From 6ab469ffb9dec03ecfd11d63ed5e4289cbea1516 Mon Sep 17 00:00:00 2001 From: Lessley Dennington Date: Thu, 27 Apr 2023 14:51:54 -0600 Subject: [PATCH 1/4] version: replace nerdbank with version file Remove Nerdbank.GitVersioning dependency from project in favor of a new VERSION file, which will be updated ahead of each release. Versioning in this file will begin with the version we plan to use for the next release: 2.1.0.0. This change involves the addition of a new custom MSBuild task, which reads in the contents of the VERSION file, converts it to a Version object, and then sets the various version-related MSBuild properties with the correct value (some with the `Revision` component appended, others without). Note that there is a bug in MSAL [1] that causes build failures for projects without dependencies with this change. We add Newtonsoft.Json as a global dependency in Directory.Build.props to work around this problem until the fix is released. [1]: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4108 --- Directory.Build.props | 8 ++-- Directory.Build.targets | 9 ++++ VERSION | 1 + build/GCM.tasks | 6 +++ build/GetVersion.cs | 45 +++++++++++++++++++ .../Packaging.Linux/Packaging.Linux.csproj | 6 +-- src/osx/Installer.Mac/Installer.Mac.csproj | 6 +-- src/shared/Core/Core.csproj | 1 - version.json | 13 ------ 9 files changed, 71 insertions(+), 24 deletions(-) create mode 100644 VERSION create mode 100644 build/GetVersion.cs delete mode 100644 version.json diff --git a/Directory.Build.props b/Directory.Build.props index 3abe378a3..36038d416 100644 --- a/Directory.Build.props +++ b/Directory.Build.props @@ -27,10 +27,10 @@ - - - 3.4.244 - all + + + 13.0.1 + diff --git a/Directory.Build.targets b/Directory.Build.targets index 3c84f230d..72d4712e7 100644 --- a/Directory.Build.targets +++ b/Directory.Build.targets @@ -5,6 +5,15 @@ + + + + + + + + + $(IntermediateOutputPath)app.manifest diff --git a/VERSION b/VERSION new file mode 100644 index 000000000..9c1c5ffbd --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +2.1.0.0 diff --git a/build/GCM.tasks b/build/GCM.tasks index fe7031f34..d48d07751 100644 --- a/build/GCM.tasks +++ b/build/GCM.tasks @@ -13,4 +13,10 @@ + + + + + + diff --git a/build/GetVersion.cs b/build/GetVersion.cs new file mode 100644 index 000000000..2b3473641 --- /dev/null +++ b/build/GetVersion.cs @@ -0,0 +1,45 @@ +using Microsoft.Build.Framework; +using Microsoft.Build.Utilities; +using System.IO; + +namespace GitCredentialManager.MSBuild +{ + public class GetVersion : Task + { + [Required] + public string VersionFile { get; set; } + + [Output] + public string Version { get; set; } + + [Output] + public string AssemblyVersion { get; set; } + + [Output] + public string FileVersion { get; set; } + + public override bool Execute() + { + Log.LogMessage(MessageImportance.Normal, "Reading VERSION file..."); + string textVersion = File.ReadAllText(VersionFile); + + if (!System.Version.TryParse(textVersion, out System.Version fullVersion)) + { + Log.LogError("Invalid version '{0}' specified.", textVersion); + return false; + } + + // System.Version names its version components as follows: + // major.minor[.build[.revision]] + // The main version number we use for GCM contains the first three + // components. + // The assembly and file version numbers contain all components, as + // ommitting the revision portion from these properties causes + // runtime failures on Windows. + Version = $"{fullVersion.Major}.{fullVersion.Minor}.