This repository has been archived by the owner on Dec 4, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 8
143 lines (125 loc) · 4.33 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
name: Publish Package
on:
workflow_dispatch:
inputs:
run_tests:
description: 'If true, run unit tests, otherwise skip them.'
required: false
type: boolean
default: true
dry_run:
description: 'Is this a dry run. If so no package will be published.'
type: boolean
required: true
workflow_call:
inputs:
run_tests:
description: 'If true, run unit tests, otherwise skip them.'
required: false
type: boolean
default: true
dry_run:
description: 'Is this a dry run. If so no package will be published.'
type: boolean
required: true
jobs:
# Building is done on mac runner due to xcode build dependencies
build:
runs-on: macos-13
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # If you only need the current version keep this
- uses: launchdarkly/gh-actions/actions/[email protected]
name: Get secrets
with:
aws_assume_role: ${{ vars.AWS_ROLE_ARN }}
- name: CI check
uses: ./.github/actions/ci
with:
run_tests: ${{ inputs.run_tests }}
- name: Build
uses: ./.github/actions/build
- name: Retain build artifacts
uses: actions/upload-artifact@v3
with:
name: dir-bin-release
path: src/LaunchDarkly.ClientSdk/bin/Release/
retention-days: 1
- name: Retain docs artifacts
uses: actions/upload-artifact@v3
with:
name: dir-docs
path: docs/
retention-days: 1
# Signing DLLs is done on Ubuntu due to Digicert tooling compatibility
sign-dlls:
runs-on: ubuntu-latest
needs: build
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # If you only need the current version keep this
- name: Restore release artifacts
uses: actions/download-artifact@v3
with:
name: dir-bin-release
path: src/LaunchDarkly.ClientSdk/bin/Release/
- uses: launchdarkly/gh-actions/actions/[email protected]
name: Get secrets
with:
aws_assume_role: ${{ vars.AWS_ROLE_ARN }}
ssm_parameter_pairs: '/production/common/releasing/digicert/host = DIGICERT_HOST,/production/common/releasing/digicert/api_key = DIGICERT_API_KEY,/production/common/releasing/digicert/client_cert_file_b64 = DIGICERT_CLIENT_CERT_FILE_B64,/production/common/releasing/digicert/client_cert_password = DIGICERT_CLIENT_CERT_PASSWORD,/production/common/releasing/digicert/code_signing_cert_sha1_hash = DIGICERT_CODE_SIGNING_CERT_SHA1_HASH'
- name: Sign DLLs
uses: ./.github/actions/sign-dlls
- name: Retain signed artifacts
uses: actions/upload-artifact@v3
with:
name: dir-bin-release-signed
path: src/LaunchDarkly.ClientSdk/bin/Release/
retention-days: 1
# Packing is done on Mac due to ios workload requirements.
pack-nupkg:
runs-on: macos-13
needs: sign-dlls
permissions:
id-token: write
contents: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # If you only need the current version keep this
- name: Restore release artifacts
uses: actions/download-artifact@v3
with:
name: dir-bin-release-signed
path: src/LaunchDarkly.ClientSdk/bin/Release/
- name: Restore docs artifacts
uses: actions/download-artifact@v3
with:
name: dir-docs
path: docs/
- uses: launchdarkly/gh-actions/actions/[email protected]
name: Get secrets
with:
aws_assume_role: ${{ vars.AWS_ROLE_ARN }}
ssm_parameter_pairs: '/production/common/releasing/nuget/api_key = NUGET_API_KEY'
- name: Publish Nupkg
uses: ./.github/actions/publish
with:
dry_run: ${{ inputs.dry_run }}
- name: Retain unsigned nupkg
uses: actions/upload-artifact@v3
with:
name: unsigned-nupkg
path: nupkgs/
retention-days: 1
- uses: ./.github/actions/publish-docs
with:
token: ${{secrets.GITHUB_TOKEN}}