From b960eb0283f8a75b0c371881876461098b142f7c Mon Sep 17 00:00:00 2001
From: Damian Hickey <57436+damianh@users.noreply.github.com>
Date: Mon, 16 Feb 2026 16:05:13 +0100
Subject: [PATCH] Update CI/CD workflows to use only .NET 10.0.100 SDK
---
.github/workflow-gen/StepExtensions.cs | 528 +++++++++---------
.github/workflows/bff-ci.yml | 488 ++++++++--------
.github/workflows/bff-release.yml | 230 ++++----
.github/workflows/docs-mcp-ci.yml | 369 ++++++------
.github/workflows/docs-mcp-release.yml | 230 ++++----
.github/workflows/identity-server-ci.yml | 516 +++++++++--------
.github/workflows/identity-server-release.yml | 230 ++++----
.github/workflows/templates-release.yml | 230 ++++----
8 files changed, 1382 insertions(+), 1439 deletions(-)
diff --git a/.github/workflow-gen/StepExtensions.cs b/.github/workflow-gen/StepExtensions.cs
index 5e99c0d50..31dd5e15b 100644
--- a/.github/workflow-gen/StepExtensions.cs
+++ b/.github/workflow-gen/StepExtensions.cs
@@ -1,267 +1,267 @@
-// Copyright (c) Duende Software. All rights reserved.
-// Licensed under the Apache License, Version 2.0.
-
-using Logicality.GitHub.Actions.Workflow;
-
-public static class StepExtensions
-{
- public static void EnvDefaults(this Workflow workflow)
- => workflow.Env(
- ("DOTNET_NOLOGO", "true"),
- ("DOTNET_CLI_TELEMETRY_OPTOUT", "true"));
-
- public static void StepSetupDotNet(this Job job)
- {
- job.Step()
- .Name("List .net sdks")
- .Run("dotnet --list-sdks");
-
+// Copyright (c) Duende Software. All rights reserved.
+// Licensed under the Apache License, Version 2.0.
+
+using Logicality.GitHub.Actions.Workflow;
+
+public static class StepExtensions
+{
+ public static void EnvDefaults(this Workflow workflow)
+ => workflow.Env(
+ ("DOTNET_NOLOGO", "true"),
+ ("DOTNET_CLI_TELEMETRY_OPTOUT", "true"));
+
+ public static void StepSetupDotNet(this Job job)
+ {
+ job.Step()
+ .Name("List .net sdks")
+ .Run("dotnet --list-sdks");
+
job.Step()
.Name("Setup .NET")
- .ActionsSetupDotNet("3e891b0cb619bf60e2c25674b222b8940e2c1c25", ["8.0.x", "9.0.203", "10.0.100"]);
+ .ActionsSetupDotNet("3e891b0cb619bf60e2c25674b222b8940e2c1c25", ["10.0.100"]);
// v4.1.0
- }
-
- ///
- /// Only run this for a main build
- ///
- public static Step IfRefMain(this Step step)
- => step.If("github.ref == 'refs/heads/main'");
-
- ///
- /// Only run this if the build is triggered on a branch IN the same repo
- /// this means it's from a trusted contributor.
- ///
- public static Step IfGithubEventIsPush(this Step step)
- => step.If("github.event == 'push'");
-
- public static void StepDotNetDevCerts(this Job job)
- => job.Step()
- .Name("Dotnet devcerts")
- .Run("dotnet dev-certs https --trust");
-
- public static void CachePlaywrightAssets(this Job job)
- => job.Step("playwright-cache")
- .Name("Cache Playwright assets")
- .Uses("actions/cache@v4")
- .With(
- ("path", "~/.cache/ms-playwright"),
- ("key", "playwright-${{ runner.os }}-${{ hashFiles('**/Hosts.Tests.csproj') }}"),
- ("restore-keys", "playwright-${{ runner.os }}-"));
-
- public static void StepInstallPlayWright(this Job job, string playwrightTestProject)
- => job.Step()
- .Name("Install Playwright")
- .If("steps.playwright-cache.outputs.cache-hit != 'true'")
- .Run($"pwsh test/{playwrightTestProject}/bin/Release/net10.0/playwright.ps1 install --with-deps");
-
- public static void StepToolRestore(this Job job)
- => job.Step()
- .Name("Tool restore")
- .Run("dotnet tool restore");
-
- public static void StepPack(this Job job, string target) =>
- job.Step()
- .Name($"Pack {target}")
- .Run($"dotnet pack -c Release {target} -o artifacts");
-
- public static Step StepRestore(this Job job, string solution)
- => job.Step()
- .Name("Restore")
- .Run($"dotnet restore {solution}");
-
- public static Step StepVerifyFormatting(this Job job, string solution)
- => job.Step()
- .Name("Verify Formatting")
- .Run($"dotnet format {solution} --verify-no-changes --no-restore");
-
- public static Step StepBuild(this Job job, string solution)
- => job.Step()
- .Name("Build")
- .Run($"dotnet build {solution} --no-restore -c Release");
-
- public static void StepTest(this Job job, string project)
- {
- var logFileName = $"{project}-tests.trx";
- var loggingFlags = $"--logger \"console;verbosity=normal\" " +
- $"--logger \"trx;LogFileName={logFileName}\" " +
- $"--collect:\"XPlat Code Coverage\"";
-
- job.Step()
- .Name($"Test - {project}")
- .Run($"dotnet test {project} -c Release --no-build {loggingFlags}");
-
- var id = $"test-report-{project.Replace("/", "-").Replace(".", "-")}";
- job.Step(id)
- .Name($"Test report - {project}")
- .WorkingDirectory("test")
- .Uses("dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5") // v1.9.1
- .If("github.event_name == 'push' && (success() || failure())")
- .With(
- ("name", $"Test Report - {project}"),
- ("path", $"**/{logFileName}"),
- ("reporter", "dotnet-trx"),
- ("fail-on-error", "true"),
- ("fail-on-empty", "true"));
-
- job.Step()
- .Name("Publish test report link")
- .Run($"echo \"[Test Results - {project}](${{{{ steps.{id}.outputs.url_html }}}})\" >> $GITHUB_STEP_SUMMARY");
- }
-
- public static Step StepPushToNuget(this Job job, bool pushAlways = false)
- => job.StepPush("nuget.org", "https://api.nuget.org/v3/index.json", "NUGET_ORG_API_KEY", pushAlways);
-
- public static Step StepPushToGithub(this Job job, GitHubContexts contexts, bool pushAlways = false)
- => job.StepPush("GitHub", "https://nuget.pkg.github.com/DuendeSoftware/index.json", "GITHUB_TOKEN", pushAlways)
- .Env(("GITHUB_TOKEN", contexts.Secrets.GitHubToken),
- ("NUGET_AUTH_TOKEN", contexts.Secrets.GitHubToken));
-
-
- public static void StepSign(this Job job, bool always = false)
- {
- var flags = "--file-digest sha256 " +
- "--timestamp-rfc3161 http://timestamp.digicert.com " +
- "--azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ " +
- "--azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 " +
- "--azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 " +
- "--azure-key-vault-client-secret ${{ secrets.SignClientSecret }} " +
- "--azure-key-vault-certificate NuGetPackageSigning";
- var step = job.Step()
- .Name("Sign packages");
- if (!always)
- {
- step = step.IfGithubEventIsPush();
- }
-
- step.Run($"""
- for file in artifacts/*.nupkg; do
- dotnet NuGetKeyVaultSignTool sign "$file" {flags}
- done
- """);
- }
-
- public static Step StepPush(this Job job, string destination, string sourceUrl, string secretName, bool pushAlways = false)
- {
- var apiKey = $"${{{{ secrets.{secretName} }}}}";
- var step = job.Step()
- .Name($"Push packages to {destination}");
-
- if (!pushAlways)
- {
- step.IfRefMain();
- }
-
- return step.Run($"dotnet nuget push artifacts/*.nupkg --source {sourceUrl} --api-key {apiKey} --skip-duplicate");
- }
-
- public static Step StepGitCheckoutCustomBranch(this Job job) =>
- job.Step()
- .Name("Checkout target branch")
- .If("github.event.inputs.branch != 'main'")
- .Run("git checkout ${{ github.event.inputs.branch }}");
-
- public static Step StepGitConfig(this Job job) =>
- job.Step()
- .Name("Git Config")
- .Run("""
- git config --global user.email "github-bot@duendesoftware.com"
- git config --global user.name "Duende Software GitHub Bot"
- """);
-
- internal static Step StepGitRemoveExistingTagIfConfigured(this Job job, Product component, GitHubContexts contexts) =>
- job.Step()
- .Name("Git Config")
- .If("github.event.inputs['remove-tag-if-exists'] == 'true'")
- .Run($"""
- if git rev-parse {component.TagPrefix}-{contexts.Event.Input.Version} >/dev/null 2>&1; then
- git tag -d {component.TagPrefix}-{contexts.Event.Input.Version}
- git push --delete origin {component.TagPrefix}-{contexts.Event.Input.Version}
- else
- echo 'Tag {component.TagPrefix}-{contexts.Event.Input.Version} does not exist.'
