Skip to content
.github/workflows/ci.yml

ci: Move to dotnet-sign #148

Sign in to view logs

ci: Move to dotnet-sign

ci: Move to dotnet-sign #148

Workflow file for this run

.github/workflows/ci.yml at 2cde102
# This is a basic workflow to help you get started with Actions
name: CI
# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the "main" branch
push:
branches:
- main
- release/**
pull_request:
types: [opened, synchronize, reopened]
branches:
- main
- release/**
jobs:
build_fluent:
name: Build Fluent
runs-on: windows-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Setup .NET
uses: actions/setup-dotnet@v1
with:
dotnet-version: '9.0.100'
- uses: dotnet/nbgv@f088059084cb5d872e9d1a994433ca6440c2bf72 # v0.4.2
id: nbgv
with:
toolVersion: 3.6.139
setAllVars: true
- name: Build Fluent Font
run: |
cd nuget
dotnet new classlib -f netstandard2.0 -o uno.fonts.fluent
cd uno.fonts.fluent
rm *.cs
dotnet build -c Release
cp bin\Release\netstandard2.0\uno.fonts.fluent.dll ../Fluent
- name: Pack
run: |
$adjustedPackageVersion="${{ steps.nbgv.outputs.SemVer2 }}".ToLower();
build/nuget.exe pack nuget/Fluent/Uno.Fonts.Fluent.nuspec -Version $adjustedPackageVersion -OutputDirectory ./artifacts
- name: Upload Fluent Artifacts # Changed to have unique name for artifacts
uses: actions/upload-artifact@v4
with:
name: NuGet-Fluent
path: ./artifacts
build_roboto:
name: Build Roboto
runs-on: windows-latest
env:
WIN_SDK_VERSION: '18362'
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Setup .NET
uses: actions/setup-dotnet@v1
with:
dotnet-version: '9.0.100'
- uses: dotnet/nbgv@f088059084cb5d872e9d1a994433ca6440c2bf72 # v0.4.2
id: nbgv
with:
toolVersion: 3.6.139
setAllVars: true
- name: Install Windows SDK (${{ env.WIN_SDK_VERSION }})
shell: pwsh
run: |
build/Install-WindowsSdkISO.ps1 $env:WIN_SDK_VERSION
- name: Add msbuild to PATH
uses: microsoft/setup-msbuild@v1
- name: NuGet Restore
run: |
build\nuget.exe restore nuget\Roboto\Uno.Fonts.Roboto\Uno.Fonts.Roboto.sln
- name: Pack Roboto Font
run: |
$adjustedPackageVersion="${{ steps.nbgv.outputs.SemVer2 }}".ToLower();
msbuild nuget\Roboto\Uno.Fonts.Roboto\Uno.Fonts.Roboto.csproj -t:pack -p:Configuration=Release -p:PackageVersion=$adjustedPackageVersion -p:PackageOutputPath=artifacts
- name: Upload Roboto Artifacts # Changed to have unique name for artifacts
uses: actions/upload-artifact@v4
with:
name: NuGet-Roboto
path: nuget\Roboto\Uno.Fonts.Roboto\artifacts
build_opensans:
name: Build OpenSans
runs-on: windows-latest
env:
WIN_SDK_VERSION: '18362'
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Setup .NET
uses: actions/setup-dotnet@v1
with:
dotnet-version: '9.0.100'
- uses: dotnet/nbgv@f088059084cb5d872e9d1a994433ca6440c2bf72 # v0.4.2
id: nbgv
with:
toolVersion: 3.6.139
setAllVars: true
- name: Pack OpenSans Font
run: |
$adjustedPackageVersion="${{ steps.nbgv.outputs.SemVer2 }}".ToLower();
dotnet pack nuget\OpenSans\Uno.Fonts.OpenSans\Uno.Fonts.OpenSans.csproj -c Release -p:PackageVersion=$adjustedPackageVersion -p:PackageOutputPath=artifacts
- name: Upload OpenSans Artifacts # Changed to have unique name for artifacts
uses: actions/upload-artifact@v4
with:
name: NuGet-OpenSans
path: nuget\OpenSans\Uno.Fonts.OpenSans\artifacts
publish:
name: Publish
if: ${{ github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/release/')) }}
environment: NuGet
runs-on: windows-latest
environment: PackageSign
permissions:
id-token: write # Required for requesting the JWT
needs: [build_fluent, build_roboto, build_opensans]
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Download Fluent Artifacts # Adjusted to download specific artifact
uses: actions/download-artifact@v4
with:
name: NuGet-Fluent
path: artifacts/fluent
- name: Download Roboto Artifacts # Adjusted to download specific artifact
uses: actions/download-artifact@v4
with:
name: NuGet-Roboto
path: artifacts/roboto
- name: Download OpenSans Artifacts # Adjusted to download specific artifact
uses: actions/download-artifact@v4
with:
name: NuGet-OpenSans
path: artifacts/opensans
- name: Setup .NET SDK
uses: actions/setup-dotnet@v1
with:
dotnet-version: '9.0.x'
# Install the code signing tool
- name: Install Sign CLI tool
run: dotnet tool install --tool-path . sign --version 0.9.1-beta.25278.1
# Login to Azure using a ServicePrincipal configured to authenticate against a GitHub Action
- name: 'Az CLI login'
uses: azure/login@v1
with:
allow-no-subscriptions: true
client-id: ${{ secrets.SIGN_AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.SIGN_AZURE_TENANT_ID }}
subscription-id: ${{ secrets.SIGN_AZURE_SUBSCRIPTION_ID }}
# Run the signing command
- name: Sign artifacts
shell: pwsh
run: >

Check failure on line 192 in .github/workflows/ci.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/ci.yml

Invalid workflow file 

You have an error in your yaml syntax on line 192
./sign code azure-key-vault
artifacts\NuGet\*.nupkg
--publisher-name "Uno.Fonts"
--description "Uno.Fonts"
--description-url "https://github.com/${{ env.GITHUB_REPOSITORY }}"
--azure-key-vault-managed-identity true
--azure-key-vault-url "${{ secrets.SIGN_KEY_VAULT_URL }}"
--azure-key-vault-certificate "${{ secrets.SIGN_KEY_VAULT_CERTIFICATE_ID }}"
--verbosity information
- name: Upload Signed Artifacts
uses: actions/upload-artifact@v4
with:
name: NuGet-Signed
path: ./artifacts
- name: NuGet Push
shell: pwsh
run: |
dotnet nuget push artifacts/**/*.nupkg -s https://api.nuget.org/v3/index.json -k ${{ secrets.NUGET_ORG_API_KEY }}