From c64e516385e46b121b92178505fd1bc4aba46e5e Mon Sep 17 00:00:00 2001 From: Max Ustinov Date: Tue, 26 Mar 2024 11:01:43 -0700 Subject: [PATCH] KSM .NET SDK: GHA to publish strong named binary: - updated copyright year to 2024 - updated to the publish.nuget.strong.named.yml - updates to the publish.nuget.yml --- .../workflows/publish.nuget.strong.named.yml | 36 +++++++++-- .github/workflows/publish.nuget.yml | 23 ++++--- .github/workflows/test.publish.nuget.yml | 63 ++++++++++++++++--- .../SecretsManager.Test.Core.csproj | 5 ++ .../SecretsManager/SecretsManager.csproj | 2 +- .../SecretsManager/SecretsManagerClient.cs | 2 +- 6 files changed, 107 insertions(+), 24 deletions(-) diff --git a/.github/workflows/publish.nuget.strong.named.yml b/.github/workflows/publish.nuget.strong.named.yml index 0a121cc2..9f1d3f5e 100644 --- a/.github/workflows/publish.nuget.strong.named.yml +++ b/.github/workflows/publish.nuget.strong.named.yml @@ -2,6 +2,13 @@ name: Publish strong-named assemblies to NuGet on: workflow_dispatch: + inputs: + publish: + description: 'Publish to NuGet (uncheck to build only)' + required: false + default: 'true' + type: boolean + jobs: publish-nuget: @@ -29,16 +36,37 @@ jobs: keeper-secret-config: ${{ secrets.KSM_KSM_CONFIG }} secrets: | Sq4nnb5HXXNp1l6KryXynw/field/password > NUGET_AUTH_TOKEN - AAAAAAAAAAAAAAAAAAAAAA/file/sgKSM.snk > file:${{ github.workspace }}/sdk/dotNet/SecretsManager/sgKSM.snk + Sq4nnb5HXXNp1l6KryXynw/file/sgKSM.snk > file:${{ github.workspace }}/sdk/dotNet/SecretsManager/sgKSM.snk - name: Install dependencies run: dotnet restore + - name: "Preparing package for strong naming" + working-directory: ./SecretsManager + run: | + pwd + ls -lah + cp -f SecretsManager.csproj SecretsManager.StrongName.csproj + ls -lah + sed -i 's/Keeper.SecretsManager<\/PackageId>/Keeper.SecretsManager.StrongName<\/PackageId>/g' SecretsManager.StrongName.csproj + cat SecretsManager.StrongName.csproj + - name: Build - run: dotnet build --configuration Release --no-restore -p:SignKSM=True + working-directory: ./SecretsManager + run: | + pwd + ls -lah + dotnet build SecretsManager.StrongName.csproj --configuration Release --no-restore -p:SignKSM=True - name: Cleanup temp files - run: rm -f ./SecretsManager/sgKSM.snk + working-directory: ./SecretsManager + run: | + ls -lah + rm -f sgKSM.snk - name: Publish package - run: dotnet nuget push ./SecretsManager/bin/Release/*.nupkg --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json + if: ${{ github.event.inputs.publish == 'true' }} + working-directory: ./SecretsManager + run: | + ls -lah ./bin/Release/ + dotnet nuget push bin/Release/*.nupkg --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json diff --git a/.github/workflows/publish.nuget.yml b/.github/workflows/publish.nuget.yml index 00e8c482..b9fa5d4a 100644 --- a/.github/workflows/publish.nuget.yml +++ b/.github/workflows/publish.nuget.yml @@ -1,4 +1,5 @@ name: Publish to NuGet + on: workflow_dispatch: @@ -9,23 +10,18 @@ jobs: defaults: run: + working-directory: ./sdk/dotNet steps: - name: Get the source code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup .NET 6 - uses: actions/setup-dotnet@v1 + uses: actions/setup-dotnet@v4 with: dotnet-version: 6.0.x - - name: Install dependencies - run: dotnet restore - - - name: Build - run: dotnet build --configuration Release --no-restore - - name: Retrieve secrets from KSM id: ksmsecrets uses: Keeper-Security/ksm-action@master @@ -34,5 +30,16 @@ jobs: secrets: | Sq4nnb5HXXNp1l6KryXynw/field/password > NUGET_AUTH_TOKEN + + - name: Install dependencies + run: dotnet restore + + - name: Build + run: dotnet build --configuration Release --no-restore + + + + + - name: Publish package run: dotnet nuget push ./SecretsManager/bin/Release/*.nupkg --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json diff --git a/.github/workflows/test.publish.nuget.yml b/.github/workflows/test.publish.nuget.yml index e455734f..805787c5 100644 --- a/.github/workflows/test.publish.nuget.yml +++ b/.github/workflows/test.publish.nuget.yml @@ -1,31 +1,33 @@ -name: TEST Publish to NuGet +name: Publish strong-named assemblies to NuGet + on: workflow_dispatch: + inputs: + publish: + description: 