- fi
- """);
-
- internal static Step StepGitPushTag(this Job job, Product component, GitHubContexts contexts) =>
- job.Step()
- .Name("Git Config")
- .Run($"""
- git tag -a {component.TagPrefix}-{contexts.Event.Input.Version} -m "Release v{contexts.Event.Input.Version}"
- git push origin {component.TagPrefix}-{contexts.Event.Input.Version}
- """);
-
- public static WorkflowDispatch InputVersionBranchAndTagOverride(this WorkflowDispatch workflow) =>
- workflow.Inputs(
- new StringInput("version", "Version in format X.Y.Z, X.Y.Z-preview.N, or X.Y.Z-rc.N", true, "0.0.0"),
- new StringInput("branch", "(Optional) the name of the branch to release from", false, "main"),
- new BooleanInput("remove-tag-if-exists", "If set, will remove the existing tag. Use this if you have issues with the previous release action", false, false));
-
- public static Step StepUploadPlaywrightTestTraces(this Job job, string componentName)
- {
- var path = $"{componentName}/test/**/playwright-traces/*.zip";
- return job.Step()
- .Name("Upload playwright traces")
- .If("success() || failure()")
- .Uses("actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882") // 4.4.3
- .With(
- ("name", "playwright-traces"),
- ("path", path),
- ("overwrite", "true"),
- ("retention-days", "15"));
- }
-
- public static void StepUploadArtifacts(this Job job, string componentName, bool uploadAlways = false)
- {
- var path = $"{componentName}/artifacts/*.nupkg";
- var step = job.Step()
- .Name("Upload Artifacts");
-
- if (!uploadAlways)
- {
- step.IfRefMain();
- }
-
- step.Uses("actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882") // 4.4.3
- .With(
- ("name", "artifacts"),
- ("path", path),
- ("overwrite", "true"),
- ("retention-days", "15"));
- }
-
- ///
- /// The build triggers both on branch AND on pull_request.
- ///
- /// Only (trusted) contributors can open branches in the main repo, so these builds can run with a higher trust level.
- /// So, they are running with trigger 'push'. These builds have access to the secrets and thus they can do things like
- /// sign, push the packages, etc..
- ///
- /// External contributors can only create branches on external repo's. These builds run with a lower trust level.
- /// So, they are running with trigger 'pull_request'. These builds do not have access to the secrets and thus they can't
- /// sign, push the packages, etc..
- ///
- /// Now, if a trusted contributor creates a branch in the main repo, then creates a PR, we don't want to run the build twice.
- /// This prevents that. The build will only run once, on the branch with the higher trust level.
- ///
- ///
- public static Job RunEitherOnBranchOrAsPR(this Job job)
- => job.If(
- "(github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')");
-
- public static void StepInitializeCodeQl(this Job job) =>
- job.Step()
- .Name("Initialize CodeQL")
- .Uses("github/codeql-action/init@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0") // 3.28.9
- .With(
- ("languages", "csharp"),
- ("build-mode", "manual"),
- ("db-location", "~/.codeql/databases"));
-
- public static void StepPerformCodeQlAnalysis(this Job job) =>
- job.Step()
- .Name("Perform CodeQL Analysis")
- .If("${{ env.DISABLE_CODEQL_ANALYSIS != 'true' }}")
- .Uses("github/codeql-action/analyze@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0") // 3.28.9
- .With(
- ("category", "/language:csharp"));
-}
+ }
+
+ ///
+ /// Only run this for a main build
+ ///
+ public static Step IfRefMain(this Step step)
+ => step.If("github.ref == 'refs/heads/main'");
+
+ ///
+ /// Only run this if the build is triggered on a branch IN the same repo
+ /// this means it's from a trusted contributor.
+ ///
+ public static Step IfGithubEventIsPush(this Step step)
+ => step.If("github.event == 'push'");
+
+ public static void StepDotNetDevCerts(this Job job)
+ => job.Step()
+ .Name("Dotnet devcerts")
+ .Run("dotnet dev-certs https --trust");
+
+ public static void CachePlaywrightAssets(this Job job)
+ => job.Step("playwright-cache")
+ .Name("Cache Playwright assets")
+ .Uses("actions/cache@v4")
+ .With(
+ ("path", "~/.cache/ms-playwright"),
+ ("key", "playwright-${{ runner.os }}-${{ hashFiles('**/Hosts.Tests.csproj') }}"),
+ ("restore-keys", "playwright-${{ runner.os }}-"));
+
+ public static void StepInstallPlayWright(this Job job, string playwrightTestProject)
+ => job.Step()
+ .Name("Install Playwright")
+ .If("steps.playwright-cache.outputs.cache-hit != 'true'")
+ .Run($"pwsh test/{playwrightTestProject}/bin/Release/net10.0/playwright.ps1 install --with-deps");
+
+ public static void StepToolRestore(this Job job)
+ => job.Step()
+ .Name("Tool restore")
+ .Run("dotnet tool restore");
+
+ public static void StepPack(this Job job, string target) =>
+ job.Step()
+ .Name($"Pack {target}")
+ .Run($"dotnet pack -c Release {target} -o artifacts");
+
+ public static Step StepRestore(this Job job, string solution)
+ => job.Step()
+ .Name("Restore")
+ .Run($"dotnet restore {solution}");
+
+ public static Step StepVerifyFormatting(this Job job, string solution)
+ => job.Step()
+ .Name("Verify Formatting")
+ .Run($"dotnet format {solution} --verify-no-changes --no-restore");
+
+ public static Step StepBuild(this Job job, string solution)
+ => job.Step()
+ .Name("Build")
+ .Run($"dotnet build {solution} --no-restore -c Release");
+
+ public static void StepTest(this Job job, string project)
+ {
+ var logFileName = $"{project}-tests.trx";
+ var loggingFlags = $"--logger \"console;verbosity=normal\" " +
+ $"--logger \"trx;LogFileName={logFileName}\" " +
+ $"--collect:\"XPlat Code Coverage\"";
+
+ job.Step()
+ .Name($"Test - {project}")
+ .Run($"dotnet test {project} -c Release --no-build {loggingFlags}");
+
+ var id = $"test-report-{project.Replace("/", "-").Replace(".", "-")}";
+ job.Step(id)
+ .Name($"Test report - {project}")
+ .WorkingDirectory("test")
+ .Uses("dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5") // v1.9.1
+ .If("github.event_name == 'push' && (success() || failure())")
+ .With(
+ ("name", $"Test Report - {project}"),
+ ("path", $"**/{logFileName}"),
+ ("reporter", "dotnet-trx"),
+ ("fail-on-error", "true"),
+ ("fail-on-empty", "true"));
+
+ job.Step()
+ .Name("Publish test report link")
+ .Run($"echo \"[Test Results - {project}](${{{{ steps.{id}.outputs.url_html }}}})\" >> $GITHUB_STEP_SUMMARY");
+ }
+
+ public static Step StepPushToNuget(this Job job, bool pushAlways = false)
+ => job.StepPush("nuget.org", "https://api.nuget.org/v3/index.json", "NUGET_ORG_API_KEY", pushAlways);
+
+ public static Step StepPushToGithub(this Job job, GitHubContexts contexts, bool pushAlways = false)
+ => job.StepPush("GitHub", "https://nuget.pkg.github.com/DuendeSoftware/index.json", "GITHUB_TOKEN", pushAlways)
+ .Env(("GITHUB_TOKEN", contexts.Secrets.GitHubToken),
+ ("NUGET_AUTH_TOKEN", contexts.Secrets.GitHubToken));
+
+
+ public static void StepSign(this Job job, bool always = false)
+ {
+ var flags = "--file-digest sha256 " +
+ "--timestamp-rfc3161 http://timestamp.digicert.com " +
+ "--azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ " +
+ "--azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 " +
+ "--azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 " +
+ "--azure-key-vault-client-secret ${{ secrets.SignClientSecret }} " +
+ "--azure-key-vault-certificate NuGetPackageSigning";
+ var step = job.Step()
+ .Name("Sign packages");
+ if (!always)
+ {
+ step = step.IfGithubEventIsPush();
+ }
+
+ step.Run($"""
+ for file in artifacts/*.nupkg; do
+ dotnet NuGetKeyVaultSignTool sign "$file" {flags}
+ done
+ """);
+ }
+
+ public static Step StepPush(this Job job, string destination, string sourceUrl, string secretName, bool pushAlways = false)
+ {
+ var apiKey = $"${{{{ secrets.{secretName} }}}}";
+ var step = job.Step()
+ .Name($"Push packages to {destination}");
+
+ if (!pushAlways)
+ {
+ step.IfRefMain();
+ }
+
+ return step.Run($"dotnet nuget push artifacts/*.nupkg --source {sourceUrl} --api-key {apiKey} --skip-duplicate");
+ }
+
+ public static Step StepGitCheckoutCustomBranch(this Job job) =>
+ job.Step()
+ .Name("Checkout target branch")
+ .If("github.event.inputs.branch != 'main'")
+ .Run("git checkout ${{ github.event.inputs.branch }}");
+
+ public static Step StepGitConfig(this Job job) =>
+ job.Step()
+ .Name("Git Config")
+ .Run("""
+ git config --global user.email "github-bot@duendesoftware.com"
+ git config --global user.name "Duende Software GitHub Bot"
+ """);
+
+ internal static Step StepGitRemoveExistingTagIfConfigured(this Job job, Product component, GitHubContexts contexts) =>
+ job.Step()
+ .Name("Git Config")
+ .If("github.event.inputs['remove-tag-if-exists'] == 'true'")
+ .Run($"""
+ if git rev-parse {component.TagPrefix}-{contexts.Event.Input.Version} >/dev/null 2>&1; then
+ git tag -d {component.TagPrefix}-{contexts.Event.Input.Version}
+ git push --delete origin {component.TagPrefix}-{contexts.Event.Input.Version}
+ else
+ echo 'Tag {component.TagPrefix}-{contexts.Event.Input.Version} does not exist.'
