Publish strong-named assemblies to NuGet #36
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish strong-named assemblies to NuGet | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| publish: | |
| description: 'Publish to NuGet (uncheck to build only)' | |
| required: false | |
| default: 'true' | |
| type: boolean | |
| jobs: | |
| publish-nuget: | |
| environment: prod | |
| runs-on: windows-latest | |
| defaults: | |
| run: | |
| shell: powershell | |
| working-directory: .\sdk\dotNet | |
| steps: | |
| - name: Get the source code | |
| uses: actions/checkout@v4 | |
| - name: Setup .NET 6 | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: 6.0.x | |
| - name: Retrieve secrets from KSM | |
| id: ksmsecrets | |
| uses: Keeper-Security/ksm-action@master | |
| with: | |
| keeper-secret-config: ${{ secrets.KSM_KSM_CONFIG }} | |
| secrets: | | |
| Sq4nnb5HXXNp1l6KryXynw/field/password > NUGET_AUTH_TOKEN | |
| Sq4nnb5HXXNp1l6KryXynw/file/sgKSM.snk > file:${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk | |
| - name: Extract and Update Public Key in SecretsManagerClient.cs | |
| run: | | |
| $snPath = "C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools\sn.exe" | |
| $snkPath = "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk" | |
| $publicKeyPath = "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.pub" | |
| & $snPath -p $snkPath $publicKeyPath | |
| $publicKeyInfo = & $snPath -tp $publicKeyPath | |
| Write-Output "Public Key Info: START" | |
| Write-Output "$publicKeyInfo" | |
| Write-Output "Public Key Info: END" | |
| # Extract the full public key | |
| $publicKey = $publicKeyInfo -split "`n" | Where-Object { $_ -match "^[a-f0-9]{32}$" } -join "" | |
| if (-not $publicKey) { | |
| Write-Error "Failed to extract the full public key." | |
| exit 1 | |
| } | |
| Write-Output "Extracted Public Key: $publicKey" | |
| $filePath = "${{ github.workspace }}\sdk\dotNet\SecretsManager\SecretsManagerClient.cs" | |
| (Get-Content $filePath) -replace '\[assembly: InternalsVisibleTo\("SecretsManager.Test.Core"\)\]', "[assembly: InternalsVisibleTo(`"SecretsManager.Test.Core, PublicKey=$publicKey`")]" | Set-Content $filePath | |
| Write-Output "First 20 lines of the modified SecretsManagerClient.cs:" | |
| Get-Content $filePath -Head 20 | |
| - name: Install dependencies | |
| run: dotnet restore | |
| - name: "Preparing package for strong naming" | |
| working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\ | |
| run: | | |
| pwd | |
| Get-ChildItem | |
| Copy-Item -Path "SecretsManager.csproj" -Destination "SecretsManager.StrongName.csproj" | |
| (Get-Content -Path "SecretsManager.StrongName.csproj") -replace '<PackageId>Keeper.SecretsManager</PackageId>', '<PackageId>Keeper.SecretsManager.StrongName</PackageId>' | Set-Content -Path "SecretsManager.StrongName.csproj" | |
| Get-Content "SecretsManager.StrongName.csproj" | |
| Write-Output "Place the sgKSM.snk file in the SecretsManager.Test.Core directory" | |
| Copy-Item -Path "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk" -Destination "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\sgKSM.snk" | |
| Get-ChildItem "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\" | |
| - name: Build | |
| working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\ | |
| run: | | |
| pwd | |
| Get-ChildItem | |
| dotnet build "SecretsManager.StrongName.csproj" --configuration Release --no-restore -p:SignKSM=True | |
| - name: Cleanup secret files | |
| working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\ | |
| run: | | |
| Get-ChildItem | |
| Remove-Item -Path ".\sgKSM.snk" | |
| Get-ChildItem | |
| Get-ChildItem "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\" | |
| Remove-Item -Path "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\sgKSM.snk" | |
| Get-ChildItem "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\" | |
| - name: Publish package | |
| if: ${{ github.event.inputs.publish == 'true' }} | |
| working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\ | |
| run: | | |
| Get-ChildItem ".\bin\Release\" | |
| dotnet nuget push ".\bin\Release\*.nupkg" --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json | |
| - name: Setup tmate session | |
| if: ${{ failure() }} | |
| uses: mxschmitt/action-tmate@v3 | |