Skip to content

Commit

Permalink
KSM .NET SDK: GHA to publish strong named binary:
Browse files Browse the repository at this point in the history
- updated copyright year to 2024
- updated to the publish.nuget.strong.named.yml
- updates to the publish.nuget.yml
  • Loading branch information
maksimu committed Mar 27, 2024
1 parent c63b3c6 commit 142c43c
Show file tree
Hide file tree
Showing 6 changed files with 107 additions and 24 deletions.
36 changes: 32 additions & 4 deletions .github/workflows/publish.nuget.strong.named.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,13 @@ name: Publish strong-named assemblies to NuGet

on:
workflow_dispatch:
inputs:
publish:
description: 'Publish to NuGet (uncheck to build only)'
required: false
default: 'true'
type: boolean


jobs:
publish-nuget:
Expand Down Expand Up @@ -29,16 +36,37 @@ jobs:
keeper-secret-config: ${{ secrets.KSM_KSM_CONFIG }}
secrets: |
Sq4nnb5HXXNp1l6KryXynw/field/password > NUGET_AUTH_TOKEN
AAAAAAAAAAAAAAAAAAAAAA/file/sgKSM.snk > file:${{ github.workspace }}/sdk/dotNet/SecretsManager/sgKSM.snk
Sq4nnb5HXXNp1l6KryXynw/file/sgKSM.snk > file:${{ github.workspace }}/sdk/dotNet/SecretsManager/sgKSM.snk
- name: Install dependencies
run: dotnet restore

- name: "Preparing package for strong naming"
working-directory: ./SecretsManager
run: |
pwd
ls -lah
cp -f SecretsManager.csproj SecretsManager.StrongName.csproj
ls -lah
sed -i 's/<PackageId>Keeper.SecretsManager<\/PackageId>/<PackageId>Keeper.SecretsManager.StrongName<\/PackageId>/g' SecretsManager.StrongName.csproj
cat SecretsManager.StrongName.csproj
- name: Build
run: dotnet build --configuration Release --no-restore -p:SignKSM=True
working-directory: ./SecretsManager
run: |
pwd
ls -lah
dotnet build SecretsManager.StrongName.csproj --configuration Release --no-restore -p:SignKSM=True
- name: Cleanup temp files
run: rm -f ./SecretsManager/sgKSM.snk
working-directory: ./SecretsManager
run: |
ls -lah
rm -f sgKSM.snk
- name: Publish package
run: dotnet nuget push ./SecretsManager/bin/Release/*.nupkg --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json
if: ${{ github.event.inputs.publish == 'true' }}
working-directory: ./SecretsManager
run: |
ls -lah ./bin/Release/
dotnet nuget push bin/Release/*.nupkg --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json
23 changes: 15 additions & 8 deletions .github/workflows/publish.nuget.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
name: Publish to NuGet

on:
workflow_dispatch:

Expand All @@ -9,23 +10,18 @@ jobs:

defaults:
run:

working-directory: ./sdk/dotNet

steps:
- name: Get the source code
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Setup .NET 6
uses: actions/setup-dotnet@v1
uses: actions/setup-dotnet@v4
with:
dotnet-version: 6.0.x

- name: Install dependencies
run: dotnet restore

- name: Build
run: dotnet build --configuration Release --no-restore

- name: Retrieve secrets from KSM
id: ksmsecrets
uses: Keeper-Security/ksm-action@master
Expand All @@ -34,5 +30,16 @@ jobs:
secrets: |
Sq4nnb5HXXNp1l6KryXynw/field/password > NUGET_AUTH_TOKEN
- name: Install dependencies
run: dotnet restore

- name: Build
run: dotnet build --configuration Release --no-restore





- name: Publish package
run: dotnet nuget push ./SecretsManager/bin/Release/*.nupkg --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json
63 changes: 53 additions & 10 deletions .github/workflows/test.publish.nuget.yml
Original file line number Diff line number Diff line change
@@ -1,35 +1,78 @@
name: TEST Publish to NuGet
name: Publish strong-named assemblies to NuGet

on:
workflow_dispatch:
inputs:
publish:
description: 'Publish to NuGet (uncheck to build only)'
required: false
default: 'true'
type: boolean

jobs:
publish-nuget:
environment: prod
runs-on: ubuntu-latest
runs-on: windows-latest

defaults:
run:
shell: bash
working-directory: ./sdk/dotNet

steps:
- name: Get the source code
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Setup .NET 6
uses: actions/setup-dotnet@v1
uses: actions/setup-dotnet@v4
with:
dotnet-version: 6.0.x