+ fi
+ """);
+
+ internal static Step StepGitPushTag(this Job job, Product component, GitHubContexts contexts) =>
+ job.Step()
+ .Name("Git Config")
+ .Run($"""
+ git tag -a {component.TagPrefix}-{contexts.Event.Input.Version} -m "Release v{contexts.Event.Input.Version}"
+ git push origin {component.TagPrefix}-{contexts.Event.Input.Version}
+ """);
+
+ public static WorkflowDispatch InputVersionBranchAndTagOverride(this WorkflowDispatch workflow) =>
+ workflow.Inputs(
+ new StringInput("version", "Version in format X.Y.Z, X.Y.Z-preview.N, or X.Y.Z-rc.N", true, "0.0.0"),
+ new StringInput("branch", "(Optional) the name of the branch to release from", false, "main"),
+ new BooleanInput("remove-tag-if-exists", "If set, will remove the existing tag. Use this if you have issues with the previous release action", false, false));
+
+ public static Step StepUploadPlaywrightTestTraces(this Job job, string componentName)
+ {
+ var path = $"{componentName}/test/**/playwright-traces/*.zip";
+ return job.Step()
+ .Name("Upload playwright traces")
+ .If("success() || failure()")
+ .Uses("actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882") // 4.4.3
+ .With(
+ ("name", "playwright-traces"),
+ ("path", path),
+ ("overwrite", "true"),
+ ("retention-days", "15"));
+ }
+
+ public static void StepUploadArtifacts(this Job job, string componentName, bool uploadAlways = false)
+ {
+ var path = $"{componentName}/artifacts/*.nupkg";
+ var step = job.Step()
+ .Name("Upload Artifacts");
+
+ if (!uploadAlways)
+ {
+ step.IfRefMain();
+ }
+
+ step.Uses("actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882") // 4.4.3
+ .With(
+ ("name", "artifacts"),
+ ("path", path),
+ ("overwrite", "true"),
+ ("retention-days", "15"));
+ }
+
+ ///
+ /// The build triggers both on branch AND on pull_request.
+ ///
+ /// Only (trusted) contributors can open branches in the main repo, so these builds can run with a higher trust level.
+ /// So, they are running with trigger 'push'. These builds have access to the secrets and thus they can do things like
+ /// sign, push the packages, etc..
+ ///
+ /// External contributors can only create branches on external repo's. These builds run with a lower trust level.
+ /// So, they are running with trigger 'pull_request'. These builds do not have access to the secrets and thus they can't
+ /// sign, push the packages, etc..
+ ///
+ /// Now, if a trusted contributor creates a branch in the main repo, then creates a PR, we don't want to run the build twice.
+ /// This prevents that. The build will only run once, on the branch with the higher trust level.
+ ///
+ ///
+ public static Job RunEitherOnBranchOrAsPR(this Job job)
+ => job.If(
+ "(github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')");
+
+ public static void StepInitializeCodeQl(this Job job) =>
+ job.Step()
+ .Name("Initialize CodeQL")
+ .Uses("github/codeql-action/init@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0") // 3.28.9
+ .With(
+ ("languages", "csharp"),
+ ("build-mode", "manual"),
+ ("db-location", "~/.codeql/databases"));
+
+ public static void StepPerformCodeQlAnalysis(this Job job) =>
+ job.Step()
+ .Name("Perform CodeQL Analysis")
+ .If("${{ env.DISABLE_CODEQL_ANALYSIS != 'true' }}")
+ .Uses("github/codeql-action/analyze@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0") // 3.28.9
+ .With(
+ ("category", "/language:csharp"));
+}
diff --git a/.github/workflows/bff-ci.yml b/.github/workflows/bff-ci.yml
index 4d07d7401..288bed4d9 100644
--- a/.github/workflows/bff-ci.yml
+++ b/.github/workflows/bff-ci.yml
@@ -1,250 +1,238 @@
-# This was generated by tool. Edits will be overwritten.
-
-name: bff/ci
-on:
- workflow_dispatch:
- push:
- paths:
- - .config/dotnet-tools.json
- - .github/workflows/bff-**
- - bff/**
- - .editorconfig
- - Directory.Packages.props
- - global.json
- - src.props
- - test.props
- pull_request:
- paths:
- - .config/dotnet-tools.json
- - .github/workflows/bff-**
- - bff/**
- - .editorconfig
- - Directory.Packages.props
- - global.json
- - src.props
- - test.props
-env:
- DOTNET_NOLOGO: true
- DOTNET_CLI_TELEMETRY_OPTOUT: true
-jobs:
- verify-formatting:
- name: Verify formatting
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- permissions:
- contents: read
- defaults:
- run:
- shell: bash
- working-directory: bff
- timeout-minutes: 15
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Restore
- run: dotnet restore bff.slnf
- - name: Verify Formatting
- run: dotnet format bff.slnf --verify-no-changes --no-restore
- build:
- name: Build and test (unit)
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- permissions:
- actions: read
- checks: write
- contents: read
- packages: write
- defaults:
- run:
- shell: bash
- working-directory: bff
- timeout-minutes: 15
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Restore
- run: dotnet restore bff.slnf
- - name: Build
- run: dotnet build bff.slnf --no-restore -c Release
- - name: Dotnet devcerts
- run: dotnet dev-certs https --trust
- - name: Test - test/Bff.Tests
- run: dotnet test test/Bff.Tests -c Release --no-build --logger "console;verbosity=normal" --logger "trx;LogFileName=test/Bff.Tests-tests.trx" --collect:"XPlat Code Coverage"
- - id: test-report-test-Bff-Tests
- name: Test report - test/Bff.Tests
- if: github.event_name == 'push' && (success() || failure())
- uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
- with:
- name: Test Report - test/Bff.Tests
- path: '**/test/Bff.Tests-tests.trx'
- reporter: dotnet-trx
- fail-on-error: true
- fail-on-empty: true
- - name: Publish test report link
- run: echo "[Test Results - test/Bff.Tests](${{ steps.test-report-test-Bff-Tests.outputs.url_html }})" >> $GITHUB_STEP_SUMMARY
- playwright:
- name: Playwright tests
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- permissions:
- actions: read
- checks: write
- contents: read
- defaults:
- run:
- shell: bash
- working-directory: bff
- timeout-minutes: 15
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Restore
- run: dotnet restore bff.slnf
- - name: Build
- run: dotnet build bff.slnf --no-restore -c Release
- - id: playwright-cache
- name: Cache Playwright assets
- uses: actions/cache@v4
- with:
- path: ~/.cache/ms-playwright
- key: playwright-${{ runner.os }}-${{ hashFiles('**/Hosts.Tests.csproj') }}
- restore-keys: playwright-${{ runner.os }}-
- - name: Install Playwright
- if: steps.playwright-cache.outputs.cache-hit != 'true'
- run: pwsh test/Hosts.Tests/bin/Release/net10.0/playwright.ps1 install --with-deps
- - name: Dotnet devcerts
- run: dotnet dev-certs https --trust
- - name: Test - test/Hosts.Tests
- run: dotnet test test/Hosts.Tests -c Release --no-build --logger "console;verbosity=normal" --logger "trx;LogFileName=test/Hosts.Tests-tests.trx" --collect:"XPlat Code Coverage"
- - id: test-report-test-Hosts-Tests
- name: Test report - test/Hosts.Tests
- if: github.event_name == 'push' && (success() || failure())
- uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
- with:
- name: Test Report - test/Hosts.Tests
- path: '**/test/Hosts.Tests-tests.trx'
- reporter: dotnet-trx
- fail-on-error: true
- fail-on-empty: true
- - name: Publish test report link
- run: echo "[Test Results - test/Hosts.Tests](${{ steps.test-report-test-Hosts-Tests.outputs.url_html }})" >> $GITHUB_STEP_SUMMARY
- - name: Upload playwright traces
- if: success() || failure()
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
- with:
- name: playwright-traces
- path: bff/test/**/playwright-traces/*.zip
- overwrite: true
- retention-days: 15
- codeql:
- name: CodeQL analyze
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- defaults:
- run:
- shell: bash
- working-directory: bff
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- pack:
- name: Pack, sign and push
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- needs:
- - verify-formatting
- - build
- - playwright
- - codeql
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- permissions:
- actions: read
- contents: read
- packages: write
- defaults:
- run:
- shell: bash
- working-directory: bff
- timeout-minutes: 15
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Tool restore
- run: dotnet tool restore
- - name: Pack bff.slnf
- run: dotnet pack -c Release bff.slnf -o artifacts
- - name: Sign packages
- if: github.event == 'push'
- run: |-
- for file in artifacts/*.nupkg; do
- dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
- done
- - name: Push packages to GitHub
- if: github.ref == 'refs/heads/main'
- run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- - name: Upload Artifacts
- if: github.ref == 'refs/heads/main'
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
- with:
- name: artifacts
- path: bff/artifacts/*.nupkg
- overwrite: true
- retention-days: 15
+# This was generated by tool. Edits will be overwritten.
