Skip to content

Commit

Permalink
Release .Net SDK v16.6.6 (#606)
Browse files Browse the repository at this point in the history
* KSM-360 - GHA to build and release strong named assemblies
* KSM-490 - Switch some internal classes to public - for use in plugins
* KSM-515 - Update to Bouncy Castle 2.4.0
* KSM-536 - Update to System.Text.Json 8.0.4
* KSM-517 - Add support for netstandard2.0 target
* KSM-542 - Fix PowerShell module to allow dot in title
  • Loading branch information
idimov-keeper authored Jul 30, 2024
1 parent d85e303 commit 2eccd41
Show file tree
Hide file tree
Showing 24 changed files with 415 additions and 145 deletions.
72 changes: 72 additions & 0 deletions .github/workflows/publish.nuget.strong.named.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
name: Publish strong-named assemblies to NuGet

on:
workflow_dispatch:
inputs:
publish:
description: 'Publish to NuGet (uncheck to build only)'
required: false
default: 'true'
type: boolean


jobs:
publish-nuget:
environment: prod
runs-on: ubuntu-latest

defaults:
run:
shell: bash
working-directory: ./sdk/dotNet

steps:
- name: Get the source code
uses: actions/checkout@v4

- name: Setup .NET 6
uses: actions/setup-dotnet@v4
with:
dotnet-version: 6.0.x

- name: Retrieve secrets from KSM
id: ksmsecrets
uses: Keeper-Security/ksm-action@master
with:
keeper-secret-config: ${{ secrets.KSM_KSM_CONFIG }}
secrets: |
Sq4nnb5HXXNp1l6KryXynw/field/password > NUGET_AUTH_TOKEN
Sq4nnb5HXXNp1l6KryXynw/file/sgKSM.snk > file:${{ github.workspace }}/sdk/dotNet/SecretsManager/sgKSM.snk
- name: Install dependencies
run: dotnet restore

- name: "Preparing package for strong naming"
working-directory: ./SecretsManager
run: |
pwd
ls -lah
cp -f SecretsManager.csproj SecretsManager.StrongName.csproj
ls -lah
sed -i 's/<PackageId>Keeper.SecretsManager<\/PackageId>/<PackageId>Keeper.SecretsManager.StrongName<\/PackageId>/g' SecretsManager.StrongName.csproj
cat SecretsManager.StrongName.csproj
- name: Build
working-directory: ./SecretsManager
run: |
pwd
ls -lah
dotnet build SecretsManager.StrongName.csproj --configuration Release --no-restore -p:SignKSM=True
- name: Cleanup temp files
working-directory: ./SecretsManager
run: |
ls -lah
rm -f sgKSM.snk
- name: Publish package
if: ${{ github.event.inputs.publish == 'true' }}
working-directory: ./SecretsManager
run: |
ls -lah ./bin/Release/
dotnet nuget push bin/Release/*.nupkg --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json
114 changes: 111 additions & 3 deletions .github/workflows/publish.nuget.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,13 @@
name: Publish to NuGet

on:
workflow_dispatch:
inputs:
publish:
description: 'Publish to NuGet (uncheck to build only)'
required: false
default: 'true'
type: boolean

jobs:
publish-nuget:
Expand All @@ -9,30 +16,131 @@ jobs:

defaults:
run:

working-directory: ./sdk/dotNet

steps:
- name: Get the source code
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Setup .NET 6
uses: actions/setup-dotnet@v1
uses: actions/setup-dotnet@v4
with:
dotnet-version: 6.0.x

- name: Retrieve secrets from KSM
id: ksmsecrets
uses: Keeper-Security/ksm-action@master
with:
keeper-secret-config: ${{ secrets.KSM_KSM_CONFIG }}
secrets: |
Sq4nnb5HXXNp1l6KryXynw/field/password > NUGET_AUTH_TOKEN
- name: Install dependencies
run: dotnet restore

- name: Build
run: dotnet build --configuration Release --no-restore

- name: Publish package
if: ${{ github.event.inputs.publish == 'true' }}
run: dotnet nuget push ./SecretsManager/bin/Release/*.nupkg --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json