{fullVersion.Build}"; + AssemblyVersion = FileVersion = fullVersion.ToString(); + + return true; + } + } +} diff --git a/src/linux/Packaging.Linux/Packaging.Linux.csproj b/src/linux/Packaging.Linux/Packaging.Linux.csproj index edb7ef314..8254da948 100644 --- a/src/linux/Packaging.Linux/Packaging.Linux.csproj +++ b/src/linux/Packaging.Linux/Packaging.Linux.csproj @@ -22,9 +22,9 @@ - - - + + + diff --git a/src/osx/Installer.Mac/Installer.Mac.csproj b/src/osx/Installer.Mac/Installer.Mac.csproj index e55f211e2..4f9d44390 100644 --- a/src/osx/Installer.Mac/Installer.Mac.csproj +++ b/src/osx/Installer.Mac/Installer.Mac.csproj @@ -18,9 +18,9 @@ - - - + + + diff --git a/src/shared/Core/Core.csproj b/src/shared/Core/Core.csproj index 7107cf921..3376b435d 100644 --- a/src/shared/Core/Core.csproj +++ b/src/shared/Core/Core.csproj @@ -22,7 +22,6 @@ - diff --git a/version.json b/version.json deleted file mode 100644 index 9ae994034..000000000 --- a/version.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/AArnott/Nerdbank.GitVersioning/master/src/NerdBank.GitVersioning/version.schema.json", - "version": "2.0", - "publicReleaseRefSpec": [ - "^refs/heads/release$" - ], - "cloudBuild": { - "buildNumber": { - "enabled": true - }, - "setVersionVariables": true - } -} From 59b47c5b1993217ec6f25d197ee6e697cdcf50d6 Mon Sep 17 00:00:00 2001 From: Lessley Dennington Date: Fri, 21 Apr 2023 16:46:33 -0600 Subject: [PATCH 2/4] version: update release workflow versioning Update release workflow to use VERSION file for versioning, rather than Nerdbank.GitVersioning. --- .github/workflows/release.yml | 147 ++++++++++++++++++---------------- 1 file changed, 78 insertions(+), 69 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 83516cd7d..40d71cf17 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,7 +12,7 @@ jobs: runs-on: macos-latest strategy: matrix: - runtime: [ osx-x64, osx-arm64 ] + runtime: [ osx-x64, osx-arm64 ] steps: - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: @@ -22,7 +22,7 @@ jobs: uses: actions/setup-dotnet@v3.0.3 with: dotnet-version: 6.0.201 - + - name: Install dependencies run: dotnet restore @@ -31,7 +31,7 @@ jobs: dotnet build src/osx/Installer.Mac/*.csproj \ --configuration=MacRelease --no-self-contained \ --runtime=${{ matrix.runtime }} - + - name: Run macOS unit tests run: | dotnet test --configuration=MacRelease @@ -53,7 +53,7 @@ jobs: echo $CERT_BASE64 | base64 -D > $RUNNER_TEMP/cert.p12 security import $RUNNER_TEMP/cert.p12 -k $RUNNER_TEMP/buildagent.keychain -P $CERT_PASSPHRASE -T /usr/bin/codesign security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k pwd $RUNNER_TEMP/buildagent.keychain - + - name: Developer sign env: APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} @@ -67,7 +67,7 @@ jobs: path: | payload symbols - + osx-payload-sign: name: Sign macOS payload # ESRP service requires signing to run on Windows @@ -84,18 +84,18 @@ jobs: uses: actions/download-artifact@v3 with: name: tmp.${{ matrix.runtime }}-build - + - name: Zip unsigned payload shell: pwsh run: | Compress-Archive -Path payload payload/payload.zip cd payload Get-ChildItem -Exclude payload.zip | Remove-Item -Recurse -Force - + - uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} - + - name: Set up ESRP client shell: pwsh env: @@ -104,7 +104,7 @@ jobs: REQUEST_SIGNING_CERT: ${{ secrets.AZURE_VAULT_REQUEST_SIGNING_CERT_NAME }} run: | .github\set_up_esrp.ps1 - + - name: Run ESRP client shell: pwsh env: @@ -115,7 +115,7 @@ jobs: python .github\run_esrp_signing.py payload ` $env:APPLE_KEY_CODE $env:APPLE_SIGNING_OP_CODE ` --params 'Hardening' '--options=runtime' - + - name: Unzip signed payload shell: pwsh run: | @@ -128,13 +128,13 @@ jobs: name: ${{ matrix.runtime }}-payload-sign path: | signed - + osx-pack: name: Package macOS payload runs-on: macos-latest strategy: matrix: - runtime: [ osx-x64, osx-arm64 ] + runtime: [ osx-x64, osx-arm64 ] needs: osx-payload-sign steps: - name: Check out repository @@ -142,11 +142,14 @@ jobs: with: fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. + - name: Set version environment variable + run: echo "VERSION=$(cat VERSION | sed -E 's/.