- name: Install dependencies
run: dotnet restore

- name: Build
run: dotnet build --configuration Release --no-restore

- name: Retrieve secrets from KSM
id: ksmsecrets
uses: Keeper-Security/ksm-action@master
with:
keeper-secret-config: ${{ secrets.KSM_KSM_CONFIG }}
secrets: |
Sq4nnb5HXXNp1l6KryXynw/field/password > NUGET_AUTH_TOKEN
Sq4nnb5HXXNp1l6KryXynw/file/sgKSM.snk > file:${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk
- name: Install dependencies
run: dotnet restore

- name: "Preparing package for strong naming"
working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
run: |
pwd
ls -lah
cp -f SecretsManager.csproj SecretsManager.StrongName.csproj
ls -lah
sed -i 's/<PackageId>Keeper.SecretsManager<\/PackageId>/<PackageId>Keeper.SecretsManager.StrongName<\/PackageId>/g' SecretsManager.StrongName.csproj
cat SecretsManager.StrongName.csproj
echo "Place the sgKSM.snk file in the SecretsManager.Test.Core directory"
cp -f ${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk ${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\sgKSM.snk
ls -lah ${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\
- name: Build
working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
run: |
pwd
ls -lah
dotnet build SecretsManager.StrongName.csproj --configuration Release --no-restore -p:SignKSM=True
- name: Cleanup secret files
working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
run: |
ls -lah
rm -f sgKSM.snk
ls -lah
ls -lah ${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\
rm -f ${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\sgKSM.snk
ls -lah ${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\
- name: Publish package
if: ${{ github.event.inputs.publish == 'true' }}
working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
run: |
ls -lah ./bin/Release/
dotnet nuget push bin\Release\*.nupkg --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json
Original file line number Diff line number Diff line change
Expand Up @@ -19,4 +19,9 @@
<ProjectReference Include="..\SecretsManager\SecretsManager.csproj" />
</ItemGroup>

<PropertyGroup Condition="'$(SignKSM)'=='True'">
<SignAssembly>True</SignAssembly>
<AssemblyOriginatorKeyFile>sgKSM.snk</AssemblyOriginatorKeyFile>
</PropertyGroup>

</Project>
2 changes: 1 addition & 1 deletion sdk/dotNet/SecretsManager/SecretsManager.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
<RepositoryUrl>https://github.com/Keeper-Security/secrets-manager</RepositoryUrl>
<RepositoryType>GitHub</RepositoryType>
<PackageTags>keeper secrets manager passwords</PackageTags>
<Copyright2023 Keeper Security, Inc.</Copyright>
<Copyright2024 Keeper Security, Inc.</Copyright>
<License>https://raw.githubusercontent.com/Keeper-Security/secrets-manager/master/LICENSE?token=AACNMRVMD5L3PYT3C5MTNF3BEAFZY</License>
<GeneratePackageOnBuild>true</GeneratePackageOnBuild>
</PropertyGroup>
Expand Down
2 changes: 1 addition & 1 deletion sdk/dotNet/SecretsManager/SecretsManagerClient.cs
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
using System.Text.RegularExpressions;
using System.Threading.Tasks;

[assembly: InternalsVisibleTo("SecretsManager.Test.Core")]
[assembly: InternalsVisibleTo("SecretsManager.Test.Core, PublicKey=0024000004800000940000000602000000240000525341310004000001000100099b9cc5b60ed9355032e89191157119ad7ca8b717e50e49a2fc5adf5cd94de851e4366356594c10e5c0335743cbdb7c72d6e35c65bb4d01d54c24b7eb15e685af4619a2c97a8d5b04effae3c87510319a4b6d3a2fd121001bbd57c42d29f1592402bace83f7c86d2f085f0e13539938016d4f851aeb1b8d01ff39135fa210b7")]

namespace SecretsManager
{
Expand Down

0 comments on commit 142c43c

Please sign in to comment.