From b4f8cb6d4d21268d7ec8488e7e7cd380ce7f2c84 Mon Sep 17 00:00:00 2001 From: EliotJones Date: Sun, 15 Feb 2026 14:21:32 -0400 Subject: [PATCH 1/2] replace release flow single job with pr process since actions do not have permissions to push directly to master and bot accounts to achieve the same are hard to manage we will change the release flow to work as follows. 1. manually invoke `prepare_release_pr.yml` action, this creates a new branch with the version of all project files updated and creates a pull request for that version. this pr then should be merged using rebase merge 2. `tag_release.yml` checks if the newest commit name starts with the text "Release " and also verifies if it changed the version of the package csproj. if both those conditions are met it will create and push a new tag, e.g. `v0.1.17` to master 3. `publish_nuget.yml` listens for new `v*` tags on master and triggers the nuget deployment this is all chat gpt code so who knows if it will work --- .github/workflows/prepare_release_pr.yml | 40 ++++++++++++++++++ .github/workflows/publish_nuget.yml | 45 ++++++++++++++++++++ .github/workflows/publish_release.yml | 53 ------------------------ .github/workflows/tag_release.yml | 43 +++++++++++++++++++ 4 files changed, 128 insertions(+), 53 deletions(-) create mode 100644 .github/workflows/prepare_release_pr.yml create mode 100644 .github/workflows/publish_nuget.yml delete mode 100644 .github/workflows/publish_release.yml create mode 100644 .github/workflows/tag_release.yml diff --git a/.github/workflows/prepare_release_pr.yml b/.github/workflows/prepare_release_pr.yml new file mode 100644 index 000000000..8965775cb --- /dev/null +++ b/.github/workflows/prepare_release_pr.yml @@ -0,0 +1,40 @@ +name: Create Release PR + +on: + workflow_dispatch + +permissions: + contents: write + pull-requests: write + +jobs: + bump_version: + runs-on: windows-2022 + + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Calculate next version + id: version + run: | + $newVer = .\tools\get-next-main-version.ps1 + echo "NEW_VERSION=$newVer" >> $env:GITHUB_ENV + .\tools\set-version.ps1 $newVer -UpdateAssemblyAndFileVersion + + git config user.name "github-actions" + git config user.email "github-actions@github.com" + + git checkout -b release/$newVer + git commit -am "Release $newVer" + + - name: Create Pull Request + uses: peter-evans/create-pull-request@v6 + with: + branch: release/${{ env.NEW_VERSION }} + base: master + title: "Release ${{ env.NEW_VERSION }}" + body: "Automated release PR." + delete-branch: true + merge-method: rebase \ No newline at end of file diff --git a/.github/workflows/publish_nuget.yml b/.github/workflows/publish_nuget.yml new file mode 100644 index 000000000..ab5693a31 --- /dev/null +++ b/.github/workflows/publish_nuget.yml @@ -0,0 +1,45 @@ +name: Publish + +on: + push: + tags: + - 'v*' + +permissions: + contents: write + packages: write + +jobs: + build_and_publish: + runs-on: windows-2022 + + steps: + - uses: actions/checkout@v4 + + - name: Set up .NET + uses: actions/setup-dotnet@v4 + with: + dotnet-version: | + 2.1.x + 6.0.x + 8.0.x + 9.0.x + + - name: Add msbuild to PATH + uses: microsoft/setup-msbuild@v2 + + - name: Run tests + run: dotnet test -c Release src/UglyToad.PdfPig.sln + + - name: Build package + run: dotnet pack -c Release -o package tools/UglyToad.PdfPig.Package/UglyToad.PdfPig.Package.csproj -p:IncludeSymbols=true -p:SymbolPackageFormat=snupkg + + - name: Publish to NuGet + run: dotnet nuget push package/*.nupkg --api-key ${{secrets.NUGET_API_KEY}} --source https://api.nuget.org/v3/index.json + + - name: Create