Get strict relationship status before opening stream #423

Workflow file for this run

.github/workflows/package.yml at a407b9f

	name: Package

	on:
	push:
	branches:
	- 'main'
	- 'release/*'
	paths-ignore:
	- 'docs/**'
	- '**.md'
	pull_request:
	branches:
	- 'main'
	- 'release/*'
	paths-ignore:
	- 'docs/**'
	- '**.md'
	release:
	types: [published]

	jobs:
	pack:
	name: "Pack"
	runs-on: windows-latest
	env:
	Configuration: Release
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	- name: Install .NET Core
	uses: actions/setup-dotnet@v4
	with:
	dotnet-version: 6.x
	- name: Install .NET Core from global.json
	uses: actions/setup-dotnet@v4
	- name: Install GitVersion
	uses: gittools/actions/gitversion/setup@v2
	with:
	# v5.10.0 of GitVersion has a fix for incorrect versions when building tags. See https://github.com/GitTools/GitVersion/issues/2838
	# It appears that the fix then had a regression in a later version, so locking in 5.10.0. See https://github.com/GitTools/GitVersion/issues/3351#issuecomment-1403657689
	versionSpec: '5.10.0'
	- name: Determine Version
	uses: gittools/actions/gitversion/execute@v2
	with:
	useConfigFile: true
	- name: Display GitVersion variables (with prefix)
	run: \|
	echo "Major: ${{ env.GitVersion_Major }}"
	echo "Minor: ${{ env.GitVersion_Minor }}"
	echo "Patch: ${{ env.GitVersion_Patch }}"
	echo "PreReleaseTag: ${{ env.GitVersion_PreReleaseTag }}"
	echo "PreReleaseTagWithDash: ${{ env.GitVersion_PreReleaseTagWithDash }}"
	echo "PreReleaseLabel: ${{ env.GitVersion_PreReleaseLabel }}"
	echo "PreReleaseNumber: ${{ env.GitVersion_PreReleaseNumber }}"
	echo "WeightedPreReleaseNumber: ${{ env.GitVersion_WeightedPreReleaseNumber }}"
	echo "BuildMetaData: ${{ env.GitVersion_BuildMetaData }}"
	echo "BuildMetaDataPadded: ${{ env.GitVersion_BuildMetaDataPadded }}"
	echo "FullBuildMetaData: ${{ env.GitVersion_FullBuildMetaData }}"
	echo "MajorMinorPatch: ${{ env.GitVersion_MajorMinorPatch }}"
	echo "SemVer: ${{ env.GitVersion_SemVer }}"
	echo "LegacySemVer: ${{ env.GitVersion_LegacySemVer }}"
	echo "LegacySemVerPadded: ${{ env.GitVersion_LegacySemVerPadded }}"
	echo "AssemblySemVer: ${{ env.GitVersion_AssemblySemVer }}"
	echo "AssemblySemFileVer: ${{ env.GitVersion_AssemblySemFileVer }}"
	echo "FullSemVer: ${{ env.GitVersion_FullSemVer }}"
	echo "InformationalVersion: ${{ env.GitVersion_InformationalVersion }}"
	echo "BranchName: ${{ env.GitVersion_BranchName }}"
	echo "EscapedBranchName: ${{ env.GitVersion_EscapedBranchName }}"
	echo "Sha: ${{ env.GitVersion_Sha }}"
	echo "ShortSha: ${{ env.GitVersion_ShortSha }}"
	echo "NuGetVersionV2: ${{ env.GitVersion_NuGetVersionV2 }}"
	echo "NuGetVersion: ${{ env.GitVersion_NuGetVersion }}"
	echo "NuGetPreReleaseTagV2: ${{ env.GitVersion_NuGetPreReleaseTagV2 }}"
	echo "NuGetPreReleaseTag: ${{ env.GitVersion_NuGetPreReleaseTag }}"
	echo "VersionSourceSha: ${{ env.GitVersion_VersionSourceSha }}"
	echo "CommitsSinceVersionSource: ${{ env.GitVersion_CommitsSinceVersionSource }}"
	echo "CommitsSinceVersionSourcePadded: ${{ env.GitVersion_CommitsSinceVersionSourcePadded }}"
	echo "UncommittedChanges: ${{ env.GitVersion_UncommittedChanges }}"
	echo "CommitDate: ${{ env.GitVersion_CommitDate }}"
	- name: Restore
	run: dotnet restore --verbosity normal
	- name: Build
	run: dotnet build --no-restore --verbosity normal
	- name: Pack
	run: dotnet pack --no-build
	- name: Upload
	uses: actions/upload-artifact@v4
	with:
	name: Unsigned
	path: "bin/${{ env.Configuration }}/packages/shipping/*"

	sign:
	name: "Sign Package"
	if: github.event_name != 'pull_request'
	needs: [pack]
	runs-on: windows-latest
	steps:
	- name: Install .NET Core
	uses: actions/setup-dotnet@v4
	with:
	dotnet-version: 6.0.x