[0-9]+$//')" >> $GITHUB_ENV + - name: Set up dotnet uses: actions/setup-dotnet@v3.0.3 with: dotnet-version: 6.0.201 - + # Install Nerdbank.GitVersioning - uses: dotnet/nbgv@master with: @@ -156,33 +159,33 @@ jobs: uses: actions/download-artifact@v3 with: name: ${{ matrix.runtime }}-payload-sign - + - name: Create component package run: | src/osx/Installer.Mac/pack.sh --payload=payload \ - --version=$GitBuildVersionSimple \ + --version=$VERSION \ --output=components/com.microsoft.gitcredentialmanager.component.pkg - + - name: Create product archive run: | src/osx/Installer.Mac/dist.sh --package-path=components \ - --version=$GitBuildVersionSimple --runtime=${{ matrix.runtime }} \ - --output=pkg/gcm-${{ matrix.runtime }}-$GitBuildVersionSimple.pkg || exit 1 - + --version=$VERSION --runtime=${{ matrix.runtime }} \ + --output=pkg/gcm-${{ matrix.runtime }}-$VERSION.pkg || exit 1 + - name: Upload package uses: actions/upload-artifact@v3 with: name: tmp.${{ matrix.runtime }}-pack path: | pkg - + osx-sign: name: Sign and notarize macOS package # ESRP service requires signing to run on Windows runs-on: windows-latest strategy: matrix: - runtime: [ osx-x64, osx-arm64 ] + runtime: [ osx-x64, osx-arm64 ] needs: osx-pack steps: - name: Check out repository @@ -193,18 +196,18 @@ jobs: with: name: tmp.${{ matrix.runtime }}-pack path: pkg - + - name: Zip unsigned package shell: pwsh run: | Compress-Archive -Path pkg/*.pkg pkg/gcm-pkg.zip cd pkg Get-ChildItem -Exclude gcm-pkg.zip | Remove-Item -Recurse -Force - + - uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} - + - name: Set up ESRP client shell: pwsh env: @@ -213,7 +216,7 @@ jobs: REQUEST_SIGNING_CERT: ${{ secrets.AZURE_VAULT_REQUEST_SIGNING_CERT_NAME }} run: | .github\set_up_esrp.ps1 - + - name: Sign package shell: pwsh env: @@ -222,14 +225,14 @@ jobs: APPLE_SIGNING_OP_CODE: ${{ secrets.APPLE_SIGNING_OPERATION_CODE }} run: | python .github\run_esrp_signing.py pkg $env:APPLE_KEY_CODE $env:APPLE_SIGNING_OP_CODE - + - name: Unzip signed package shell: pwsh run: | mkdir unsigned Expand-Archive -LiteralPath signed\gcm-pkg.zip -DestinationPath .\unsigned -Force Remove-Item signed\gcm-pkg.zip -Force - + - name: Notarize signed package shell: pwsh env: @@ -238,7 +241,7 @@ jobs: APPLE_NOTARIZATION_OP_CODE: ${{ secrets.APPLE_NOTARIZATION_OPERATION_CODE }} run: | python .github\run_esrp_signing.py unsigned $env:APPLE_KEY_CODE $env:APPLE_NOTARIZATION_OP_CODE --params 'BundleId' 'com.microsoft.gitcredentialmanager' - + - name: Publish signed package uses: actions/upload-artifact@v3 with: @@ -265,7 +268,7 @@ jobs: - uses: dotnet/nbgv@master with: setCommonVars: true - + - name: Install dependencies run: dotnet restore @@ -288,7 +291,7 @@ jobs: - uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} - + - name: Set up ESRP client shell: pwsh env: @@ -297,7 +300,7 @@ jobs: REQUEST_SIGNING_CERT: ${{ secrets.AZURE_VAULT_REQUEST_SIGNING_CERT_NAME }} run: | .github\set_up_esrp.ps1 - + - name: Run ESRP client for unsigned payload shell: pwsh env: @@ -312,7 +315,7 @@ jobs: 'OpusInfo' 'http://www.microsoft.com' ` 'FileDigest' '/fd "SHA256"' 'PageHash' '/NPH' ` 'TimeStamp' '/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256' - + - name: Lay out signed payload shell: pwsh run: | @@ -327,7 +330,7 @@ jobs: shell: pwsh run: | dotnet build src/windows/Installer.Windows /p:PayloadPath=$env:GITHUB_WORKSPACE/signed-payload /p:NoLayout=true --configuration=WindowsRelease - + - name: Run ESRP client for installers shell: pwsh env: @@ -343,7 +346,7 @@ jobs: 'OpusInfo' 