+
+name: bff/ci
+on:
+ workflow_dispatch:
+ push:
+ paths:
+ - .config/dotnet-tools.json
+ - .github/workflows/bff-**
+ - bff/**
+ - .editorconfig
+ - Directory.Packages.props
+ - global.json
+ - src.props
+ - test.props
+ pull_request:
+ paths:
+ - .config/dotnet-tools.json
+ - .github/workflows/bff-**
+ - bff/**
+ - .editorconfig
+ - Directory.Packages.props
+ - global.json
+ - src.props
+ - test.props
+env:
+ DOTNET_NOLOGO: true
+ DOTNET_CLI_TELEMETRY_OPTOUT: true
+jobs:
+ verify-formatting:
+ name: Verify formatting
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ permissions:
+ contents: read
+ defaults:
+ run:
+ shell: bash
+ working-directory: bff
+ timeout-minutes: 15
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Restore
+ run: dotnet restore bff.slnf
+ - name: Verify Formatting
+ run: dotnet format bff.slnf --verify-no-changes --no-restore
+ build:
+ name: Build and test (unit)
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ permissions:
+ actions: read
+ checks: write
+ contents: read
+ packages: write
+ defaults:
+ run:
+ shell: bash
+ working-directory: bff
+ timeout-minutes: 15
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Restore
+ run: dotnet restore bff.slnf
+ - name: Build
+ run: dotnet build bff.slnf --no-restore -c Release
+ - name: Dotnet devcerts
+ run: dotnet dev-certs https --trust
+ - name: Test - test/Bff.Tests
+ run: dotnet test test/Bff.Tests -c Release --no-build --logger "console;verbosity=normal" --logger "trx;LogFileName=test/Bff.Tests-tests.trx" --collect:"XPlat Code Coverage"
+ - id: test-report-test-Bff-Tests
+ name: Test report - test/Bff.Tests
+ if: github.event_name == 'push' && (success() || failure())
+ uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
+ with:
+ name: Test Report - test/Bff.Tests
+ path: '**/test/Bff.Tests-tests.trx'
+ reporter: dotnet-trx
+ fail-on-error: true
+ fail-on-empty: true
+ - name: Publish test report link
+ run: echo "[Test Results - test/Bff.Tests](${{ steps.test-report-test-Bff-Tests.outputs.url_html }})" >> $GITHUB_STEP_SUMMARY
+ playwright:
+ name: Playwright tests
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ permissions:
+ actions: read
+ checks: write
+ contents: read
+ defaults:
+ run:
+ shell: bash
+ working-directory: bff
+ timeout-minutes: 15
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Restore
+ run: dotnet restore bff.slnf
+ - name: Build
+ run: dotnet build bff.slnf --no-restore -c Release
+ - id: playwright-cache
+ name: Cache Playwright assets
+ uses: actions/cache@v4
+ with:
+ path: ~/.cache/ms-playwright
+ key: playwright-${{ runner.os }}-${{ hashFiles('**/Hosts.Tests.csproj') }}
+ restore-keys: playwright-${{ runner.os }}-
+ - name: Install Playwright
+ if: steps.playwright-cache.outputs.cache-hit != 'true'
+ run: pwsh test/Hosts.Tests/bin/Release/net10.0/playwright.ps1 install --with-deps
+ - name: Dotnet devcerts
+ run: dotnet dev-certs https --trust
+ - name: Test - test/Hosts.Tests
+ run: dotnet test test/Hosts.Tests -c Release --no-build --logger "console;verbosity=normal" --logger "trx;LogFileName=test/Hosts.Tests-tests.trx" --collect:"XPlat Code Coverage"
+ - id: test-report-test-Hosts-Tests
+ name: Test report - test/Hosts.Tests
+ if: github.event_name == 'push' && (success() || failure())
+ uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
+ with:
+ name: Test Report - test/Hosts.Tests
+ path: '**/test/Hosts.Tests-tests.trx'
+ reporter: dotnet-trx
+ fail-on-error: true
+ fail-on-empty: true
+ - name: Publish test report link
+ run: echo "[Test Results - test/Hosts.Tests](${{ steps.test-report-test-Hosts-Tests.outputs.url_html }})" >> $GITHUB_STEP_SUMMARY
+ - name: Upload playwright traces
+ if: success() || failure()
+ uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
+ with:
+ name: playwright-traces
+ path: bff/test/**/playwright-traces/*.zip
+ overwrite: true
+ retention-days: 15
+ codeql:
+ name: CodeQL analyze
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ defaults:
+ run:
+ shell: bash
+ working-directory: bff
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ pack:
+ name: Pack, sign and push
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ needs:
+ - verify-formatting
+ - build
+ - playwright
+ - codeql
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ permissions:
+ actions: read
+ contents: read
+ packages: write
+ defaults:
+ run:
+ shell: bash
+ working-directory: bff
+ timeout-minutes: 15
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Tool restore
+ run: dotnet tool restore
+ - name: Pack bff.slnf
+ run: dotnet pack -c Release bff.slnf -o artifacts
+ - name: Sign packages
+ if: github.event == 'push'
+ run: |-
+ for file in artifacts/*.nupkg; do
+ dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
+ done
+ - name: Push packages to GitHub
+ if: github.ref == 'refs/heads/main'
+ run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ - name: Upload Artifacts
+ if: github.ref == 'refs/heads/main'
+ uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
+ with:
+ name: artifacts
+ path: bff/artifacts/*.nupkg
+ overwrite: true
+ retention-days: 15
diff --git a/.github/workflows/bff-release.yml b/.github/workflows/bff-release.yml
index bdfeac09c..d2c475f6b 100644
--- a/.github/workflows/bff-release.yml
+++ b/.github/workflows/bff-release.yml
@@ -1,118 +1,112 @@
-# This was generated by tool. Edits will be overwritten.
-
-name: bff/release
-on:
- workflow_dispatch:
- inputs:
- version:
- description: 'Version in format X.Y.Z, X.Y.Z-preview.N, or X.Y.Z-rc.N'
- type: string
- required: true
- default: '0.0.0'
- branch:
- description: '(Optional) the name of the branch to release from'
- type: string
- required: false
- default: 'main'
- remove-tag-if-exists:
- description: 'If set, will remove the existing tag. Use this if you have issues with the previous release action'
- type: boolean
- required: false
- default: false
-env:
- DOTNET_NOLOGO: true
- DOTNET_CLI_TELEMETRY_OPTOUT: true
-jobs:
- tag:
- name: Tag and Pack
- runs-on: ubuntu-latest
- permissions:
- contents: write
- packages: write
- defaults:
- run:
- shell: bash
- working-directory: bff
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: Validate Version Input
- run: echo '${{ github.event.inputs.version }}' | grep -P '^\d+\.\d+\.\d+(-preview\.\d+|-rc\.\d+)?$' || (echo 'Invalid version format' && exit 1)
- - name: Checkout target branch
- if: github.event.inputs.branch != 'main'
- run: git checkout ${{ github.event.inputs.branch }}
- - name: Git Config
- run: |-
- git config --global user.email "github-bot@duendesoftware.com"
- git config --global user.name "Duende Software GitHub Bot"
- - name: Git Config
- if: github.event.inputs['remove-tag-if-exists'] == 'true'
- run: |-
- if git rev-parse bff-${{ github.event.inputs.version }} >/dev/null 2>&1; then
- git tag -d bff-${{ github.event.inputs.version }}
- git push --delete origin bff-${{ github.event.inputs.version }}
- else
- echo 'Tag bff-${{ github.event.inputs.version }} does not exist.'
- fi
- - name: Git Config
- run: |-
- git tag -a bff-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
- git push origin bff-${{ github.event.inputs.version }}
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Pack bff.slnf
- run: dotnet pack -c Release bff.slnf -o artifacts
- - name: Tool restore
- run: dotnet tool restore
- - name: Sign packages
- run: |-
- for file in artifacts/*.nupkg; do
- dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
- done
- - name: Push packages to GitHub
- run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- - name: Upload Artifacts
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
- with:
- name: artifacts
- path: bff/artifacts/*.nupkg
- overwrite: true
- retention-days: 15
- publish:
- name: Publish to nuget.org
- needs:
- - tag
- runs-on: ubuntu-latest
- environment:
- name: nuget.org
- steps:
- - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
- with:
- name: artifacts
- path: artifacts
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: List files
- run: tree
- shell: bash
- - name: Push packages to nuget.org
- run: dotnet nuget push artifacts/*.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_ORG_API_KEY }} --skip-duplicate
+# This was generated by tool. Edits will be overwritten.
+
+name: bff/release
+on:
+ workflow_dispatch:
+ inputs:
+ version:
+ description: 'Version in format X.Y.Z, X.Y.Z-preview.N, or X.Y.Z-rc.N'
+ type: string
+ required: true
+ default: '0.0.0'
+ branch:
+ description: '(Optional) the name of the branch to release from'
+ type: string
+ required: false
+ default: 'main'
+ remove-tag-if-exists:
+ description: 'If set, will remove the existing tag. Use this if you have issues with the previous release action'
+ type: boolean
+ required: false
+ default: false
+env:
+ DOTNET_NOLOGO: true
+ DOTNET_CLI_TELEMETRY_OPTOUT: true
+jobs:
+ tag:
+ name: Tag and Pack
+ runs-on: ubuntu-latest
+ permissions:
+ contents: write
+ packages: write
+ defaults:
+ run:
+ shell: bash
+ working-directory: bff
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: Validate Version Input
+ run: echo '${{ github.event.inputs.version }}' | grep -P '^\d+\.\d+\.\d+(-preview\.\d+|-rc\.\d+)?$' || (echo 'Invalid version format' && exit 1)
+ - name: Checkout target branch
+ if: github.event.inputs.branch != 'main'
+ run: git checkout ${{ github.event.inputs.branch }}
+ - name: Git Config
+ run: |-
+ git config --global user.email "github-bot@duendesoftware.com"
+ git config --global user.name "Duende Software GitHub Bot"
+ - name: Git Config
+ if: github.event.inputs['remove-tag-if-exists'] == 'true'
+ run: |-
+ if git rev-parse bff-${{ github.event.inputs.version }} >/dev/null 2>&1; then
+ git tag -d bff-${{ github.event.inputs.version }}
+ git push --delete origin bff-${{ github.event.inputs.version }}
+ else
+ echo 'Tag bff-${{ github.event.inputs.version }} does not exist.'
