Update to .NET SDK 10 and revise toolkit requirements #94
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://docs.github.com/actions/using-workflows/about-workflows | |
| # https://docs.github.com/actions/using-workflows/workflow-syntax-for-github-actions | |
| name: CI-build | |
| # Controls when the action will run. | |
| on: | |
| # Triggers the workflow on push or PR events, but only for the 'main', development, or release branches | |
| push: | |
| branches: [ main, 'dev/*', 'rel/*' ] | |
| pull_request: | |
| branches: [ main, 'dev/*' ] | |
| # Allows running this workflow manually from the 'Actions' tab | |
| workflow_dispatch: | |
| merge_group: | |
| env: | |
| IS_MAIN: ${{ github.ref == 'refs/heads/main' }} | |
| IS_PR: ${{ startsWith(github.ref, 'refs/pull/') }} | |
| IS_RELEASE: ${{ startsWith(github.ref, 'refs/heads/rel/') }} | |
| # The version of .NET to use just for NuGet package operations. | |
| # This doesn't have to be exactly in sync with the .NET SDK | |
| # version defined in 'global.json', as it's not used for builds. | |
| DOTNET_NUGET_VERSION: ${{ '10.0.x' }} | |
| jobs: | |
| # Build the solution, run all tests, push packages to the PR feed. | |
| # We want to avoid the CI being triggered twice for PRs from the | |
| # repository owner, however the repo is now under 'CommunityToolkit'. | |
| # So we just hardcode the username and skip this job for PR triggers | |
| # from that user. This ensures the workflow only runs once per commit. | |
| build-and-test: | |
| if: >- | |
| github.event_name == 'push' || | |
| github.event.pull_request.user.login != 'sergio0694' | |
| strategy: | |
| matrix: | |
| configuration: [Debug, Release] | |
| runs-on: windows-2022 | |
| steps: | |
| - name: Git checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 # We need the full history for proper versioning | |
| - name: Install .NET SDK | |
| uses: actions/setup-dotnet@v5 | |
| with: | |
| global-json-file: global.json | |
| # Build the whole solution | |
| - name: Build solution | |
| run: dotnet build -c ${{matrix.configuration}} /bl | |
| - name: Upload MSBuild binary log | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| name: msbuild_log_${{matrix.configuration}} | |
| path: ${{ github.workspace }}/msbuild.binlog | |
| if-no-files-found: error | |
| # Run tests | |
| - name: Test solution | |
| run: dotnet test --no-build -c ${{matrix.configuration}} -l "console;verbosity=detailed" | |
| # Pack solution | |
| - name: Pack solution | |
| run: dotnet pack --no-build -c ${{matrix.configuration}} | |
| # Push PR packages to our DevOps artifacts feed (see nuget.config) | |
| - name: Push PR packages (if not fork) | |
| if: ${{ env.IS_PR == 'true' && matrix.configuration == 'Release' && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' }} | |
| run: | | |
| dotnet nuget add source https://pkgs.dev.azure.com/dotnet/CommunityToolkit/_packaging/CommunityToolkit-PullRequests/nuget/v3/index.json ` | |
| --name PullRequests ` | |
| --username dummy --password ${{ secrets.DEVOPS_PACKAGE_PUSH_TOKEN }} | |
| dotnet nuget push "*.nupkg" --api-key dummy --source PullRequests --skip-duplicate | |
| - name: Upload packages list | |
| uses: actions/upload-artifact@v5 | |
| if: ${{ env.IS_PR == 'false' && matrix.configuration == 'Release' }} | |
| with: | |
| name: nuget-list-dotnet | |
| path: ${{ github.workspace }}/.github/workflows/SignClientFileList.txt | |
| if-no-files-found: error | |
| # If we're not doing a PR build (or it's a PR from a fork) then we upload our packages so we can sign as a separate job or have available to test | |