'http://www.microsoft.com' ` 'FileDigest' '/fd "SHA256"' 'PageHash' '/NPH' ` 'TimeStamp' '/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256' - + - name: Publish final artifacts uses: actions/upload-artifact@v3 with: @@ -400,7 +403,7 @@ jobs: uses: actions/download-artifact@v3 with: name: linux-build - + - name: Remove symbols run: | rm tar/*symbols* @@ -408,7 +411,7 @@ jobs: - uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} - + - name: Set up ESRP client shell: pwsh env: @@ -417,7 +420,7 @@ jobs: REQUEST_SIGNING_CERT: ${{ secrets.AZURE_VAULT_REQUEST_SIGNING_CERT_NAME }} run: | .github\set_up_esrp.ps1 - + - name: Run ESRP client shell: pwsh env: @@ -427,7 +430,7 @@ jobs: run: | python .github/run_esrp_signing.py deb $env:LINUX_KEY_CODE $env:LINUX_OP_CODE python .github/run_esrp_signing.py tar $env:LINUX_KEY_CODE $env:LINUX_OP_CODE - + - name: Re-name tarball signature file shell: bash run: | @@ -440,7 +443,7 @@ jobs: name: linux-sign path: | signed - + # ================================ # .NET Tool # ================================ @@ -485,18 +488,18 @@ jobs: uses: actions/download-artifact@v3 with: name: tmp.dotnet-tool-build - + - name: Zip unsigned payload shell: pwsh run: | Compress-Archive -Path payload payload/payload.zip cd payload Get-ChildItem -Exclude payload.zip | Remove-Item -Recurse -Force - + - uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} - + - name: Set up ESRP client shell: pwsh env: @@ -505,7 +508,7 @@ jobs: REQUEST_SIGNING_CERT: ${{ secrets.AZURE_VAULT_REQUEST_SIGNING_CERT_NAME }} run: | .github\set_up_esrp.ps1 - + - name: Run ESRP client shell: pwsh env: @@ -515,7 +518,7 @@ jobs: run: | python .github\run_esrp_signing.py payload ` $env:NUGET_KEY_CODE $env:NUGET_OPERATION_CODE - + - name: Lay out signed payload, images, and symbols shell: bash run: | @@ -530,12 +533,17 @@ jobs: name: dotnet-tool-payload-sign path: | dotnet-tool-payload-sign - + dotnet-tool-pack: name: Package .NET tool runs-on: ubuntu-latest needs: dotnet-tool-payload-sign steps: + - uses: actions/checkout@v3 + + - name: Set version environment variable + run: echo "VERSION=$(cat VERSION | sed -E 's/.[0-9]+$//')" >> $GITHUB_ENV + - uses: actions/checkout@v3 with: fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. @@ -558,7 +566,7 @@ jobs: - name: Package tool run: | src/shared/DotnetTool/pack.sh --configuration=Release \ - --version=$GitBuildVersionSimple --publish-dir=$(pwd)/signed + --version=$VERSION --publish-dir=$(pwd)/signed - name: Upload unsigned package uses: actions/upload-artifact@v3 @@ -581,18 +589,18 @@ jobs: with: name: tmp.dotnet-tool-package-unsigned path: nupkg - + - name: Zip unsigned package shell: pwsh run: | Compress-Archive -Path nupkg/*.nupkg nupkg/gcm-nupkg.zip cd nupkg Get-ChildItem -Exclude gcm-nupkg.zip | Remove-Item -Recurse -Force - + - uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} - + - name: Set up ESRP client shell: pwsh env: @@ -601,7 +609,7 @@ jobs: REQUEST_SIGNING_CERT: ${{ secrets.AZURE_VAULT_REQUEST_SIGNING_CERT_NAME }} run: | .github\set_up_esrp.ps1 - + - name: Sign package shell: pwsh env: @@ -610,13 +618,13 @@ jobs: NUGET_OPERATION_CODE: ${{ secrets.NUGET_OPERATION_CODE }} run: | python .github\run_esrp_signing.py nupkg $env:NUGET_KEY_CODE $env:NUGET_OPERATION_CODE - + - name: Unzip signed package shell: pwsh run: | Expand-Archive -LiteralPath signed\gcm-nupkg.zip -DestinationPath .