Publish #1209
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish | |
| on: | |
| push: | |
| tags: | |
| - v* | |
| workflow_dispatch: | |
| inputs: | |
| ref: | |
| description: "Git reference (branch, tag, or commit SHA)" | |
| required: true | |
| default: "master" | |
| dry_run: | |
| description: "Dry run" | |
| required: true | |
| type: boolean | |
| default: true | |
| version: | |
| description: "Version number" | |
| required: false | |
| default: "" | |
| jobs: | |
| vulnerability-scan: | |
| timeout-minutes: 10 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| framework: [net8.0, net9.0] | |
| os: [ubuntu-latest, windows-latest] | |
| runs-on: ${{ matrix.os }} | |
| name: scan-vulnerabilities/${{ matrix.os }}/${{ matrix.framework }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.inputs.ref || github.ref }} | |
| - name: Install dotnet SDKs | |
| uses: actions/setup-dotnet@v3 | |
| with: | |
| dotnet-version: | | |
| 8.0.x | |
| 9.0.x | |
| - name: Scan for Vulnerabilities | |
| shell: bash | |
| run: | | |
| dotnet nuget list source | |
| dotnet restore ./src/KurrentDB.Client/KurrentDB.Client.csproj | |
| dotnet restore ./test/KurrentDB.Client.Tests/KurrentDB.Client.Tests.csproj | |
| dotnet list package --vulnerable --include-transitive --framework ${{ matrix.framework }} | tee vulnerabilities.txt | |
| ! cat vulnerabilities.txt | grep -q "has the following vulnerable packages" | |
| publish: | |
| timeout-minutes: 5 | |
| needs: [vulnerability-scan] | |
| runs-on: ubuntu-latest | |
| name: publish | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.inputs.ref || github.ref }} | |
| fetch-depth: 0 | |
| - name: Get Version | |
| id: get_version | |
| run: | | |
| echo "branch=${GITHUB_REF:10}" >> $GITHUB_OUTPUT | |
| dotnet nuget list source | |
| dotnet tool restore | |
| if [ -n "${{ github.event.inputs.version }}" ]; then | |
| version="${{ github.event.inputs.version }}" | |
| else | |
| version=$(dotnet tool run minver -- --tag-prefix=v) | |
| fi | |
| echo "version=${version}" >> $GITHUB_OUTPUT | |
| - name: Install dotnet SDKs | |
| uses: actions/setup-dotnet@v3 | |
| with: | |
| dotnet-version: | | |
| 8.0.x | |
| 9.0.x | |
| - name: Dotnet Pack | |
| shell: bash | |
| run: | | |
| echo "version=${{ steps.get_version.outputs.version }}" | |
| mkdir -p packages | |
| extra_minver_flag="" | |
| if [ -n "${{ github.event.inputs.version }}" ]; then | |
| extra_minver_flag="/p:MinVerSkip=true" | |
| fi | |
| dotnet pack /p:Version=${{ steps.get_version.outputs.version }} $extra_minver_flag \ | |
| --configuration=Release \ | |
| /p:PublishDir=./packages \ | |
| /p:NoWarn=NU5105 \ | |
| /p:RepositoryUrl=https://github.com/kurrent-io/KurrentDB-Client-Dotnet \ | |
| /p:RepositoryType=git | |
| - name: Publish Artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| path: packages | |
| name: nuget-packages | |
| - name: Dotnet Push to Github Packages | |
| shell: bash | |
| if: github.event.inputs.dry_run != 'true' || github.event_name == 'push' | |
| run: | | |
| dotnet tool restore | |
| find . -name "*.nupkg" | xargs -n1 dotnet nuget push --api-key=${{ secrets.GITHUB_TOKEN }} --source https://nuget.pkg.github.com/kurrent-io/index.json --skip-duplicate | |
| - name: Dotnet Push to Nuget.org | |
| shell: bash | |
| if: github.event.inputs.dry_run != 'true' || github.event_name == 'push' | |
| run: | | |
| dotnet nuget list source | |
| dotnet tool restore | |
| find . -name "*.nupkg" | xargs -n1 dotnet nuget push --api-key=${{ secrets.KURRENT_NUGET_KEY }} --source https://api.nuget.org/v3/index.json --skip-duplicate |