From 61ca9142b0d87915ff0c7d4c6f3bfcf96c95a50f Mon Sep 17 00:00:00 2001 From: Piotr Zajac Date: Fri, 13 Oct 2023 16:06:43 +0200 Subject: [PATCH 1/4] Materialize signing key step as reusable action --- .../actions/materialize-signing-key.yml | 22 +++++++++++++++++++ .github/workflows/cicd.yml | 12 +++------- .github/workflows/test-mutations.yml | 10 ++------- 3 files changed, 27 insertions(+), 17 deletions(-) create mode 100644 .github/workflows/actions/materialize-signing-key.yml diff --git a/.github/workflows/actions/materialize-signing-key.yml b/.github/workflows/actions/materialize-signing-key.yml new file mode 100644 index 00000000..5eff1b4b --- /dev/null +++ b/.github/workflows/actions/materialize-signing-key.yml @@ -0,0 +1,22 @@ +name: Materialize signing key +description: Materializes key to sign assemblies +outputs: + file-path: + description: "signing key file path" + value: ${{ steps.signing-key.outputs.PATH }} +env: + StrongNameKeyName: key.snk +defaults: + run: + shell: pwsh +runs: + using: "composite" + steps: + - name: ๐Ÿ–Š๏ธ materialize signing key + id: signing-key + run: | + $path = [IO.Path]::Combine("${{ github.workspace }}","src","${{ env.StrongNameKeyName }}") + [IO.File]::WriteAllBytes($path, [Convert]::FromBase64String("$env:StrongNameKey")) + "PATH=$path" >> $env:GITHUB_OUTPUT + env: + StrongNameKey: ${{ secrets.SIGNING_KEY }} diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 13fd2684..39031b79 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -39,7 +39,6 @@ env: DOTNET_CLI_TELEMETRY_OPTOUT: true Configuration: Release Namespace: Objectivity.AutoFixture.XUnit2 - StrongNameKeyName: key.snk CoverageDirectory: ${{ github.workspace }}\src\opencover defaults: @@ -93,18 +92,13 @@ jobs: fetch-depth: 0 - name: ๐Ÿ–Š๏ธ materialize signing key id: signing-key - run: | - $path = [IO.Path]::Combine("${{ github.workspace }}","src","${{ env.StrongNameKeyName }}") - [IO.File]::WriteAllBytes($path, [Convert]::FromBase64String("$env:StrongNameKey")) - "PATH=$path" >> $env:GITHUB_OUTPUT - env: - StrongNameKey: ${{ secrets.SIGNING_KEY }} + uses: actions/materialize-signing-key@reusable-actions - name: ๐Ÿ—๏ธ build run: dotnet build ./src/${{ env.Namespace }}.${{ matrix.package_module }}.sln env: CI: true StrongNameKey: ${{ secrets.SIGNING_KEY }} - StrongNameKeyPath: ${{ steps.signing-key.outputs.PATH }} + StrongNameKeyPath: ${{ steps.signing-key.outputs.file-path }} - name: ๐Ÿงช test Core in net7.0 & collect coverage id: core-code-coverage run: | @@ -143,7 +137,7 @@ jobs: env: CI: true StrongNameKey: ${{ secrets.SIGNING_KEY }} - StrongNameKeyPath: ${{ steps.signing-key.outputs.PATH }} + StrongNameKeyPath: ${{ steps.signing-key.outputs.file-path }} - name: ๐Ÿ”ผ upload packages uses: actions/upload-artifact@v3 with: diff --git a/.github/workflows/test-mutations.yml b/.github/workflows/test-mutations.yml index c170d1bd..f57f6888 100644 --- a/.github/workflows/test-mutations.yml +++ b/.github/workflows/test-mutations.yml @@ -19,7 +19,6 @@ env: DOTNET_NOLOGO: true DOTNET_CLI_TELEMETRY_OPTOUT: true Configuration: Release - StrongNameKeyName: key.snk defaults: run: @@ -35,12 +34,7 @@ jobs: fetch-depth: 0 - name: ๐Ÿ–Š๏ธ materialize signing key id: signing-key - run: | - $path = [IO.Path]::Combine("${{ github.workspace }}","src","${{ env.StrongNameKeyName }}") - [IO.File]::WriteAllBytes($path, [Convert]::FromBase64String("$env:StrongNameKey")) - "PATH=$path" >> $env:GITHUB_OUTPUT - env: - StrongNameKey: ${{ secrets.SIGNING_KEY }} + uses: actions/materialize-signing-key@reusable-actions - name: ๐Ÿ’พ install stryker.net run: | dotnet new tool-manifest @@ -52,5 +46,5 @@ jobs: env: CI: true StrongNameKey: ${{ secrets.SIGNING_KEY }} - StrongNameKeyPath: ${{ steps.signing-key.outputs.PATH }} + StrongNameKeyPath: ${{ steps.signing-key.outputs.file-path }} From a08a4f732407aa763022ee49ce5ce0dfc2f43fe6 Mon Sep 17 00:00:00 2001 From: Piotr Zajac Date: Fri, 13 Oct 2023 16:13:50 +0200 Subject: [PATCH 2/4] Fix paths to local actions --- .github/workflows/cicd.yml | 2 +- .github/workflows/test-mutations.