\signed -Force Remove-Item signed\gcm-nupkg.zip -Force - + - name: Publish signed package uses: actions/upload-artifact@v3 with: @@ -662,10 +670,6 @@ jobs: with: fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. - - uses: dotnet/nbgv@master - with: - setCommonVars: true - - name: Download artifacts uses: actions/download-artifact@v3 with: @@ -687,7 +691,7 @@ jobs: debpath=$(find ./*.deb) sudo apt install $debpath "${{ matrix.component.command }}" configure - + - name: Install Linux (tarball) if: contains(matrix.component.description, 'tarball') run: | @@ -702,7 +706,7 @@ jobs: # Only validate x64, given arm64 agents are not available pkgpath=$(find ./*.pkg) sudo installer -pkg $pkgpath -target / - + - name: Install .NET tool if: contains(matrix.component.description, 'dotnet-tool') run: | @@ -714,7 +718,7 @@ jobs: shell: bash run: | "${{ matrix.component.command }}" --version | sed 's/+.*//' >actual - echo $GitBuildVersionSimple >expect + cat VERSION | sed -E 's/.[0-9]+$//' >expect cmp expect actual || exit 1 # ================================ @@ -724,22 +728,27 @@ jobs: name: Publish GitHub draft release runs-on: ubuntu-latest needs: [ validate ] - steps: + steps: - name: Check out repository uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. + - name: Set version environment variable + run: | + # Remove the "revision" portion of the version + echo "VERSION=$(cat VERSION | sed -E 's/.[0-9]+$//')" >> $GITHUB_ENV + - name: Set up dotnet uses: actions/setup-dotnet@v3.0.3 with: dotnet-version: 6.0.201 - + # Install Nerdbank.GitVersioning - uses: dotnet/nbgv@master with: setCommonVars: true - + - name: Download artifacts uses: actions/download-artifact@v3 @@ -747,24 +756,24 @@ jobs: run: | mkdir osx-payload-and-symbols - tar -C osx-x64-payload-sign -czf osx-payload-and-symbols/gcm-osx-x64-$GitBuildVersionSimple.tar.gz . - tar -C tmp.osx-x64-build/symbols -czf osx-payload-and-symbols/gcm-osx-x64-$GitBuildVersionSimple-symbols.tar.gz . + tar -C osx-x64-payload-sign -czf osx-payload-and-symbols/gcm-osx-x64-$VERSION.tar.gz . + tar -C tmp.osx-x64-build/symbols -czf osx-payload-and-symbols/gcm-osx-x64-$VERSION-symbols.tar.gz . - tar -C osx-arm64-payload-sign -czf osx-payload-and-symbols/gcm-osx-arm64-$GitBuildVersionSimple.tar.gz . - tar -C tmp.osx-arm64-build/symbols -czf osx-payload-and-symbols/gcm-osx-arm64-$GitBuildVersionSimple-symbols.tar.gz . + tar -C osx-arm64-payload-sign -czf osx-payload-and-symbols/gcm-osx-arm64-$VERSION.tar.gz . + tar -C tmp.osx-arm64-build/symbols -czf osx-payload-and-symbols/gcm-osx-arm64-$VERSION-symbols.tar.gz . - name: Archive Windows payload and symbols run: | mkdir win-x86-payload-and-symbols - zip -jr win-x86-payload-and-symbols/gcm-win-x86-$GitBuildVersionSimple.zip win-sign/signed-payload - zip -jr win-x86-payload-and-symbols/gcm-win-x86-$GitBuildVersionSimple-symbols.zip win-sign/src/windows/Installer.Windows/symbols + zip -jr win-x86-payload-and-symbols/gcm-win-x86-$VERSION.zip win-sign/signed-payload + zip -jr win-x86-payload-and-symbols/gcm-win-x86-$VERSION-symbols.zip win-sign/src/windows/Installer.Windows/symbols - uses: actions/github-script@v6 with: script: | const fs = require('fs'); const path = require('path'); - const version = process.env.GitBuildVersionSimple + const version = process.env.VERSION var releaseMetadata = { owner: context.repo.owner, From ba07ba91c8fed594944c068221609877477c978f Mon Sep 17 00:00:00 2001 From: Lessley Dennington Date: Fri, 28 Apr 2023 11:19:59 -0600 Subject: [PATCH 3/4] version: remove nerdbank tasks Remove Nerdbank.GitVersioning tasks (which have been superceded by the use of the new VERSION file) from the release workflow. --- .github/workflows/release.yml | 23 ----------------------- 1 file changed, 23 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 40d71cf17..fd1bced1f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -150,11 +150,6 @@ jobs: with: dotnet-version: 6.0.201 - # Install Nerdbank.GitVersioning - - uses: dotnet/nbgv@master - with: - setCommonVars: true - - name: Download signed payload uses: