Skip to content

Commit

Permalink
Update publish.nuget.yml
Browse files Browse the repository at this point in the history
removing job to publish signed sdk
  • Loading branch information
maksimu authored Jul 30, 2024
1 parent 2eccd41 commit ce376ae
Showing 1 changed file with 92 additions and 88 deletions.
180 changes: 92 additions & 88 deletions .github/workflows/publish.nuget.yml
Original file line number Diff line number Diff line change
Expand Up @@ -54,93 +54,97 @@ jobs:
path: |
${{ github.workspace }}/sdk/dotNet/SecretsManager/bin/Release/*.nupkg
publish-nuget-strongname:
environment: prod
runs-on: windows-latest

defaults:
run:
shell: powershell
working-directory: .\sdk\dotNet

steps:
- name: Get the source code
uses: actions/checkout@v4

- name: Setup .NET 6
uses: actions/setup-dotnet@v4
with:
dotnet-version: 6.0.x

- name: Retrieve secrets from KSM
id: ksmsecrets
uses: Keeper-Security/ksm-action@master
with:
keeper-secret-config: ${{ secrets.KSM_KSM_CONFIG }}
secrets: |
Sq4nnb5HXXNp1l6KryXynw/field/password > NUGET_AUTH_TOKEN
Sq4nnb5HXXNp1l6KryXynw/file/sgKSM.snk > file:${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk
- name: Extract and Update Public Key in SecretsManagerClient.cs
run: |
$snPath = "C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools\sn.exe"
$snkPath = "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk"
$publicKeyPath = "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.pub"
& $snPath -p $snkPath $publicKeyPath
$publicKeyInfo = & $snPath -tp $publicKeyPath
# Filter and join the lines of the public key
$publicKeyLines = $publicKeyInfo -split "`n" | Where-Object { $_ -match "^[a-f0-9\s]+$" }
$publicKey = $publicKeyLines -join "" -replace "\s", ""
# 2024-08-30
# COMMENTING OUT FOR NOW BECAUSE PUBLISHIGN IS FALINING.
# TODO: Fix it and try to release in the next sdk version, or release indpenedently fromt he regular sdk
#
# publish-nuget-strongname:
# environment: prod
# runs-on: windows-latest

# defaults:
# run:
# shell: powershell
# working-directory: .\sdk\dotNet

# steps:
# - name: Get the source code
# uses: actions/checkout@v4

# - name: Setup .NET 6
# uses: actions/setup-dotnet@v4
# with:
# dotnet-version: 6.0.x

# - name: Retrieve secrets from KSM
# id: ksmsecrets
# uses: Keeper-Security/ksm-action@master
# with:
# keeper-secret-config: ${{ secrets.KSM_KSM_CONFIG }}
# secrets: |
# Sq4nnb5HXXNp1l6KryXynw/field/password > NUGET_AUTH_TOKEN
# Sq4nnb5HXXNp1l6KryXynw/file/sgKSM.snk > file:${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk

# - name: Extract and Update Public Key in SecretsManagerClient.cs
# run: |
# $snPath = "C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools\sn.exe"
# $snkPath = "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk"
# $publicKeyPath = "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.pub"
# & $snPath -p $snkPath $publicKeyPath
# $publicKeyInfo = & $snPath -tp $publicKeyPath
# # Filter and join the lines of the public key
# $publicKeyLines = $publicKeyInfo -split "`n" | Where-Object { $_ -match "^[a-f0-9\s]+$" }
# $publicKey = $publicKeyLines -join "" -replace "\s", ""

if (-not $publicKey) {
Write-Error "Failed to extract the full public key."
exit 1
}
# if (-not $publicKey) {
# Write-Error "Failed to extract the full public key."
# exit 1
# }

Write-Output "Extracted Public Key: $publicKey"
$filePath = "${{ github.workspace }}\sdk\dotNet\SecretsManager\SecretsManagerClient.cs"
(Get-Content $filePath) -replace '\[assembly: InternalsVisibleTo\("SecretsManager.Test.Core"\)\]', "[assembly: InternalsVisibleTo(`"SecretsManager.Test.Core, PublicKey=$publicKey`")]" | Set-Content $filePath
Write-Output "First 20 lines of the modified SecretsManagerClient.cs:"
Get-Content $filePath -Head 20
- name: Install dependencies
run: dotnet restore

