Skip to content

ci(dotnet): sign NuGet packages with DigiCert cert in Azure Key Vault (OSS-440)#2139

Merged
contextablemark merged 4 commits into
mainfrom
mark/oss-440-sign-net-nuget-packages
Jul 15, 2026
Merged

ci(dotnet): sign NuGet packages with DigiCert cert in Azure Key Vault (OSS-440)#2139
contextablemark merged 4 commits into
mainfrom
mark/oss-440-sign-net-nuget-packages

Conversation

@contextablemark

@contextablemark contextablemark commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

What & why

OSS-440 — get the AGUI.* NuGet packages marked signed on nuget.org via author signing, using our DigiCert code-signing certificate stored (non-exportable, RSA-HSM) in Azure Key Vault (cpk-signing-kv, cert code-signing, CN=Tawkit, Inc.).

This reworks the earlier provider seam (SignPath / Azure Trusted Signing) into a single Azure Key Vault + NuGetKeyVaultSignTool + GitHub OIDC path — signing with our own DigiCert cert, no long-lived secret, key never leaves the HSM.

Changes

  • publish-release.yml (publish-dotnet job): pack → preflight → azure/login (OIDC) → sign each *.nupkg → verify → push. Gated on SIGNING_PROVIDER=keyvault and inert until that var is set, so it's safe to merge ahead of provisioning. Vault URL + cert name read from nuget-environment secrets. Dropped the now-unused actions: read permission.
  • sdks/dotnet/docs/signing.md: rewritten for the Key Vault approach + provisioning checklist.
  • .gitignore: ignore the stray actionlint dev binary (removed from the tree).

Validation

  • actionlint 1.7.12 — clean (exit 0).
  • NuGetKeyVaultSignTool 3.2.0 sign flags verified against the real binary (-kvu/-kvc/-kva/-fd/-tr/-td).
  • Adversarial diff review (CI/YAML, security/secret-handling, signing-flow) — no blockers.

⚠️ Before enabling (operational — tracked in signing.md)

Merging is safe (inert). To turn signing on:

  1. RBAC — grant the CI App Registration Key Vault Crypto User + Key Vault Certificate User on the vault (pending Azure admin — mark lacks roleAssignments/write).
  2. FIC — confirm the App Registration's federated credential is env-scoped: repo:ag-ui-protocol/ag-ui:environment:nuget.
  3. nuget env — set secrets AZURE_KEY_VAULT_URL, CODE_SIGNING_CERT_NAME + var SIGNING_PROVIDER=keyvault.
  4. nuget.org cert registration ✅ done (fingerprint verified) — note this arms account-wide signed-enforcement, so the version bump ships last.
  5. Version bump VersionPrefix 0.0.3 → 0.0.4 = first signed release.

Ref: OSS-440 (completes when provisioning + a signed release land).

🤖 Generated with Claude Code

@github-actions

github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

Python Preview Packages

Version 0.0.0.dev1784156095 published to TestPyPI.

Warning: These packages are built from contributor code that may not yet have been vetted for correctness or security. Install at your own risk and do not use in production.

Install with uv

Add the TestPyPI index to your pyproject.toml:

[[tool.uv.index]]
name = "testpypi"
url = "https://test.pypi.org/simple/"
explicit = true

Then install the packages you need:

# Core SDK
uv add 'ag-ui-protocol==0.0.0.dev1784156095' --index testpypi

# Integrations (each already depends on the matching ag-ui-protocol preview)
uv add 'ag-ui-langgraph==0.0.0.dev1784156095' --index testpypi
uv add 'ag-ui-crewai==0.0.0.dev1784156095' --index testpypi
# NOTE: ag-ui-agent-spec depends on pyagentspec (git-only, not on PyPI).
# You will need to install pyagentspec separately from its git repo.
uv add 'ag-ui-agent-spec==0.0.0.dev1784156095' --index testpypi
uv add 'ag_ui_adk==0.0.0.dev1784156095' --index testpypi
uv add 'ag_ui_strands==0.0.0.dev1784156095' --index testpypi

Install with pip

pip install \
  --index-url https://test.pypi.org/simple/ \
  --extra-index-url https://pypi.org/simple/ \
  ag-ui-protocol==0.0.0.dev1784156095

Use --extra-index-url https://pypi.org/simple/ so pip can resolve
transitive dependencies (pydantic, fastapi, etc.) from real PyPI.


Commit: 54f92a7

@pkg-pr-new

pkg-pr-new Bot commented Jul 8, 2026

Copy link
Copy Markdown

Open in StackBlitz

@ag-ui/a2a-middleware

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/a2a-middleware@2139

@ag-ui/a2ui-middleware

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/a2ui-middleware@2139

@ag-ui/event-throttle-middleware

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/event-throttle-middleware@2139

@ag-ui/mcp-apps-middleware

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/mcp-apps-middleware@2139

@ag-ui/mcp-middleware

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/mcp-middleware@2139

@ag-ui/a2a

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/a2a@2139

@ag-ui/adk

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/adk@2139

@ag-ui/ag2

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/ag2@2139

@ag-ui/agno

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/agno@2139

@ag-ui/aws-strands

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/aws-strands@2139

@ag-ui/claude-agent-sdk

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/claude-agent-sdk@2139

@ag-ui/crewai

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/crewai@2139

@ag-ui/langchain

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/langchain@2139

@ag-ui/langgraph

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/langgraph@2139

@ag-ui/llamaindex

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/llamaindex@2139

@ag-ui/mastra

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/mastra@2139

@ag-ui/pydantic-ai

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/pydantic-ai@2139

@ag-ui/vercel-ai-sdk

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/vercel-ai-sdk@2139

@ag-ui/watsonx

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/watsonx@2139

@ag-ui/a2ui-toolkit

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/a2ui-toolkit@2139

create-ag-ui-app

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/create-ag-ui-app@2139

@ag-ui/client

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/client@2139

@ag-ui/core

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/core@2139

@ag-ui/encoder

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/encoder@2139

@ag-ui/proto

pnpm add https://pkg.pr.new/ag-ui-protocol/ag-ui/@ag-ui/proto@2139

commit: d5cc9d0

contextablemark and others added 2 commits July 8, 2026 20:08
… Vault

Replace the SignPath / Azure Trusted Signing provider seam with a single
Azure Key Vault path: sign the packed *.nupkg with the DigiCert code-signing
certificate (non-exportable, RSA-HSM) in cpk-signing-kv, using
NuGetKeyVaultSignTool + GitHub OIDC (no long-lived secret). Vault URL and
cert name are read from `nuget`-environment secrets; the seam stays inert
until SIGNING_PROVIDER=keyvault.

- publish-release.yml: preflight guard, azure/login (OIDC), install + run
  NuGetKeyVaultSignTool per-nupkg, verify gate; drop the now-unused
  actions: read permission
- signing.md: rewrite for the Key Vault approach + provisioning checklist
- .gitignore: ignore the stray actionlint dev binary

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@contextablemark contextablemark changed the title ci(dotnet): add inert author-signing seam to NuGet release publish ci(dotnet): sign NuGet packages with DigiCert cert in Azure Key Vault (OSS-440) Jul 15, 2026
@contextablemark contextablemark marked this pull request as ready for review July 15, 2026 22:54
@contextablemark contextablemark requested a review from a team as a code owner July 15, 2026 22:54
@contextablemark contextablemark merged commit d14f87a into main Jul 15, 2026
43 checks passed
@contextablemark contextablemark deleted the mark/oss-440-sign-net-nuget-packages branch July 15, 2026 22:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants