From 323abb0c5059ca611df043d90329e9cd7f1c846e Mon Sep 17 00:00:00 2001 From: Nate Harris Date: Wed, 20 Nov 2024 15:45:13 -0700 Subject: [PATCH 1/3] - Upload compiled nupkg file from GitHub Runner to Action output --- .github/workflows/release.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f00f914c0..c448a6613 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -74,3 +74,9 @@ jobs: files: "*.nupkg" repo-token: ${{ secrets.GITHUB_TOKEN }} + - name: Upload NuGet package to Action output + uses: actions/upload-artifact@v4 + with: + path: "*.nupkg" + + From 6fd6b203281e62b6c4109c097153dc8ece1b28b3 Mon Sep 17 00:00:00 2001 From: Nate Harris Date: Wed, 20 Nov 2024 16:02:11 -0700 Subject: [PATCH 2/3] - Create manually-triggered GitHub Action to build a release-ready NuGet package --- .github/workflows/manual_release_prep.yml | 70 +++++++++++++++++++++++ .github/workflows/release.yml | 6 +- 2 files changed, 71 insertions(+), 5 deletions(-) create mode 100644 .github/workflows/manual_release_prep.yml diff --git a/.github/workflows/manual_release_prep.yml b/.github/workflows/manual_release_prep.yml new file mode 100644 index 000000000..536f31979 --- /dev/null +++ b/.github/workflows/manual_release_prep.yml @@ -0,0 +1,70 @@ +name: Manually build release-ready NuGet package + +on: + workflow_dispatch: ~ + +jobs: + build: + name: Build Release-Ready NuGet Package + runs-on: windows-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Install .NET SDK + uses: actions/setup-dotnet@v3 + with: + # .NET 5 is deprecated and removed from GitHub Actions, we need to manually install it + dotnet-version: | + 5.x.x + 8.x.x + + - name: Setup Nuget + uses: NuGet/setup-nuget@v1.1.1 + + - name: Restore NuGet Packages + run: make restore + + - name: Set up dotnet tools and dependencies + run: make install + + - name: Set up authenticity certificate + run: | + echo "${{ secrets.SM_CLIENT_CERT_FILE_B64 }}" | base64 --decode > /d/Certificate_pkcs12.p12 + shell: bash + + - name: Set variables + id: variables + run: | + echo "SM_HOST=${{ secrets.SM_HOST }}" >> "$GITHUB_ENV" + echo "SM_API_KEY=${{ secrets.SM_API_KEY }}" >> "$GITHUB_ENV" + echo "SM_CLIENT_CERT_FILE=D:\\Certificate_pkcs12.p12" >> "$GITHUB_ENV" + echo "SM_CLIENT_CERT_PASSWORD=${{ secrets.SM_CLIENT_CERT_PASSWORD }}" >> "$GITHUB_ENV" + echo "C:\Program Files (x86)\Windows Kits\10\App Certification Kit" >> $GITHUB_PATH + echo "C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools" >> $GITHUB_PATH + echo "C:\Program Files\DigiCert\DigiCert Keylocker Tools" >> $GITHUB_PATH + shell: bash + + - name: Setup Keylocker KSP on Windows + run: | + curl -X GET https://one.digicert.com/signingmanager/api-ui/v1/releases/Keylockertools-windows-x64.msi/download -H "x-api-key:%SM_API_KEY%" -o Keylockertools-windows-x64.msi + msiexec /i Keylockertools-windows-x64.msi /quiet /qn + smksp_registrar.exe list + smctl.exe keypair ls + C:\Windows\System32\certutil.exe -csp "DigiCert Signing Manager KSP" -key -user + shell: cmd + + - name: Sync Certificates + run: | + smctl windows certsync + shell: cmd + + - name: Build and Sign NuGet package + run: | + call scripts\win\build_release_nuget.bat EasyPost EasyPostNETStrongNameSigning.snk "${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }}" Release + shell: cmd + + - name: Upload NuGet package to Action output + uses: actions/upload-artifact@v4 + with: + path: "*.nupkg" \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c448a6613..6f2b2d3e1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,6 +3,7 @@ name: Release on: release: types: [ published ] + workflow_dispatch: ~ jobs: publish: @@ -74,9 +75,4 @@ jobs: files: "*.nupkg" repo-token: ${{ secrets.GITHUB_TOKEN }} - - name: Upload NuGet package to Action output - uses: actions/upload-artifact@v4 - with: - path: "*.nupkg" - From 50eb6af6e465aceaf72274c6f762b2ac7b6e3b95 Mon Sep 17 00:00:00 2001 From: Nate Harris Date: Wed, 20 Nov 2024 16:03:41 -0700 Subject: [PATCH 3/3] - Linting --- .github/workflows/manual_release_prep.yml | 2 +- .github/workflows/release.yml | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/manual_release_prep.yml b/.github/workflows/manual_release_prep.yml index 536f31979..69c319706 100644 --- a/.github/workflows/manual_release_prep.yml +++ b/.github/workflows/manual_release_prep.yml @@ -67,4 +67,4 @@ jobs: - name: Upload NuGet package to Action output uses: actions/upload-artifact@v4 with: - path: "*.nupkg" \ No newline at end of file + path: "*.nupkg" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6f2b2d3e1..f00f914c0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,7 +3,6 @@ name: Release on: release: types: [ published ] - workflow_dispatch: ~ jobs: publish: @@ -75,4 +74,3 @@ jobs: files: "*.nupkg" repo-token: ${{ secrets.GITHUB_TOKEN }} -