	- name: Install SignTool tool
	run: dotnet tool install --tool-path . sign --version 0.9.0-beta.23127.3

	- name: Install Nuget Sign Tool
	run: dotnet tool install --global NuGetKeyVaultSignTool

	- name: Download Unsigned Packages
	uses: actions/download-artifact@v4
	with:
	name: Unsigned
	path: '${{ github.workspace }}/unsigned'

	- name: Expand Packages For Signing
	shell: pwsh
	run: \|
	cd ${{ github.workspace }}/unsigned
	mkdir raw
	cd raw
	gci ..\*.nupkg \| % { Expand-Archive $_ }
	cd ..\..
	gci -r

	- name: Sign the DLLs
	shell: pwsh
	run: >
	./sign code azure-key-vault */DocumentFormat.OpenXml.dll --base-directory "${{ github.workspace }}/unsigned/raw" --publisher-name "Microsoft" --description "DocumentFormat.OpenXml DLL Signing" --description-url https://github.com/dotnet/sign --azure-key-vault-tenant-id "${{ secrets.SignTenantId }}" --azure-key-vault-client-id "${{ secrets.SignClientId }}" --azure-key-vault-client-secret "${{ secrets.SignClientSecret }}" --azure-key-vault-certificate "${{ secrets.SignKeyVaultCertificate }}" --azure-key-vault-url "${{ secrets.SignKeyVaultUrl }}"

	- name: Create Signed NUPKG
	shell: pwsh
	run: \|
	cd ${{ github.workspace }}/unsigned/raw
	gci -r CodeSignSummary \| rm
	gci -Directory \| % { [IO.Compression.ZipFile]::CreateFromDirectory($_, "$_.nupkg") }
	gci

	- name: Sign the NUPKGs
	shell: pwsh
	run: >
	./sign code azure-key-vault
	*.nupkg
	--base-directory "${{ github.workspace }}/unsigned/raw"
	--publisher-name "Microsoft"
	--description "DocumentFormat.OpenXml DLL Signing"
	--description-url "https://github.com/dotnet/sign"
	--azure-key-vault-tenant-id "${{ secrets.SignTenantId }}"
	--azure-key-vault-client-id "${{ secrets.SignClientId }}"
	--azure-key-vault-client-secret "${{ secrets.SignClientSecret }}"
	--azure-key-vault-certificate "${{ secrets.SignKeyVaultCertificate }}"
	--azure-key-vault-url "${{ secrets.SignKeyVaultUrl }}"

	- uses: actions/upload-artifact@v4
	with:
	name: Signed
	path: \|
	${{ github.workspace }}\unsigned\*.snupkg
	${{ github.workspace }}\unsigned\raw\*.nupkg
	CI:
	name: "Push to CI feed"
	needs: [sign]
	runs-on: ubuntu-latest
	steps:
	- name: Install .NET Core
	uses: actions/setup-dotnet@v4
	- name: Download Packages
	uses: actions/download-artifact@v4
	with:
	name: Signed
	path: '${{ github.workspace }}/packages'
	- name: Push to CI feed
	env:
	SLEET_FEED_TYPE: azure
	SLEET_FEED_CONTAINER: feed
	SLEET_FEED_CONNECTIONSTRING: ${{secrets.SLEET_CONNECTIONSTRING}}
	run: \|
	cd $GITHUB_WORKSPACE/packages
	dotnet tool install -g sleet
	sleet push . --skip-existing

	releaseInfo:
	name: Release Info
	runs-on: windows-latest
	steps:
	- name: Get Release Info
	run: >
	echo ${{ github.event_name == 'release' }} >> release-info.txt
	- name: Upload Release Info
	uses: actions/upload-artifact@v4
	with:
	name: release-info
	path: release-info.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Get strict relationship status before opening stream #423

Workflow file

Get strict relationship status before opening stream #423

Jobs

Run details

Workflow file for this run