_DOTNET_VERSION }} | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: ${{ env.DEFAULT_DOTNET_VERSION }} | |
| - name: Download Package List | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: nuget-packages | |
| path: ${{ github.workspace }}/packages | |
| - name: Download NuGet package list | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: nuget-list | |
| path: ${{ github.workspace }} | |
| - name: Install Signing Tool | |
| run: dotnet tool install --tool-path ./tools sign --version 0.9.1-beta.23356.1 | |
| - name: Sign Packages | |
| run: > | |
| ./tools/sign code azure-key-vault | |
| **/*.nupkg | |
| --base-directory "${{ github.workspace }}/packages" | |
| --file-list "${{ github.workspace }}/SignClientFileList.txt" | |
| --timestamp-url "http://timestamp.digicert.com" | |
| --publisher-name ".NET Foundation" | |
| --description ".NET Aspire Community Toolkit" | |
| --description-url "https://github.com/CommunityToolkit/Aspire" | |
| --azure-key-vault-url "${{ secrets.SIGN_KEY_VAULT_URL }}" | |
| --azure-key-vault-client-id ${{ secrets.SIGN_CLIENT_ID }} | |
| --azure-key-vault-client-secret "${{ secrets.SIGN_CLIENT_SECRET }}" | |
| --azure-key-vault-tenant-id ${{ secrets.SIGN_TENANT_ID }} | |
| --azure-key-vault-certificate "${{ secrets.SIGN_CERTIFICATE }}" | |
| --verbosity Information | |
| - name: Upload Signed Packages as Artifacts (for release) | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: signed-nuget-packages | |
| if-no-files-found: error | |
| path: | | |
| ${{ github.workspace }}/packages/**/*.nupkg | |
| publish-nuget: | |
| needs: sign | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: nuget-beta | |
| steps: | |
| - name: Download package | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: signed-nuget-packages | |
| - name: Publish to NuGet | |
| run: dotnet nuget push ./*.nupkg --source "https://api.nuget.org/v3/index.json" --api-key ${{ secrets.NUGET_PACKAGE_PUSH_TOKEN }} | |
| publish-azure-artifacts: | |
| needs: sign | |
| runs-on: windows-latest | |
| environment: | |
| name: azure-artifacts | |
| steps: | |
| - name: Download package | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: signed-nuget-packages | |
| - name: Add AzDO NuGet feed | |
| run: > | |
| dotnet nuget add source | |
| https://pkgs.dev.azure.com/dotnet/CommunityToolkit/_packaging/CommunityToolkit-MainLatest/nuget/v3/index.json | |
| --name MainLatest | |
| --username dummy | |
| --password ${{ secrets.DEVOPS_PACKAGE_PUSH_TOKEN }} | |
| - name: Push signed packages to AzDO | |
| run: > | |
| dotnet nuget push | |
| "${{ github.workspace }}/**/*.nupkg" | |
| --api-key dummy | |
| --source MainLatest | |
| --skip-duplicate | |
| publish-coverage: | |
| if: github.actor != 'dependabot[bot]' | |
| needs: build | |
| uses: ./.github/workflows/code-coverage.yml | |
| secrets: inherit |