+ fi
+ - name: Git Config
+ run: |-
+ git tag -a bff-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
+ git push origin bff-${{ github.event.inputs.version }}
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Pack bff.slnf
+ run: dotnet pack -c Release bff.slnf -o artifacts
+ - name: Tool restore
+ run: dotnet tool restore
+ - name: Sign packages
+ run: |-
+ for file in artifacts/*.nupkg; do
+ dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
+ done
+ - name: Push packages to GitHub
+ run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ - name: Upload Artifacts
+ uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
+ with:
+ name: artifacts
+ path: bff/artifacts/*.nupkg
+ overwrite: true
+ retention-days: 15
+ publish:
+ name: Publish to nuget.org
+ needs:
+ - tag
+ runs-on: ubuntu-latest
+ environment:
+ name: nuget.org
+ steps:
+ - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
+ with:
+ name: artifacts
+ path: artifacts
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: List files
+ run: tree
+ shell: bash
+ - name: Push packages to nuget.org
+ run: dotnet nuget push artifacts/*.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_ORG_API_KEY }} --skip-duplicate
diff --git a/.github/workflows/docs-mcp-ci.yml b/.github/workflows/docs-mcp-ci.yml
index af8ffba6b..fd762daa6 100644
--- a/.github/workflows/docs-mcp-ci.yml
+++ b/.github/workflows/docs-mcp-ci.yml
@@ -1,189 +1,180 @@
-# This was generated by tool. Edits will be overwritten.
-
-name: docs-mcp/ci
-on:
- workflow_dispatch:
- push:
- paths:
- - .config/dotnet-tools.json
- - .github/workflows/docs-mcp-**
- - docs-mcp/**
- - .editorconfig
- - Directory.Packages.props
- - global.json
- - src.props
- - test.props
- pull_request:
- paths:
- - .config/dotnet-tools.json
- - .github/workflows/docs-mcp-**
- - docs-mcp/**
- - .editorconfig
- - Directory.Packages.props
- - global.json
- - src.props
- - test.props
-env:
- DOTNET_NOLOGO: true
- DOTNET_CLI_TELEMETRY_OPTOUT: true
-jobs:
- verify-formatting:
- name: Verify formatting
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- permissions:
- contents: read
- defaults:
- run:
- shell: bash
- working-directory: docs-mcp
- timeout-minutes: 15
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Restore
- run: dotnet restore docs-mcp.slnf
- - name: Verify Formatting
- run: dotnet format docs-mcp.slnf --verify-no-changes --no-restore
- build:
- name: Build and test (unit)
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- permissions:
- actions: read
- checks: write
- contents: read
- packages: write
- defaults:
- run:
- shell: bash
- working-directory: docs-mcp
- timeout-minutes: 15
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Restore
- run: dotnet restore docs-mcp.slnf
- - name: Build
- run: dotnet build docs-mcp.slnf --no-restore -c Release
- - name: Dotnet devcerts
- run: dotnet dev-certs https --trust
- playwright:
- name: Playwright tests
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- permissions:
- actions: read
- checks: write
- contents: read
- defaults:
- run:
- shell: bash
- working-directory: docs-mcp
- timeout-minutes: 15
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- codeql:
- name: CodeQL analyze
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- defaults:
- run:
- shell: bash
- working-directory: docs-mcp
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- pack:
- name: Pack, sign and push
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- needs:
- - verify-formatting
- - build
- - playwright
- - codeql
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- permissions:
- actions: read
- contents: read
- packages: write
- defaults:
- run:
- shell: bash
- working-directory: docs-mcp
- timeout-minutes: 15
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Tool restore
- run: dotnet tool restore
- - name: Pack docs-mcp.slnf
- run: dotnet pack -c Release docs-mcp.slnf -o artifacts
- - name: Sign packages
- if: github.event == 'push'
- run: |-
- for file in artifacts/*.nupkg; do
- dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
- done
- - name: Push packages to GitHub
- if: github.ref == 'refs/heads/main'
- run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- - name: Upload Artifacts
- if: github.ref == 'refs/heads/main'
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
- with:
- name: artifacts
- path: docs-mcp/artifacts/*.nupkg
- overwrite: true
- retention-days: 15
+# This was generated by tool. Edits will be overwritten.
+
+name: docs-mcp/ci
+on:
+ workflow_dispatch:
+ push:
+ paths:
+ - .config/dotnet-tools.json
+ - .github/workflows/docs-mcp-**
+ - docs-mcp/**
+ - .editorconfig
+ - Directory.Packages.props
+ - global.json
+ - src.props
+ - test.props
+ pull_request:
+ paths:
+ - .config/dotnet-tools.json
+ - .github/workflows/docs-mcp-**
+ - docs-mcp/**
+ - .editorconfig
+ - Directory.Packages.props
+ - global.json
+ - src.props
+ - test.props
+env:
+ DOTNET_NOLOGO: true
+ DOTNET_CLI_TELEMETRY_OPTOUT: true
+jobs:
+ verify-formatting:
+ name: Verify formatting
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ permissions:
+ contents: read
+ defaults:
+ run:
+ shell: bash
+ working-directory: docs-mcp
+ timeout-minutes: 15
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Restore
+ run: dotnet restore docs-mcp.slnf
+ - name: Verify Formatting
+ run: dotnet format docs-mcp.slnf --verify-no-changes --no-restore
+ build:
+ name: Build and test (unit)
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ permissions:
+ actions: read
+ checks: write
+ contents: read
+ packages: write
+ defaults:
+ run:
+ shell: bash
+ working-directory: docs-mcp
+ timeout-minutes: 15
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Restore
+ run: dotnet restore docs-mcp.slnf
+ - name: Build
+ run: dotnet build docs-mcp.slnf --no-restore -c Release
+ - name: Dotnet devcerts
+ run: dotnet dev-certs https --trust
+ playwright:
+ name: Playwright tests
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ permissions:
+ actions: read
+ checks: write
+ contents: read
+ defaults:
+ run:
+ shell: bash
+ working-directory: docs-mcp
+ timeout-minutes: 15
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ codeql:
+ name: CodeQL analyze
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ defaults:
+ run:
+ shell: bash
+ working-directory: docs-mcp
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ pack:
+ name: Pack, sign and push
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ needs:
+ - verify-formatting
+ - build
+ - playwright
+ - codeql
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ permissions:
+ actions: read
+ contents: read
+ packages: write
+ defaults:
+ run:
+ shell: bash
+ working-directory: docs-mcp
+ timeout-minutes: 15
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Tool restore
+ run: dotnet tool restore
+ - name: Pack docs-mcp.slnf
+ run: dotnet pack -c Release docs-mcp.slnf -o artifacts
+ - name: Sign packages
+ if: github.event == 'push'
+ run: |-
+ for file in artifacts/*.nupkg; do
+ dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
+ done
+ - name: Push packages to GitHub
+ if: github.ref == 'refs/heads/main'
+ run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ - name: Upload Artifacts
+ if: github.ref == 'refs/heads/main'
+ uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
+ with:
+ name: artifacts
+ path: docs-mcp/artifacts/*.nupkg
+ overwrite: true
+ retention-days: 15
diff --git a/.github/workflows/docs-mcp-release.yml b/.github/workflows/docs-mcp-release.yml
index 6581e10ea..658395abe 100644
--- a/.github/workflows/docs-mcp-release.yml
+++ b/.github/workflows/docs-mcp-release.yml
@@ -1,118 +1,112 @@
-# This was generated by tool. Edits will be overwritten.
-
-name: docs-mcp/release
-on:
- workflow_dispatch:
- inputs:
- version:
- description: 'Version in format X.Y.Z, X.Y.Z-preview.N, or X.Y.Z-rc.N'
- type: string
- required: true
- default: '0.0.0'
- branch:
- description: '(Optional) the name of the branch to release from'
- type: string
- required: false
- default: 'main'
- remove-tag-if-exists:
- description: 'If set, will remove the existing tag. Use this if you have issues with the previous release action'
- type: boolean
- required: false
- default: false
-env:
- DOTNET_NOLOGO: true
- DOTNET_CLI_TELEMETRY_OPTOUT: true
-jobs:
- tag:
- name: Tag and Pack
- runs-on: ubuntu-latest
- permissions:
- contents: write
- packages: write
- defaults:
- run:
- shell: bash
- working-directory: docs-mcp
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: Validate Version Input
- run: echo '${{ github.event.inputs.version }}' | grep -P '^\d+\.\d+\.\d+(-preview\.\d+|-rc\.\d+)?$' || (echo 'Invalid version format' && exit 1)
- - name: Checkout target branch
- if: github.event.inputs.branch != 'main'
- run: git checkout ${{ github.event.inputs.branch }}
- - name: Git Config
- run: |-
- git config --global user.email "github-bot@duendesoftware.com"
- git config --global user.name "Duende Software GitHub Bot"
- - name: Git Config
- if: github.event.inputs['remove-tag-if-exists'] == 'true'
- run: |-
- if git rev-parse dmcp-${{ github.event.inputs.version }} >/dev/null 2>&1; then
- git tag -d dmcp-${{ github.event.inputs.version }}
- git push --delete origin dmcp-${{ github.event.inputs.version }}
- else
- echo 'Tag dmcp-${{ github.event.inputs.version }} does not exist.'
- fi
- - name: Git Config
- run: |-
- git tag -a dmcp-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
- git push origin dmcp-${{ github.event.inputs.version }}
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Pack docs-mcp.slnf
- run: dotnet pack -c Release docs-mcp.slnf -o artifacts
- - name: Tool restore
- run: dotnet tool restore
- - name: Sign packages
- run: |-
- for file in artifacts/*.nupkg; do
- dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
- done
- - name: Push packages to GitHub
- run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- - name: Upload Artifacts
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
- with:
- name: artifacts
- path: docs-mcp/artifacts/*.nupkg
- overwrite: true
- retention-days: 15
- publish:
- name: Publish to nuget.org
- needs:
- - tag
- runs-on: ubuntu-latest
- environment:
- name: nuget.org
- steps:
- - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
- with:
- name: artifacts
- path: artifacts
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: List files
- run: tree
- shell: bash
- - name: Push packages to nuget.org
- run: dotnet nuget push artifacts/*.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_ORG_API_KEY }} --skip-duplicate
+# This was generated by tool. Edits will be overwritten.