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 39031b79..a0df2699 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -92,7 +92,7 @@ jobs: fetch-depth: 0 - name: ๐Ÿ–Š๏ธ materialize signing key id: signing-key - uses: actions/materialize-signing-key@reusable-actions + uses: ./.github/actions/materialize-signing-key - name: ๐Ÿ—๏ธ build run: dotnet build ./src/${{ env.Namespace }}.${{ matrix.package_module }}.sln env: diff --git a/.github/workflows/test-mutations.yml b/.github/workflows/test-mutations.yml index f57f6888..0877ec86 100644 --- a/.github/workflows/test-mutations.yml +++ b/.github/workflows/test-mutations.yml @@ -34,7 +34,7 @@ jobs: fetch-depth: 0 - name: ๐Ÿ–Š๏ธ materialize signing key id: signing-key - uses: actions/materialize-signing-key@reusable-actions + uses: ./.github/actions/materialize-signing-key - name: ๐Ÿ’พ install stryker.net run: | dotnet new tool-manifest From 832ff69e41e4d3b0914311daf58c185330e60b4a Mon Sep 17 00:00:00 2001 From: Piotr Zajac Date: Fri, 13 Oct 2023 16:20:27 +0200 Subject: [PATCH 3/4] Move action into appropriate folder --- .../materialize-signing-key/action.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/{workflows/actions/materialize-signing-key.yml => actions/materialize-signing-key/action.yml} (100%) diff --git a/.github/workflows/actions/materialize-signing-key.yml b/.github/actions/materialize-signing-key/action.yml similarity index 100% rename from .github/workflows/actions/materialize-signing-key.yml rename to .github/actions/materialize-signing-key/action.yml From 7824f2ed7dc3e109b553c8f48e77f210793c2577 Mon Sep 17 00:00:00 2001 From: Piotr Zajac Date: Mon, 16 Oct 2023 08:50:39 +0200 Subject: [PATCH 4/4] Use inputs instead of environment variables ans secrets. --- .../materialize-signing-key/action.yml | 22 +++++++++++-------- .github/workflows/cicd.yml | 2 ++ .github/workflows/test-mutations.yml | 2 ++ 3 files changed, 17 insertions(+), 9 deletions(-) diff --git a/.github/actions/materialize-signing-key/action.yml b/.github/actions/materialize-signing-key/action.yml index 5eff1b4b..dd244b58 100644 --- a/.github/actions/materialize-signing-key/action.yml +++ b/.github/actions/materialize-signing-key/action.yml @@ -1,22 +1,26 @@ name: Materialize signing key description: Materializes key to sign assemblies +inputs: + signing-key-value: + description: Value of the signing key + required: true + signing-key-file-name: + description: Name of the signing key file + required: false + default: key.snk outputs: file-path: - description: "signing key file path" + description: Signing key file path value: ${{ steps.signing-key.outputs.PATH }} -env: - StrongNameKeyName: key.snk -defaults: - run: - shell: pwsh runs: - using: "composite" + using: composite steps: - name: ๐Ÿ–Š๏ธ materialize signing key id: signing-key run: | - $path = [IO.Path]::Combine("${{ github.workspace }}","src","${{ env.StrongNameKeyName }}") + $path = [IO.Path]::Combine("${{ github.workspace }}","src","${{ inputs.signing-key-file-name }}") [IO.File]::WriteAllBytes($path, [Convert]::FromBase64String("$env:StrongNameKey")) "PATH=$path" >> $env:GITHUB_OUTPUT + shell: pwsh env: - StrongNameKey: ${{ secrets.SIGNING_KEY }} + StrongNameKey: ${{ inputs.signing-key-value }} diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index a0df2699..e3c1fd2e 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -93,6 +93,8 @@ jobs: - name: ๐Ÿ–Š๏ธ materialize signing key id: signing-key uses: ./.github/actions/materialize-signing-key + with: + signing-key-value: ${{ secrets.SIGNING_KEY }} - name: ๐Ÿ—๏ธ build run: dotnet build ./src/${{ env.Namespace }}.${{ matrix.package_module }}.sln env: diff --git a/.github/workflows/test-mutations.yml b/.github/workflows/test-mutations.yml index 0877ec86..cd216d89 100644 --- a/.github/workflows/test-mutations.yml +++ b/.github/workflows/test-mutations.yml @@ -35,6 +35,8 @@ jobs: - name: ๐Ÿ–Š๏ธ materialize signing key id: signing-key uses: ./.github/actions/materialize-signing-key + with: + signing-key-value: ${{ secrets.SIGNING_KEY }} - name: ๐Ÿ’พ install stryker.net run: | dotnet new tool-manifest