'Publish to NuGet (uncheck to build only)' + required: false + default: 'true' + type: boolean jobs: publish-nuget: environment: prod - runs-on: ubuntu-latest + runs-on: windows-latest defaults: run: + shell: bash working-directory: ./sdk/dotNet steps: - name: Get the source code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup .NET 6 - uses: actions/setup-dotnet@v1 + uses: actions/setup-dotnet@v4 with: dotnet-version: 6.0.x - - name: Install dependencies - run: dotnet restore - - - name: Build - run: dotnet build --configuration Release --no-restore - - name: Retrieve secrets from KSM id: ksmsecrets uses: Keeper-Security/ksm-action@master @@ -33,3 +35,44 @@ jobs: keeper-secret-config: ${{ secrets.KSM_KSM_CONFIG }} secrets: | Sq4nnb5HXXNp1l6KryXynw/field/password > NUGET_AUTH_TOKEN + Sq4nnb5HXXNp1l6KryXynw/file/sgKSM.snk > file:${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk + + - name: Install dependencies + run: dotnet restore + + - name: "Preparing package for strong naming" + working-directory: ${{ github.workspace }}/sdk/dotNet/SecretsManager/ + run: | + pwd + ls -lah + cp -f SecretsManager.csproj SecretsManager.StrongName.csproj + ls -lah + sed -i 's/Keeper.SecretsManager<\/PackageId>/Keeper.SecretsManager.StrongName<\/PackageId>/g' SecretsManager.StrongName.csproj + cat SecretsManager.StrongName.csproj + echo "Place the sgKSM.snk file in the SecretsManager.Test.Core directory" + cp -f ${{ github.workspace }}/sdk/dotNet/SecretsManager/sgKSM.snk ${{ github.workspace }}/sdk/dotNet/SecretsManager.Test.Core/sgKSM.snk + ls -lah ${{ github.workspace }}/sdk/dotNet/SecretsManager.Test.Core + + - name: Build + working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\ + run: | + pwd + ls -lah + dotnet build SecretsManager.StrongName.csproj --configuration Release --no-restore -p:SignKSM=True + + - name: Cleanup secret files + working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\ + run: | + ls -lah + rm -f sgKSM.snk + ls -lah + ls -lah ${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\ + rm -f ${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\sgKSM.snk + ls -lah ${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\ + + - name: Publish package + if: ${{ github.event.inputs.publish == 'true' }} + working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\ + run: | + ls -lah ./bin/Release/ + dotnet nuget push bin\Release\*.nupkg --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json diff --git a/sdk/dotNet/SecretsManager.Test.Core/SecretsManager.Test.Core.csproj b/sdk/dotNet/SecretsManager.Test.Core/SecretsManager.Test.Core.csproj index 598ad363..b70d7b7b 100644 --- a/sdk/dotNet/SecretsManager.Test.Core/SecretsManager.Test.Core.csproj +++ b/sdk/dotNet/SecretsManager.Test.Core/SecretsManager.Test.Core.csproj @@ -19,4 +19,9 @@ + + True + sgKSM.snk + + diff --git a/sdk/dotNet/SecretsManager/SecretsManager.csproj b/sdk/dotNet/SecretsManager/SecretsManager.csproj index 64a11639..f2f7ab1c 100644 --- a/sdk/dotNet/SecretsManager/SecretsManager.csproj +++ b/sdk/dotNet/SecretsManager/SecretsManager.csproj @@ -16,7 +16,7 @@ https://github.com/Keeper-Security/secrets-manager GitHub keeper secrets manager passwords - © 2023 Keeper Security, Inc. + © 2024 Keeper Security, Inc. https://raw.githubusercontent.com/Keeper-Security/secrets-manager/master/LICENSE?token=AACNMRVMD5L3PYT3C5MTNF3BEAFZY true diff --git a/sdk/dotNet/SecretsManager/SecretsManagerClient.cs b/sdk/dotNet/SecretsManager/SecretsManagerClient.cs index 44202c7a..b390044b 100644 --- a/sdk/dotNet/SecretsManager/SecretsManagerClient.cs +++ b/sdk/dotNet/SecretsManager/SecretsManagerClient.cs @@ -11,7 +11,7 @@ using System.Text.RegularExpressions; using System.Threading.Tasks; -[assembly: InternalsVisibleTo("SecretsManager.Test.Core")] +[assembly: InternalsVisibleTo("SecretsManager.Test.Core, PublicKey=0024000004800000940000000602000000240000525341310004000001000100099b9cc5b60ed9355032e89191157119ad7ca8b717e50e49a2fc5adf5cd94de851e4366356594c10e5c0335743cbdb7c72d6e35c65bb4d01d54c24b7eb15e685af4619a2c97a8d5b04effae3c87510319a4b6d3a2fd121001bbd57c42d29f1592402bace83f7c86d2f085f0e13539938016d4f851aeb1b8d01ff39135fa210b7")] namespace SecretsManager {