+
+name: docs-mcp/release
+on:
+ workflow_dispatch:
+ inputs:
+ version:
+ description: 'Version in format X.Y.Z, X.Y.Z-preview.N, or X.Y.Z-rc.N'
+ type: string
+ required: true
+ default: '0.0.0'
+ branch:
+ description: '(Optional) the name of the branch to release from'
+ type: string
+ required: false
+ default: 'main'
+ remove-tag-if-exists:
+ description: 'If set, will remove the existing tag. Use this if you have issues with the previous release action'
+ type: boolean
+ required: false
+ default: false
+env:
+ DOTNET_NOLOGO: true
+ DOTNET_CLI_TELEMETRY_OPTOUT: true
+jobs:
+ tag:
+ name: Tag and Pack
+ runs-on: ubuntu-latest
+ permissions:
+ contents: write
+ packages: write
+ defaults:
+ run:
+ shell: bash
+ working-directory: docs-mcp
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: Validate Version Input
+ run: echo '${{ github.event.inputs.version }}' | grep -P '^\d+\.\d+\.\d+(-preview\.\d+|-rc\.\d+)?$' || (echo 'Invalid version format' && exit 1)
+ - name: Checkout target branch
+ if: github.event.inputs.branch != 'main'
+ run: git checkout ${{ github.event.inputs.branch }}
+ - name: Git Config
+ run: |-
+ git config --global user.email "github-bot@duendesoftware.com"
+ git config --global user.name "Duende Software GitHub Bot"
+ - name: Git Config
+ if: github.event.inputs['remove-tag-if-exists'] == 'true'
+ run: |-
+ if git rev-parse dmcp-${{ github.event.inputs.version }} >/dev/null 2>&1; then
+ git tag -d dmcp-${{ github.event.inputs.version }}
+ git push --delete origin dmcp-${{ github.event.inputs.version }}
+ else
+ echo 'Tag dmcp-${{ github.event.inputs.version }} does not exist.'
+ fi
+ - name: Git Config
+ run: |-
+ git tag -a dmcp-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
+ git push origin dmcp-${{ github.event.inputs.version }}
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Pack docs-mcp.slnf
+ run: dotnet pack -c Release docs-mcp.slnf -o artifacts
+ - name: Tool restore
+ run: dotnet tool restore
+ - name: Sign packages
+ run: |-
+ for file in artifacts/*.nupkg; do
+ dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
+ done
+ - name: Push packages to GitHub
+ run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ - name: Upload Artifacts
+ uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
+ with:
+ name: artifacts
+ path: docs-mcp/artifacts/*.nupkg
+ overwrite: true
+ retention-days: 15
+ publish:
+ name: Publish to nuget.org
+ needs:
+ - tag
+ runs-on: ubuntu-latest
+ environment:
+ name: nuget.org
+ steps:
+ - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
+ with:
+ name: artifacts
+ path: artifacts
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: List files
+ run: tree
+ shell: bash
+ - name: Push packages to nuget.org
+ run: dotnet nuget push artifacts/*.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_ORG_API_KEY }} --skip-duplicate
diff --git a/.github/workflows/identity-server-ci.yml b/.github/workflows/identity-server-ci.yml
index ff60cbaa1..50929465c 100644
--- a/.github/workflows/identity-server-ci.yml
+++ b/.github/workflows/identity-server-ci.yml
@@ -1,264 +1,252 @@
-# This was generated by tool. Edits will be overwritten.
-
-name: identity-server/ci
-on:
- workflow_dispatch:
- push:
- paths:
- - .config/dotnet-tools.json
- - .github/workflows/identity-server-**
- - identity-server/**
- - .editorconfig
- - Directory.Packages.props
- - global.json
- - src.props
- - test.props
- pull_request:
- paths:
- - .config/dotnet-tools.json
- - .github/workflows/identity-server-**
- - identity-server/**
- - .editorconfig
- - Directory.Packages.props
- - global.json
- - src.props
- - test.props
-env:
- DOTNET_NOLOGO: true
- DOTNET_CLI_TELEMETRY_OPTOUT: true
-jobs:
- verify-formatting:
- name: Verify formatting
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- permissions:
- contents: read
- defaults:
- run:
- shell: bash
- working-directory: identity-server
- timeout-minutes: 15
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Restore
- run: dotnet restore identity-server.slnf
- - name: Verify Formatting
- run: dotnet format identity-server.slnf --verify-no-changes --no-restore
- build:
- name: Build and test (unit)
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- permissions:
- actions: read
- checks: write
- contents: read
- packages: write
- defaults:
- run:
- shell: bash
- working-directory: identity-server
- timeout-minutes: 15
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Restore
- run: dotnet restore identity-server.slnf
- - name: Build
- run: dotnet build identity-server.slnf --no-restore -c Release
- - name: Dotnet devcerts
- run: dotnet dev-certs https --trust
- - name: Test - test/IdentityServer.IntegrationTests
- run: dotnet test test/IdentityServer.IntegrationTests -c Release --no-build --logger "console;verbosity=normal" --logger "trx;LogFileName=test/IdentityServer.IntegrationTests-tests.trx" --collect:"XPlat Code Coverage"
- - id: test-report-test-IdentityServer-IntegrationTests
- name: Test report - test/IdentityServer.IntegrationTests
- if: github.event_name == 'push' && (success() || failure())
- uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
- with:
- name: Test Report - test/IdentityServer.IntegrationTests
- path: '**/test/IdentityServer.IntegrationTests-tests.trx'
- reporter: dotnet-trx
- fail-on-error: true
- fail-on-empty: true
- - name: Publish test report link
- run: echo "[Test Results - test/IdentityServer.IntegrationTests](${{ steps.test-report-test-IdentityServer-IntegrationTests.outputs.url_html }})" >> $GITHUB_STEP_SUMMARY
- - name: Test - test/IdentityServer.UnitTests
- run: dotnet test test/IdentityServer.UnitTests -c Release --no-build --logger "console;verbosity=normal" --logger "trx;LogFileName=test/IdentityServer.UnitTests-tests.trx" --collect:"XPlat Code Coverage"
- - id: test-report-test-IdentityServer-UnitTests
- name: Test report - test/IdentityServer.UnitTests
- if: github.event_name == 'push' && (success() || failure())
- uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
- with:
- name: Test Report - test/IdentityServer.UnitTests
- path: '**/test/IdentityServer.UnitTests-tests.trx'
- reporter: dotnet-trx
- fail-on-error: true
- fail-on-empty: true
- - name: Publish test report link
- run: echo "[Test Results - test/IdentityServer.UnitTests](${{ steps.test-report-test-IdentityServer-UnitTests.outputs.url_html }})" >> $GITHUB_STEP_SUMMARY
- playwright:
- name: Playwright tests
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- permissions:
- actions: read
- checks: write
- contents: read
- defaults:
- run:
- shell: bash
- working-directory: identity-server
- timeout-minutes: 15
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Restore
- run: dotnet restore identity-server.slnf
- - name: Build
- run: dotnet build identity-server.slnf --no-restore -c Release
- - id: playwright-cache
- name: Cache Playwright assets
- uses: actions/cache@v4
- with:
- path: ~/.cache/ms-playwright
- key: playwright-${{ runner.os }}-${{ hashFiles('**/Hosts.Tests.csproj') }}
- restore-keys: playwright-${{ runner.os }}-
- - name: Install Playwright
- if: steps.playwright-cache.outputs.cache-hit != 'true'
- run: pwsh test/IdentityServer.EndToEndTests/bin/Release/net10.0/playwright.ps1 install --with-deps
- - name: Dotnet devcerts
- run: dotnet dev-certs https --trust
- - name: Test - test/IdentityServer.EndToEndTests
- run: dotnet test test/IdentityServer.EndToEndTests -c Release --no-build --logger "console;verbosity=normal" --logger "trx;LogFileName=test/IdentityServer.EndToEndTests-tests.trx" --collect:"XPlat Code Coverage"
- - id: test-report-test-IdentityServer-EndToEndTests
- name: Test report - test/IdentityServer.EndToEndTests
- if: github.event_name == 'push' && (success() || failure())
- uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
- with:
- name: Test Report - test/IdentityServer.EndToEndTests
- path: '**/test/IdentityServer.EndToEndTests-tests.trx'
- reporter: dotnet-trx
- fail-on-error: true
- fail-on-empty: true
- - name: Publish test report link
- run: echo "[Test Results - test/IdentityServer.EndToEndTests](${{ steps.test-report-test-IdentityServer-EndToEndTests.outputs.url_html }})" >> $GITHUB_STEP_SUMMARY
- - name: Upload playwright traces
- if: success() || failure()
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
- with:
- name: playwright-traces
- path: identity-server/test/**/playwright-traces/*.zip
- overwrite: true
- retention-days: 15
- codeql:
- name: CodeQL analyze
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- defaults:
- run:
- shell: bash
- working-directory: identity-server
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- pack:
- name: Pack, sign and push
- if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
- needs:
- - verify-formatting
- - build
- - playwright
- - codeql
- runs-on:
- group: large
- labels: [ubuntu-latest-x64-16core]
- permissions:
- actions: read
- contents: read
- packages: write
- defaults:
- run:
- shell: bash
- working-directory: identity-server
- timeout-minutes: 15
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Tool restore
- run: dotnet tool restore
- - name: Pack identity-server.slnf
- run: dotnet pack -c Release identity-server.slnf -o artifacts
- - name: Sign packages
- if: github.event == 'push'
- run: |-
- for file in artifacts/*.nupkg; do
- dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
- done
- - name: Push packages to GitHub
- if: github.ref == 'refs/heads/main'
- run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- - name: Upload Artifacts
- if: github.ref == 'refs/heads/main'
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
- with:
- name: artifacts
- path: identity-server/artifacts/*.nupkg
- overwrite: true
- retention-days: 15
+# This was generated by tool. Edits will be overwritten.