actions/download-artifact@v3 with: @@ -264,11 +259,6 @@ jobs: with: dotnet-version: 6.0.201 - # Install Nerdbank.GitVersioning - - uses: dotnet/nbgv@master - with: - setCommonVars: true - - name: Install dependencies run: dotnet restore @@ -460,10 +450,6 @@ jobs: with: dotnet-version: 6.0.201 - - uses: dotnet/nbgv@master - with: - setCommonVars: true - - name: Build .NET tool run: | src/shared/DotnetTool/layout.sh --configuration=Release @@ -559,10 +545,6 @@ jobs: with: dotnet-version: 6.0.201 - - uses: dotnet/nbgv@master - with: - setCommonVars: true - - name: Package tool run: | src/shared/DotnetTool/pack.sh --configuration=Release \ @@ -744,11 +726,6 @@ jobs: with: dotnet-version: 6.0.201 - # Install Nerdbank.GitVersioning - - uses: dotnet/nbgv@master - with: - setCommonVars: true - - name: Download artifacts uses: actions/download-artifact@v3 From 20f918b0c8f2f4549ec2a98fba779cc68124fc7a Mon Sep 17 00:00:00 2001 From: Lessley Dennington Date: Mon, 24 Apr 2023 14:43:48 -0600 Subject: [PATCH 4/4] workflows: update checkout actions Remove fetch-depth from checkout actions, since that was required by Nerdbank.GitVersioning. Also take this opportunity to use consistent version and naming for checkout actions. --- .github/workflows/codeql-analysis.yml | 5 +-- .github/workflows/continuous-integration.yml | 4 +- .github/workflows/lint-docs.yml | 4 +- .github/workflows/release.yml | 44 +++++-------------- .../validate-install-from-source.yml | 10 ++--- 5 files changed, 20 insertions(+), 47 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 329fc29bc..06a331d98 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -22,10 +22,7 @@ jobs: language: [ 'csharp' ] steps: - - name: Checkout repository - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 - with: - fetch-depth: 0 # patch around Nerdbank.GitVersioning failure + - uses: actions/checkout@v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 1c098e501..277234c27 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -17,9 +17,7 @@ jobs: os: [ubuntu-latest, windows-latest, macos-latest] steps: - - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 - with: - fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. + - uses: actions/checkout@v3 - name: Setup .NET uses: actions/setup-dotnet@v3.0.3 diff --git a/.github/workflows/lint-docs.yml b/.github/workflows/lint-docs.yml index a745d7e65..a088ec70a 100644 --- a/.github/workflows/lint-docs.yml +++ b/.github/workflows/lint-docs.yml @@ -18,7 +18,7 @@ jobs: name: Lint markdown files runs-on: ubuntu-latest steps: - - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + - uses: actions/checkout@v3 - uses: DavidAnson/markdownlint-cli2-action@cdfad95cc96588c74b62ad2d3f2e1772090099ac with: @@ -30,7 +30,7 @@ jobs: name: Check for broken links runs-on: ubuntu-latest steps: - - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + - uses: actions/checkout@v3 - name: Run link checker # For any troubleshooting, see: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fd1bced1f..521fea366 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -14,9 +14,7 @@ jobs: matrix: runtime: [ osx-x64, osx-arm64 ] steps: - - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 - with: - fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. + - uses: actions/checkout@v3 - name: Set up dotnet uses: actions/setup-dotnet@v3.0.3 @@ -77,8 +75,7 @@ jobs: runtime: [ osx-x64, osx-arm64 ] needs: osx-build steps: - - name: Check out repository - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + - uses: actions/checkout@v3 - name: Download payload uses: actions/download-artifact@v3 @@ -137,10 +134,7 @@ jobs: runtime: [ osx-x64, osx-arm64 ] needs: osx-payload-sign steps: - - name: Check out repository - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 - with: - fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. + - uses: actions/checkout@v3 - name: Set version environment variable run: echo "VERSION=$(cat VERSION | sed -E 's/.