GitHub Release + uses: softprops/action-gh-release@v2 + with: + tag_name: ${{ github.ref_name }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml deleted file mode 100644 index 7e47f5692..000000000 --- a/.github/workflows/publish_release.yml +++ /dev/null @@ -1,53 +0,0 @@ -name: Release Publish - -on: - release: - types: [published] - -permissions: - contents: write - packages: write - -jobs: - build_and_publish_release: - runs-on: windows-2022 - - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Set up dotnet core - uses: actions/setup-dotnet@v4 - with: - dotnet-version: | - 2.1.x - 6.0.x - 8.0.x - 9.0.x - - - name: Add msbuild to PATH - uses: microsoft/setup-msbuild@v2 - - - name: Run tests - run: dotnet test -c Release src/UglyToad.PdfPig.sln - - - name: Build package - run: dotnet pack -c Release -o package tools/UglyToad.PdfPig.Package/UglyToad.PdfPig.Package.csproj -p:IncludeSymbols=true -p:SymbolPackageFormat=snupkg - - - name: Publish to NuGet - run: dotnet nuget push **/*.nupkg --api-key ${{secrets.NUGET_API_KEY}} --source https://api.nuget.org/v3/index.json - - - name: Increment version after release - run: | - $newVer = .\tools\get-next-main-version.ps1 - .\tools\set-version.ps1 $newVer -UpdateAssemblyAndFileVersion - git config user.name "github-actions" - git config user.email "github-actions@github.com" - - git fetch origin master - git checkout master - git pull - - git commit -am "Increment version to $newVer" - git push \ No newline at end of file diff --git a/.github/workflows/tag_release.yml b/.github/workflows/tag_release.yml new file mode 100644 index 000000000..a6e57f62b --- /dev/null +++ b/.github/workflows/tag_release.yml @@ -0,0 +1,43 @@ +name: Tag Release + +on: + push: + branches: + - master + +permissions: + contents: write + +jobs: + tag_if_version_changed: + if: startsWith(github.event.head_commit.message, 'Release ') + runs-on: windows-2022 + + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Detect version change + id: versioncheck + run: | + git fetch origin master --depth=2 + + $diff = git diff HEAD^ HEAD -- tools/UglyToad.PdfPig.Package/UglyToad.PdfPig.Package.csproj + + if ($diff -match "") { + $version = (Select-String -Path tools/UglyToad.PdfPig.Package/UglyToad.PdfPig.Package.csproj -Pattern "(.*)").Matches.Groups[1].Value + echo "version=$version" >> $env:GITHUB_OUTPUT + echo "create=true" >> $env:GITHUB_OUTPUT + } else { + echo "create=false" >> $env:GITHUB_OUTPUT + } + + - name: Create tag + if: steps.versioncheck.outputs.create == 'true' + run: | + git config user.name "github-actions" + git config user.email "github-actions@github.com" + + git tag "v${{ steps.versioncheck.outputs.version }}" + git push origin "v${{ steps.versioncheck.outputs.version }}" From 1d98d1aed503395ef01f61394cc90f1f0ad0526c Mon Sep 17 00:00:00 2001 From: EliotJones Date: Sun, 15 Feb 2026 14:24:17 -0400 Subject: [PATCH 2/2] confirm tag is on master before running publish --- .github/workflows/publish_nuget.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/publish_nuget.yml b/.github/workflows/publish_nuget.yml index ab5693a31..7119bbd0c 100644 --- a/.github/workflows/publish_nuget.yml +++ b/.github/workflows/publish_nuget.yml @@ -15,6 +15,14 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Verify tag points to master + id: verify + run: | + TAG_COMMIT=$(git rev-list -n 1 ${{ github.ref_name }}) + if ! git branch -r --contains $TAG_COMMIT | grep -q 'origin/master'; then + echo "Tag is not on master — skipping publish" + exit 78 # 78 = neutral in GitHub Actions + fi - name: Set up .NET uses: actions/setup-dotnet@v4