- name: "Preparing package for strong naming"
working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
run: |
pwd
Get-ChildItem
Copy-Item -Path "SecretsManager.csproj" -Destination "SecretsManager.StrongName.csproj"
(Get-Content -Path "SecretsManager.StrongName.csproj") -replace '<PackageId>Keeper.SecretsManager</PackageId>', '<PackageId>Keeper.SecretsManager.StrongName</PackageId>' | Set-Content -Path "SecretsManager.StrongName.csproj"
Get-Content "SecretsManager.StrongName.csproj"
Copy-Item -Path "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk" -Destination "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\sgKSM.snk"
Get-ChildItem "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\"
- name: Build
working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
run: |
pwd
Get-ChildItem
dotnet build "SecretsManager.StrongName.csproj" --configuration Release --no-restore -p:SignKSM=True
- name: Cleanup secret files
working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
run: |
Remove-Item -Path "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk"
Remove-Item -Path "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\sgKSM.snk"
- name: Publish package
if: ${{ github.event.inputs.publish == 'true' }}
working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
run: |
Get-ChildItem ".\bin\Release\"
dotnet nuget push ".\bin\Release\*.nupkg" --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json
- name: Upload strong-named binaries
if: ${{ github.event.inputs.publish == 'false' }}
uses: actions/upload-artifact@v4
with:
name: strong-named-binaries-${{ github.run_number }}
path: |
${{ github.workspace }}\sdk\dotNet\SecretsManager\bin\Release\*.nupkg
# Write-Output "Extracted Public Key: $publicKey"
# $filePath = "${{ github.workspace }}\sdk\dotNet\SecretsManager\SecretsManagerClient.cs"
# (Get-Content $filePath) -replace '\[assembly: InternalsVisibleTo\("SecretsManager.Test.Core"\)\]', "[assembly: InternalsVisibleTo(`"SecretsManager.Test.Core, PublicKey=$publicKey`")]" | Set-Content $filePath
# Write-Output "First 20 lines of the modified SecretsManagerClient.cs:"
# Get-Content $filePath -Head 20

# - name: Install dependencies
# run: dotnet restore

# - name: "Preparing package for strong naming"
# working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
# run: |
# pwd
# Get-ChildItem
# Copy-Item -Path "SecretsManager.csproj" -Destination "SecretsManager.StrongName.csproj"
# (Get-Content -Path "SecretsManager.StrongName.csproj") -replace '<PackageId>Keeper.SecretsManager</PackageId>', '<PackageId>Keeper.SecretsManager.StrongName</PackageId>' | Set-Content -Path "SecretsManager.StrongName.csproj"
# Get-Content "SecretsManager.StrongName.csproj"
# Copy-Item -Path "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk" -Destination "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\sgKSM.snk"
# Get-ChildItem "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\"

# - name: Build
# working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
# run: |
# pwd
# Get-ChildItem
# dotnet build "SecretsManager.StrongName.csproj" --configuration Release --no-restore -p:SignKSM=True

# - name: Cleanup secret files
# working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
# run: |
# Remove-Item -Path "${{ github.workspace }}\sdk\dotNet\SecretsManager\sgKSM.snk"
# Remove-Item -Path "${{ github.workspace }}\sdk\dotNet\SecretsManager.Test.Core\sgKSM.snk"

# - name: Publish package
# if: ${{ github.event.inputs.publish == 'true' }}
# working-directory: ${{ github.workspace }}\sdk\dotNet\SecretsManager\
# run: |
# Get-ChildItem ".\bin\Release\"
# dotnet nuget push ".\bin\Release\*.nupkg" --api-key ${{steps.ksmsecrets.outputs.NUGET_AUTH_TOKEN}} --source https://api.nuget.org/v3/index.json

# - name: Upload strong-named binaries
# if: ${{ github.event.inputs.publish == 'false' }}
# uses: actions/upload-artifact@v4
# with:
# name: strong-named-binaries-${{ github.run_number }}
# path: |
# ${{ github.workspace }}\sdk\dotNet\SecretsManager\bin\Release\*.nupkg

0 comments on commit ce376ae

Please sign in to comment.