[0-9]+$//')" >> $GITHUB_ENV @@ -183,8 +177,7 @@ jobs: runtime: [ osx-x64, osx-arm64 ] needs: osx-pack steps: - - name: Check out repository - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + - uses: actions/checkout@v3 - name: Download unsigned package uses: actions/download-artifact@v3 @@ -250,9 +243,7 @@ jobs: name: Build and Sign Windows runs-on: windows-latest steps: - - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 - with: - fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. + - uses: actions/checkout@v3 - name: Set up dotnet uses: actions/setup-dotnet@v3.0.3 @@ -353,9 +344,7 @@ jobs: name: Build Linux runs-on: ubuntu-latest steps: - - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 - with: - fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. + - uses: actions/checkout@v3 - name: Setup .NET uses: actions/setup-dotnet@v3.0.3 @@ -387,7 +376,7 @@ jobs: # ESRP service requires signing to run on Windows runs-on: windows-latest steps: - - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + - uses: actions/checkout@v3 - name: Download artifacts uses: actions/download-artifact@v3 @@ -442,8 +431,6 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - with: - fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. - name: Setup .NET uses: actions/setup-dotnet@v3.0.3 @@ -467,8 +454,7 @@ jobs: runs-on: windows-latest needs: dotnet-tool-build steps: - - name: Check out repository - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + - uses: actions/checkout@v3 - name: Download payload uses: actions/download-artifact@v3 @@ -531,8 +517,6 @@ jobs: run: echo "VERSION=$(cat VERSION | sed -E 's/.[0-9]+$//')" >> $GITHUB_ENV - uses: actions/checkout@v3 - with: - fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. - name: Download signed payload uses: actions/download-artifact@v3 @@ -563,8 +547,7 @@ jobs: runs-on: windows-latest needs: dotnet-tool-pack steps: - - name: Check out repository - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + - uses: actions/checkout@v3 - name: Download unsigned package uses: actions/download-artifact@v3 @@ -648,9 +631,7 @@ jobs: runs-on: ${{ matrix.component.os }} needs: [ osx-sign, win-sign, linux-sign, dotnet-tool-sign ] steps: - - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 - with: - fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. + - uses: actions/checkout@v3 - name: Download artifacts uses: actions/download-artifact@v3 @@ -711,10 +692,7 @@ jobs: runs-on: ubuntu-latest needs: [ validate ] steps: - - name: Check out repository - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 - with: - fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. + - uses: actions/checkout@v3 - name: Set version environment variable run: | diff --git a/.github/workflows/validate-install-from-source.yml b/.github/workflows/validate-install-from-source.yml index 554bb605a..95ebdb17c 100644 --- a/.github/workflows/validate-install-from-source.yml +++ b/.github/workflows/validate-install-from-source.yml @@ -34,10 +34,10 @@ jobs: zypper -n install tar gzip elif [[ ${{matrix.vector.image}} == *"centos"* ]]; then dnf install which -y - fi - - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 - with: - fetch-depth: 0 # Indicate full history so Nerdbank.GitVersioning works. + fi + + - uses: actions/checkout@v3 + - run: | sh "${GITHUB_WORKSPACE}/src/linux/Packaging.Linux/install-from-source.sh" -y - git-credential-manager --help || exit 1 \ No newline at end of file + git-credential-manager --help || exit 1