+
+name: identity-server/ci
+on:
+ workflow_dispatch:
+ push:
+ paths:
+ - .config/dotnet-tools.json
+ - .github/workflows/identity-server-**
+ - identity-server/**
+ - .editorconfig
+ - Directory.Packages.props
+ - global.json
+ - src.props
+ - test.props
+ pull_request:
+ paths:
+ - .config/dotnet-tools.json
+ - .github/workflows/identity-server-**
+ - identity-server/**
+ - .editorconfig
+ - Directory.Packages.props
+ - global.json
+ - src.props
+ - test.props
+env:
+ DOTNET_NOLOGO: true
+ DOTNET_CLI_TELEMETRY_OPTOUT: true
+jobs:
+ verify-formatting:
+ name: Verify formatting
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ permissions:
+ contents: read
+ defaults:
+ run:
+ shell: bash
+ working-directory: identity-server
+ timeout-minutes: 15
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Restore
+ run: dotnet restore identity-server.slnf
+ - name: Verify Formatting
+ run: dotnet format identity-server.slnf --verify-no-changes --no-restore
+ build:
+ name: Build and test (unit)
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ permissions:
+ actions: read
+ checks: write
+ contents: read
+ packages: write
+ defaults:
+ run:
+ shell: bash
+ working-directory: identity-server
+ timeout-minutes: 15
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Restore
+ run: dotnet restore identity-server.slnf
+ - name: Build
+ run: dotnet build identity-server.slnf --no-restore -c Release
+ - name: Dotnet devcerts
+ run: dotnet dev-certs https --trust
+ - name: Test - test/IdentityServer.IntegrationTests
+ run: dotnet test test/IdentityServer.IntegrationTests -c Release --no-build --logger "console;verbosity=normal" --logger "trx;LogFileName=test/IdentityServer.IntegrationTests-tests.trx" --collect:"XPlat Code Coverage"
+ - id: test-report-test-IdentityServer-IntegrationTests
+ name: Test report - test/IdentityServer.IntegrationTests
+ if: github.event_name == 'push' && (success() || failure())
+ uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
+ with:
+ name: Test Report - test/IdentityServer.IntegrationTests
+ path: '**/test/IdentityServer.IntegrationTests-tests.trx'
+ reporter: dotnet-trx
+ fail-on-error: true
+ fail-on-empty: true
+ - name: Publish test report link
+ run: echo "[Test Results - test/IdentityServer.IntegrationTests](${{ steps.test-report-test-IdentityServer-IntegrationTests.outputs.url_html }})" >> $GITHUB_STEP_SUMMARY
+ - name: Test - test/IdentityServer.UnitTests
+ run: dotnet test test/IdentityServer.UnitTests -c Release --no-build --logger "console;verbosity=normal" --logger "trx;LogFileName=test/IdentityServer.UnitTests-tests.trx" --collect:"XPlat Code Coverage"
+ - id: test-report-test-IdentityServer-UnitTests
+ name: Test report - test/IdentityServer.UnitTests
+ if: github.event_name == 'push' && (success() || failure())
+ uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
+ with:
+ name: Test Report - test/IdentityServer.UnitTests
+ path: '**/test/IdentityServer.UnitTests-tests.trx'
+ reporter: dotnet-trx
+ fail-on-error: true
+ fail-on-empty: true
+ - name: Publish test report link
+ run: echo "[Test Results - test/IdentityServer.UnitTests](${{ steps.test-report-test-IdentityServer-UnitTests.outputs.url_html }})" >> $GITHUB_STEP_SUMMARY
+ playwright:
+ name: Playwright tests
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ permissions:
+ actions: read
+ checks: write
+ contents: read
+ defaults:
+ run:
+ shell: bash
+ working-directory: identity-server
+ timeout-minutes: 15
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Restore
+ run: dotnet restore identity-server.slnf
+ - name: Build
+ run: dotnet build identity-server.slnf --no-restore -c Release
+ - id: playwright-cache
+ name: Cache Playwright assets
+ uses: actions/cache@v4
+ with:
+ path: ~/.cache/ms-playwright
+ key: playwright-${{ runner.os }}-${{ hashFiles('**/Hosts.Tests.csproj') }}
+ restore-keys: playwright-${{ runner.os }}-
+ - name: Install Playwright
+ if: steps.playwright-cache.outputs.cache-hit != 'true'
+ run: pwsh test/IdentityServer.EndToEndTests/bin/Release/net10.0/playwright.ps1 install --with-deps
+ - name: Dotnet devcerts
+ run: dotnet dev-certs https --trust
+ - name: Test - test/IdentityServer.EndToEndTests
+ run: dotnet test test/IdentityServer.EndToEndTests -c Release --no-build --logger "console;verbosity=normal" --logger "trx;LogFileName=test/IdentityServer.EndToEndTests-tests.trx" --collect:"XPlat Code Coverage"
+ - id: test-report-test-IdentityServer-EndToEndTests
+ name: Test report - test/IdentityServer.EndToEndTests
+ if: github.event_name == 'push' && (success() || failure())
+ uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5
+ with:
+ name: Test Report - test/IdentityServer.EndToEndTests
+ path: '**/test/IdentityServer.EndToEndTests-tests.trx'
+ reporter: dotnet-trx
+ fail-on-error: true
+ fail-on-empty: true
+ - name: Publish test report link
+ run: echo "[Test Results - test/IdentityServer.EndToEndTests](${{ steps.test-report-test-IdentityServer-EndToEndTests.outputs.url_html }})" >> $GITHUB_STEP_SUMMARY
+ - name: Upload playwright traces
+ if: success() || failure()
+ uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
+ with:
+ name: playwright-traces
+ path: identity-server/test/**/playwright-traces/*.zip
+ overwrite: true
+ retention-days: 15
+ codeql:
+ name: CodeQL analyze
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ defaults:
+ run:
+ shell: bash
+ working-directory: identity-server
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ pack:
+ name: Pack, sign and push
+ if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || (github.event_name == 'push') || (github.event_name == 'workflow_dispatch')
+ needs:
+ - verify-formatting
+ - build
+ - playwright
+ - codeql
+ runs-on:
+ group: large
+ labels: [ubuntu-latest-x64-16core]
+ permissions:
+ actions: read
+ contents: read
+ packages: write
+ defaults:
+ run:
+ shell: bash
+ working-directory: identity-server
+ timeout-minutes: 15
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Tool restore
+ run: dotnet tool restore
+ - name: Pack identity-server.slnf
+ run: dotnet pack -c Release identity-server.slnf -o artifacts
+ - name: Sign packages
+ if: github.event == 'push'
+ run: |-
+ for file in artifacts/*.nupkg; do
+ dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
+ done
+ - name: Push packages to GitHub
+ if: github.ref == 'refs/heads/main'
+ run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ - name: Upload Artifacts
+ if: github.ref == 'refs/heads/main'
+ uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
+ with:
+ name: artifacts
+ path: identity-server/artifacts/*.nupkg
+ overwrite: true
+ retention-days: 15
diff --git a/.github/workflows/identity-server-release.yml b/.github/workflows/identity-server-release.yml
index e66d0e7a5..cb09bbc41 100644
--- a/.github/workflows/identity-server-release.yml
+++ b/.github/workflows/identity-server-release.yml
@@ -1,118 +1,112 @@
-# This was generated by tool. Edits will be overwritten.
-
-name: identity-server/release
-on:
- workflow_dispatch:
- inputs:
- version:
- description: 'Version in format X.Y.Z, X.Y.Z-preview.N, or X.Y.Z-rc.N'
- type: string
- required: true
- default: '0.0.0'
- branch:
- description: '(Optional) the name of the branch to release from'
- type: string
- required: false
- default: 'main'
- remove-tag-if-exists:
- description: 'If set, will remove the existing tag. Use this if you have issues with the previous release action'
- type: boolean
- required: false
- default: false
-env:
- DOTNET_NOLOGO: true
- DOTNET_CLI_TELEMETRY_OPTOUT: true
-jobs:
- tag:
- name: Tag and Pack
- runs-on: ubuntu-latest
- permissions:
- contents: write
- packages: write
- defaults:
- run:
- shell: bash
- working-directory: identity-server
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: Validate Version Input
- run: echo '${{ github.event.inputs.version }}' | grep -P '^\d+\.\d+\.\d+(-preview\.\d+|-rc\.\d+)?$' || (echo 'Invalid version format' && exit 1)
- - name: Checkout target branch
- if: github.event.inputs.branch != 'main'
- run: git checkout ${{ github.event.inputs.branch }}
- - name: Git Config
- run: |-
- git config --global user.email "github-bot@duendesoftware.com"
- git config --global user.name "Duende Software GitHub Bot"
- - name: Git Config
- if: github.event.inputs['remove-tag-if-exists'] == 'true'
- run: |-
- if git rev-parse is-${{ github.event.inputs.version }} >/dev/null 2>&1; then
- git tag -d is-${{ github.event.inputs.version }}
- git push --delete origin is-${{ github.event.inputs.version }}
- else
- echo 'Tag is-${{ github.event.inputs.version }} does not exist.'