| - name: Upload packages artifacts | |
| uses: actions/upload-artifact@v5 | |
| if: ${{ (env.IS_PR == 'false' || github.event.pull_request.head.repo.full_name != github.repository) && matrix.configuration == 'Release' }} | |
| with: | |
| name: nuget-packages-dotnet | |
| path: ${{ github.workspace }}/bin/nupkg/*.nupkg | |
| if-no-files-found: error | |
| # Sign the packages for release. | |
| # Note: here and below we're explicitly repeating the conditions, rather than using 'env.'. | |
| # Doing so doesn't seem to work for conditions of jobs themselves, only for individual steps. | |
| sign: | |
| needs: [build-and-test] | |
| if: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/rel/') }} | |
| runs-on: windows-latest | |
| permissions: | |
| id-token: write # Required for requesting the JWT | |
| steps: | |
| - name: Install .NET SDK | |
| uses: actions/setup-dotnet@v5 | |
| with: | |
| dotnet-version: ${{ env.DOTNET_NUGET_VERSION }} | |
| - name: Download packages list | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: nuget-list-dotnet | |
| path: ${{ github.workspace }} | |
| - name: Download built packages for .NCT | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: nuget-packages-dotnet | |
| path: ${{ github.workspace }}/packages | |
| - name: Install Signing Tool | |
| run: dotnet tool install --tool-path ./tools sign --version 0.9.1-beta.25379.1 | |
| - name: Sign packages | |
| run: > | |
| ./tools/sign code azure-key-vault | |
| **/*.nupkg | |
| --base-directory "${{ github.workspace }}/packages" | |
| --file-list "${{ github.workspace }}/SignClientFileList.txt" | |
| --timestamp-url "http://timestamp.digicert.com" | |
| --publisher-name ".NET Foundation" | |
| --description ".NET Community Toolkit" | |
| --description-url "https://github.com/CommunityToolkit/dotnet" | |
| --azure-key-vault-url "${{ secrets.SIGN_KEY_VAULT_URL }}" | |
| --azure-key-vault-client-id ${{ secrets.SIGN_CLIENT_ID }} | |
| --azure-key-vault-client-secret "${{ secrets.SIGN_CLIENT_SECRET }}" | |
| --azure-key-vault-tenant-id ${{ secrets.SIGN_TENANT_ID }} | |
| --azure-key-vault-certificate "${{ secrets.SIGN_CERTIFICATE }}" | |
| --verbosity Information | |
| - name: Push signed packages | |
| run: | | |
| dotnet nuget add source https://pkgs.dev.azure.com/dotnet/CommunityToolkit/_packaging/CommunityToolkit-MainLatest/nuget/v3/index.json ` | |
| --name MainLatest ` | |
| --username dummy --password ${{ secrets.DEVOPS_PACKAGE_PUSH_TOKEN }} | |
| dotnet nuget push "**/*.nupkg" --api-key dummy --source MainLatest --skip-duplicate | |
| - name: Upload signed packages as artifacts (for release) | |
| uses: actions/upload-artifact@v5 | |
| if: ${{ env.IS_RELEASE == 'true' }} | |
| with: | |
| name: signed-nuget-packages-dotnet | |
| path: ${{ github.workspace }}/packages/**/*.nupkg | |
| if-no-files-found: error | |
| # Push official packages to NuGet | |
| release: | |
| if: ${{ startsWith(github.ref, 'refs/heads/rel/') }} | |
| needs: [sign] | |
| environment: nuget-release-gate # This gates this job until manually approved | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Install .NET SDK | |
| uses: actions/setup-dotnet@v5 | |
| with: | |
| dotnet-version: ${{ env.DOTNET_NUGET_VERSION }} | |
| - name: Download signed packages for .NCT | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: signed-nuget-packages-dotnet | |
| path: ./packages | |
| - name: Push to NuGet.org | |
| run: > | |
| dotnet nuget push | |
| **/*.nupkg | |
| --source https://api.nuget.org/v3/index.json | |
| --api-key ${{ secrets.NUGET_PACKAGE_PUSH_TOKEN }} | |
| --skip-duplicate |