- name: Upload non-strong-named binaries
if: ${{ github.event.inputs.publish == 'false' }}
uses: actions/upload-artifact@v4
with:
name: non-strong-named-binaries-${{ github.run_number }}
path: |
${{ github.workspace }}/sdk/dotNet/SecretsManager/bin/Release/*.nupkg
publish-nuget-strongname:
environment: prod
runs-on: windows-latest

defaults:
run:
shell: powershell
working-directory: .\sdk\dotNet

steps:
- name: Get the source code
uses: actions/checkout@v4

- name: Setup .NET 6
uses: actions/setup-dotnet@v4
with:
dotnet-version: 6.0.x

- name: Retrieve secrets from KSM
id: ksmsecrets
uses: Keeper-Security/ksm-action@master
with:
keeper-secret-config: ${{ secrets.KSM_KSM_CONFIG }}
secrets: |
Sq4nnb5HXXNp1l6KryXynw/field/password > NUGET_AUTH_TOKEN
Sq4nnb5HXXNp1l6KryXynw/file/sgKSM.snk > file:${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk
- name: Extract and Update Public Key in SecretsManagerClient.cs
run: |
$snPath = "C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools\sn.exe"
$snkPath = "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk"
$publicKeyPath = "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.pub"
& $snPath -p $snkPath $publicKeyPath
$publicKeyInfo = & $snPath -tp $publicKeyPath
# Filter and join the lines of the public key
$publicKeyLines = $publicKeyInfo -split "`n" | Where-Object { $_ -match "^[a-f0-9\s]+$" }
$publicKey = $publicKeyLines -join "" -replace "\s", ""
if (-not $publicKey) {
Write-Error "Failed to extract the full public key."
exit 1
}
Write-Output "Extracted Public Key: $publicKey"
$filePath = "${{ github.workspace }}\sdk\dotNet\SecretsManager\SecretsManagerClient.cs"
(Get-Content $filePath) -replace '\[assembly: InternalsVisibleTo\("SecretsManager.Test.Core"\)\]', "[assembly: InternalsVisibleTo(`"SecretsManager.Test.Core, PublicKey=$publicKey`")]" | Set-Content $filePath
Write-Output "First 20 lines of the modified SecretsManagerClient.cs:"
Get-Content $filePath -Head 20
- name: Install dependencies
run: dotnet restore

- name: "Preparing package for strong naming"
working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
run: |
pwd
Get-ChildItem
Copy-Item -Path "SecretsManager.csproj" -Destination "SecretsManager.StrongName.csproj"
(Get-Content -Path "SecretsManager.StrongName.csproj") -replace '<PackageId>Keeper.SecretsManager</PackageId>', '<PackageId>Keeper.SecretsManager.StrongName</PackageId>' | Set-Content -Path "SecretsManager.StrongName.csproj"
Get-Content "SecretsManager.StrongName.csproj"
Copy-Item -Path "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk" -Destination "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\sgKSM.snk"
Get-ChildItem "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\"
- name: Build
working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
run: |
pwd
Get-ChildItem
dotnet build "SecretsManager.StrongName.csproj" --configuration Release --no-restore -p:SignKSM=True
- name: Cleanup secret files
working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
run: |
Remove-Item -Path "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk"
Remove-Item -Path "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\sgKSM.snk"
- name: Publish package
run: dotnet nuget push ./SecretsManager/bin/Release/*.nupkg --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json
if: ${{ github.event.inputs.publish == 'true' }}
working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
run: |
Get-ChildItem ".\bin\Release\"
dotnet nuget push ".\bin\Release\*.nupkg" --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json
- name: Upload strong-named binaries
if: ${{ github.event.inputs.publish == 'false' }}
uses: actions/upload-artifact@v4
with:
name: strong-named-binaries-${{ github.run_number }}
path: |
${{ github.workspace }}\sdk\dotNet\SecretsManager\bin\Release\*.nupkg
2 changes: 1 addition & 1 deletion examples/dotNet/HelloSecret/HelloSecret.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
</PropertyGroup>

<ItemGroup>
<PackageReference Include="Keeper.SecretsManager" Version="16.5.1" />
<PackageReference Include="Keeper.SecretsManager" Version="16.6.5" />
</ItemGroup>

</Project>
10 changes: 10 additions & 0 deletions sdk/dotNet/.editorconfig
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
[*]

# Indentation and spacing
indent_size = 4
indent_style = space
tab_width = 4

# New line preferences
end_of_line = lf
insert_final_newline = true
9 changes: 9 additions & 0 deletions sdk/dotNet/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,15 @@

# Change Log

## 16.6.6

* KSM-360 - GHA to build and release strong named assemblies
* KSM-490 - Switch some internal classes to public - for use in plugins
* KSM-515 - Update to Bouncy Castle 2.4.0
* KSM-536 - Update to System.Text.Json 8.0.4
* KSM-517 - Add support for netstandard2.0 target
* KSM-542 - Fix PowerShell module to allow dot in title