- fi
- - name: Git Config
- run: |-
- git tag -a is-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
- git push origin is-${{ github.event.inputs.version }}
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Pack identity-server.slnf
- run: dotnet pack -c Release identity-server.slnf -o artifacts
- - name: Tool restore
- run: dotnet tool restore
- - name: Sign packages
- run: |-
- for file in artifacts/*.nupkg; do
- dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
- done
- - name: Push packages to GitHub
- run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- - name: Upload Artifacts
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
- with:
- name: artifacts
- path: identity-server/artifacts/*.nupkg
- overwrite: true
- retention-days: 15
- publish:
- name: Publish to nuget.org
- needs:
- - tag
- runs-on: ubuntu-latest
- environment:
- name: nuget.org
- steps:
- - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
- with:
- name: artifacts
- path: artifacts
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: List files
- run: tree
- shell: bash
- - name: Push packages to nuget.org
- run: dotnet nuget push artifacts/*.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_ORG_API_KEY }} --skip-duplicate
+# This was generated by tool. Edits will be overwritten.
+
+name: identity-server/release
+on:
+ workflow_dispatch:
+ inputs:
+ version:
+ description: 'Version in format X.Y.Z, X.Y.Z-preview.N, or X.Y.Z-rc.N'
+ type: string
+ required: true
+ default: '0.0.0'
+ branch:
+ description: '(Optional) the name of the branch to release from'
+ type: string
+ required: false
+ default: 'main'
+ remove-tag-if-exists:
+ description: 'If set, will remove the existing tag. Use this if you have issues with the previous release action'
+ type: boolean
+ required: false
+ default: false
+env:
+ DOTNET_NOLOGO: true
+ DOTNET_CLI_TELEMETRY_OPTOUT: true
+jobs:
+ tag:
+ name: Tag and Pack
+ runs-on: ubuntu-latest
+ permissions:
+ contents: write
+ packages: write
+ defaults:
+ run:
+ shell: bash
+ working-directory: identity-server
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: Validate Version Input
+ run: echo '${{ github.event.inputs.version }}' | grep -P '^\d+\.\d+\.\d+(-preview\.\d+|-rc\.\d+)?$' || (echo 'Invalid version format' && exit 1)
+ - name: Checkout target branch
+ if: github.event.inputs.branch != 'main'
+ run: git checkout ${{ github.event.inputs.branch }}
+ - name: Git Config
+ run: |-
+ git config --global user.email "github-bot@duendesoftware.com"
+ git config --global user.name "Duende Software GitHub Bot"
+ - name: Git Config
+ if: github.event.inputs['remove-tag-if-exists'] == 'true'
+ run: |-
+ if git rev-parse is-${{ github.event.inputs.version }} >/dev/null 2>&1; then
+ git tag -d is-${{ github.event.inputs.version }}
+ git push --delete origin is-${{ github.event.inputs.version }}
+ else
+ echo 'Tag is-${{ github.event.inputs.version }} does not exist.'
+ fi
+ - name: Git Config
+ run: |-
+ git tag -a is-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
+ git push origin is-${{ github.event.inputs.version }}
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Pack identity-server.slnf
+ run: dotnet pack -c Release identity-server.slnf -o artifacts
+ - name: Tool restore
+ run: dotnet tool restore
+ - name: Sign packages
+ run: |-
+ for file in artifacts/*.nupkg; do
+ dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
+ done
+ - name: Push packages to GitHub
+ run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ - name: Upload Artifacts
+ uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
+ with:
+ name: artifacts
+ path: identity-server/artifacts/*.nupkg
+ overwrite: true
+ retention-days: 15
+ publish:
+ name: Publish to nuget.org
+ needs:
+ - tag
+ runs-on: ubuntu-latest
+ environment:
+ name: nuget.org
+ steps:
+ - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
+ with:
+ name: artifacts
+ path: artifacts
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: List files
+ run: tree
+ shell: bash
+ - name: Push packages to nuget.org
+ run: dotnet nuget push artifacts/*.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_ORG_API_KEY }} --skip-duplicate
diff --git a/.github/workflows/templates-release.yml b/.github/workflows/templates-release.yml
index ba659d74c..0890b9d9d 100644
--- a/.github/workflows/templates-release.yml
+++ b/.github/workflows/templates-release.yml
@@ -1,118 +1,112 @@
-# This was generated by tool. Edits will be overwritten.
-
-name: templates/release
-on:
- workflow_dispatch:
- inputs:
- version:
- description: 'Version in format X.Y.Z, X.Y.Z-preview.N, or X.Y.Z-rc.N'
- type: string
- required: true
- default: '0.0.0'
- branch:
- description: '(Optional) the name of the branch to release from'
- type: string
- required: false
- default: 'main'
- remove-tag-if-exists:
- description: 'If set, will remove the existing tag. Use this if you have issues with the previous release action'
- type: boolean
- required: false
- default: false
-env:
- DOTNET_NOLOGO: true
- DOTNET_CLI_TELEMETRY_OPTOUT: true
-jobs:
- tag:
- name: Tag and Pack
- runs-on: ubuntu-latest
- permissions:
- contents: write
- packages: write
- defaults:
- run:
- shell: bash
- working-directory: templates
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: Checkout target branch
- if: github.event.inputs.branch != 'main'
- run: git checkout ${{ github.event.inputs.branch }}
- - name: Git Config
- run: |-
- git config --global user.email "github-bot@duendesoftware.com"
- git config --global user.name "Duende Software GitHub Bot"
- - name: Git Config
- if: github.event.inputs['remove-tag-if-exists'] == 'true'
- run: |-
- if git rev-parse templates-${{ github.event.inputs.version }} >/dev/null 2>&1; then
- git tag -d templates-${{ github.event.inputs.version }}
- git push --delete origin templates-${{ github.event.inputs.version }}
- else
- echo 'Tag templates-${{ github.event.inputs.version }} does not exist.'
- fi
- - name: Git Config
- run: |-
- git tag -a templates-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
- git push origin templates-${{ github.event.inputs.version }}
- - name: Tool restore
- run: dotnet tool restore
- - name: build templates
- run: dotnet run --project build
- - name: Pack ../artifacts/templates.csproj
- run: dotnet pack -c Release ../artifacts/templates.csproj -o artifacts
- - name: Sign packages
- run: |-
- for file in artifacts/*.nupkg; do
- dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
- done
- - name: Push packages to GitHub
- run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- - name: Upload Artifacts
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
- with:
- name: artifacts
- path: templates/artifacts/*.nupkg
- overwrite: true
- retention-days: 15
- publish:
- name: Publish to nuget.org
- needs:
- - tag
- runs-on: ubuntu-latest
- environment:
- name: nuget.org
- steps:
- - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
- with:
- name: artifacts
- path: artifacts
- - name: List .net sdks
- run: dotnet --list-sdks
- - name: Setup Dotnet
- uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
- with:
- dotnet-version: |-
- 8.0.x
- 9.0.203
- 10.0.100
- - name: List files
- run: tree
- shell: bash
- - name: Push packages to nuget.org
- run: dotnet nuget push artifacts/*.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_ORG_API_KEY }} --skip-duplicate
+# This was generated by tool. Edits will be overwritten.
+
+name: templates/release
+on:
+ workflow_dispatch:
+ inputs:
+ version:
+ description: 'Version in format X.Y.Z, X.Y.Z-preview.N, or X.Y.Z-rc.N'
+ type: string
+ required: true
+ default: '0.0.0'
+ branch:
+ description: '(Optional) the name of the branch to release from'
+ type: string
+ required: false
+ default: 'main'
+ remove-tag-if-exists:
+ description: 'If set, will remove the existing tag. Use this if you have issues with the previous release action'
+ type: boolean
+ required: false
+ default: false
+env:
+ DOTNET_NOLOGO: true
+ DOTNET_CLI_TELEMETRY_OPTOUT: true
+jobs:
+ tag:
+ name: Tag and Pack
+ runs-on: ubuntu-latest
+ permissions:
+ contents: write
+ packages: write
+ defaults:
+ run:
+ shell: bash
+ working-directory: templates
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: Checkout target branch
+ if: github.event.inputs.branch != 'main'
+ run: git checkout ${{ github.event.inputs.branch }}
+ - name: Git Config
+ run: |-
+ git config --global user.email "github-bot@duendesoftware.com"
+ git config --global user.name "Duende Software GitHub Bot"
+ - name: Git Config
+ if: github.event.inputs['remove-tag-if-exists'] == 'true'
+ run: |-
+ if git rev-parse templates-${{ github.event.inputs.version }} >/dev/null 2>&1; then
+ git tag -d templates-${{ github.event.inputs.version }}
+ git push --delete origin templates-${{ github.event.inputs.version }}
+ else
+ echo 'Tag templates-${{ github.event.inputs.version }} does not exist.'
+ fi
+ - name: Git Config
+ run: |-
+ git tag -a templates-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
+ git push origin templates-${{ github.event.inputs.version }}
+ - name: Tool restore
+ run: dotnet tool restore
+ - name: build templates
+ run: dotnet run --project build
+ - name: Pack ../artifacts/templates.csproj
+ run: dotnet pack -c Release ../artifacts/templates.csproj -o artifacts
+ - name: Sign packages
+ run: |-
+ for file in artifacts/*.nupkg; do
+ dotnet NuGetKeyVaultSignTool sign "$file" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigninghsm.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate NuGetPackageSigning
+ done
+ - name: Push packages to GitHub
+ run: dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ - name: Upload Artifacts
+ uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
+ with:
+ name: artifacts
+ path: templates/artifacts/*.nupkg
+ overwrite: true
+ retention-days: 15
+ publish:
+ name: Publish to nuget.org
+ needs:
+ - tag
+ runs-on: ubuntu-latest
+ environment:
+ name: nuget.org
+ steps:
+ - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
+ with:
+ name: artifacts
+ path: artifacts
+ - name: List .net sdks
+ run: dotnet --list-sdks
+ - name: Setup Dotnet
+ uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25
+ with:
+ dotnet-version: 10.0.100
+ - name: List files
+ run: tree
+ shell: bash
+ - name: Push packages to nuget.org
+ run: dotnet nuget push artifacts/*.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_ORG_API_KEY }} --skip-duplicate