Build, pack, and publish to MyGet #1375
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
################################################# | |
################### IMPORTANT ################### | |
# DON'T RENAME THIS FILE UNLESS WE START | |
# RELEASING THE VERSION 2.* | |
################### IMPORTANT ################### | |
################################################# | |
name: Build, pack, and publish to MyGet | |
on: | |
workflow_dispatch: | |
push: | |
tags: | |
- 'core-*' | |
- 'coreunstable-*' | |
schedule: | |
- cron: '0 0 * * *' # once in a day at 00:00 | |
jobs: | |
automation: | |
uses: ./.github/workflows/automation.yml | |
secrets: inherit | |
build-pack-publish: | |
runs-on: windows-latest | |
permissions: | |
contents: read | |
id-token: write | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
COSIGN_YES: "yes" | |
outputs: | |
artifact-url: ${{ steps.upload-artifacts.outputs.artifact-url }} | |
artifact-id: ${{ steps.upload-artifacts.outputs.artifact-id }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
# Note: By default GitHub only fetches 1 commit. MinVer needs to find | |
# the version tag which is typically NOT on the first commit so we | |
# retrieve them all. | |
fetch-depth: 0 | |
- name: Setup dotnet | |
uses: actions/setup-dotnet@v4 | |
- name: Install Cosign | |
uses: sigstore/cosign-installer@v3 | |
with: | |
cosign-release: v2.4.0 | |
- name: dotnet restore | |
run: dotnet restore ./build/OpenTelemetry.proj -p:RunningDotNetPack=true | |
- name: dotnet build | |
run: dotnet build ./build/OpenTelemetry.proj --configuration Release --no-restore -p:Deterministic=true -p:BuildNumber=${{ github.run_number }} -p:RunningDotNetPack=true | |
- name: Sign DLLs with Cosign Keyless | |
shell: pwsh | |
run: | | |
$projectFiles = Get-ChildItem -Path src/*/*.csproj -File | |
foreach ($projectFile in $projectFiles) { | |
$projectName = [System.IO.Path]::GetFileNameWithoutExtension($projectFile) | |
Get-ChildItem -Path src/$projectName/bin/Release/*/$projectName.dll -File | ForEach-Object { | |
$fileFullPath = $_.FullName | |
Write-Host "Signing $fileFullPath" | |
cosign.exe sign-blob $fileFullPath --yes --output-signature $fileFullPath-keyless.sig --output-certificate $fileFullPath-keyless.pem | |
} | |
} | |
- name: dotnet pack | |
run: dotnet pack ./build/OpenTelemetry.proj --configuration Release --no-restore --no-build -p:PackTag=${{ github.ref_type == 'tag' && github.ref_name || '' }} | |
- name: Publish Artifacts | |
id: upload-artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ github.ref_name }}-packages | |
path: 'src/**/*.*nupkg' | |
- name: Publish MyGet | |
env: | |
MYGET_TOKEN_EXISTS: ${{ secrets.MYGET_TOKEN != '' }} | |
if: env.MYGET_TOKEN_EXISTS == 'true' # Skip MyGet publish if run on a fork without the secret | |
run: | | |
nuget setApiKey ${{ secrets.MYGET_TOKEN }} -Source https://www.myget.org/F/opentelemetry/api/v2/package | |
nuget push src/**/*.nupkg -Source https://www.myget.org/F/opentelemetry/api/v2/package | |
post-build: | |
runs-on: ubuntu-latest | |
needs: | |
- automation | |
- build-pack-publish | |
if: needs.automation.outputs.enabled && github.event_name == 'push' | |
env: | |
GH_TOKEN: ${{ secrets[needs.automation.outputs.token-secret-name] }} | |
steps: | |
- name: check out code | |
uses: actions/checkout@v4 | |
with: | |
token: ${{ secrets[needs.automation.outputs.token-secret-name] }} | |
- name: Download Artifacts | |
run: | | |
curl \ | |
-H "Accept: application/vnd.github+json" \ | |
-H "Authorization: token ${{ github.token }}" \ | |
-L \ | |
-o '${{ github.workspace }}/artifacts/${{ github.ref_name }}-packages.zip' \ | |
--create-dirs \ | |
"https://api.github.com/repos/${{ github.repository }}/actions/artifacts/${{ needs.build-pack-publish.outputs.artifact-id }}/zip" | |
- name: Create GitHub Release draft | |
shell: pwsh | |
run: | | |
Import-Module .\build\scripts\post-release.psm1 | |
CreateDraftRelease ` | |
-gitRepository '${{ github.repository }}' ` | |
-tag '${{ github.ref_name }}' ` | |
-releaseFiles '${{ github.workspace }}/artifacts/${{ github.ref_name }}-packages.zip#Packages' | |
- name: Post notice when packages are ready | |
shell: pwsh | |
run: | | |
Import-Module .\build\scripts\post-release.psm1 | |
TryPostPackagesReadyNoticeOnPrepareReleasePullRequest ` | |
-gitRepository '${{ github.repository }}' ` | |
-tag '${{ github.ref_name }}' ` | |
-tagSha '${{ github.sha }}' ` | |
-packagesUrl '${{ needs.build-pack-publish.outputs.artifact-url }}' ` | |
-botUserName '${{ needs.automation.outputs.username }}' | |