## 16.6.5

* KSM-476 - fix public key parsing
Expand Down
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
@{
ModuleVersion = '16.6.4'
ModuleVersion = '16.6.6'
RootModule = 'SecretManagement.Keeper.Extension.psm1'
RequiredAssemblies = '../SecretManagement.Keeper.dll'
CompatiblePSEditions = @('Core')
GUID = '7ad471fa-c303-4e0f-8da7-4b4b6da380f9'
Author = 'Sergey Aldoukhov'
CompanyName = 'Keeper Security'
Copyright = '(c) 2023 Keeper Security, Inc.'
Copyright = '(c) 2024 Keeper Security, Inc.'
FunctionsToExport = 'Set-Secret', 'Get-Secret', 'Remove-Secret', 'Get-SecretInfo', 'Test-SecretVault', 'Set-KeeperVault', 'Get-Notation'
CmdletsToExport = @()
VariablesToExport = @()
AliasesToExport = @()
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,15 @@ function Get-Config {
[string] $LocalVaultName
)
$vaults = Microsoft.Powershell.SecretManagement\Get-SecretVault
$localVault = $vaults.Where( { $_.Name -eq $LocalVaultName } )
$localVault = $vaults.Where( { $_.Name -eq $LocalVaultName } ) # SecretStore/LocalStore
if (!$localVault) {
return $null
}

$moduleInstance = Import-Module -Name $localVault.ModuleName -PassThru
$configSecretName = 'KeeperVault.' + $VaultName
$configSecretName = 'KeeperVault.' + $VaultName # passed by SecretStore while enumerating registered vaults
$config = & $moduleInstance Get-Secret -Name $configSecretName -VaultName $localVault.Name
if ($config -isnot [Hashtable]) {
if ($config -isnot [Hashtable]) {
$config = $config[0] # SecretStore returns a List
}
return $config
Expand Down
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
<Project Sdk="Microsoft.NET.Sdk">

<PropertyGroup>
<TargetFramework>netstandard2.1</TargetFramework>
<TargetFramework>netstandard2.0</TargetFramework>
<AssemblyName>SecretManagement.Keeper</AssemblyName>
<CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
<AssemblyVersion>16.6.4</AssemblyVersion>
<FileVersion>16.6.4</FileVersion>
<AssemblyVersion>16.6.6</AssemblyVersion>
<FileVersion>16.6.6</FileVersion>
</PropertyGroup>

<ItemGroup>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
@{
ModuleVersion = '16.6.4'
ModuleVersion = '16.6.6'
CompatiblePSEditions = @('Core')
GUID = '20ab89cb-f0dd-4e8e-b276-f3a7708c1eb2'
Author = 'Sergey Aldoukhov'
CompanyName = 'Keeper Security'
Copyright = '(c) 2023 Keeper Security, Inc.'
Copyright = '(c) 2024 Keeper Security, Inc.'
Description = 'SecretManagement extension vault for Keeper'
RootModule = './SecretManagement.Keeper.psm1'
NestedModules = @('./SecretManagement.Keeper.Extension')
Expand All @@ -22,4 +22,4 @@
ReleaseNotes = 'Bug fixes and improvements'
}
}
}
}
18 changes: 14 additions & 4 deletions sdk/dotNet/SecretManagement.Keeper/build.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,19 @@ if ($Package) {
}

@(
'./bin/Release/netstandard2.1/SecretManagement.Keeper.dll'
'./bin/Release/netstandard2.1/SecretsManager.dll'
'./bin/Release/netstandard2.1/BouncyCastle.Cryptography.dll'
'./bin/Release/netstandard2.0/SecretsManager.dll'
'./bin/Release/netstandard2.0/SecretManagement.Keeper.dll'
'./bin/Release/netstandard2.0/SecretManagement.Keeper.deps.json'
'./bin/Release/netstandard2.0/BouncyCastle.Cryptography.dll'
'./bin/Release/netstandard2.0/Microsoft.Bcl.AsyncInterfaces.dll'
'./bin/Release/netstandard2.0/System.Buffers.dll'
'./bin/Release/netstandard2.0/System.Management.Automation.dll'
'./bin/Release/netstandard2.0/System.Memory.dll'
'./bin/Release/netstandard2.0/System.Numerics.Vectors.dll'
'./bin/Release/netstandard2.0/System.Runtime.CompilerServices.Unsafe.dll'
'./bin/Release/netstandard2.0/System.Text.Encodings.Web.dll'
'./bin/Release/netstandard2.0/System.Text.Json.dll'
'./bin/Release/netstandard2.0/System.Threading.Tasks.Extensions.dll'
) | ForEach-Object {
Copy-Item -Path $_ -Destination $outDir -Force
}
Expand All @@ -45,4 +55,4 @@ if ($Publish) {
Publish-Module -Path ./out/SecretManagement.Keeper -NuGetApiKey $APIKey -Verbose
}

Pop-Location
Pop-Location
Loading

0 comments on commit 2eccd41

Please sign in to comment.