release #464

Workflow file for this run

.github/workflows/release.yml at 63a4893

	name: release

	on:
	workflow_dispatch:

	permissions:
	id-token: write
	contents: write

	jobs:
	prereqs:
	name: Prerequisites
	runs-on: ubuntu-latest
	outputs:
	version: ${{ steps.version.outputs.version }}
	steps:
	- uses: actions/checkout@v4

	- name: Set version
	run: echo "version=$(cat VERSION \| sed -E 's/.[0-9]+$//')" >> $GITHUB_OUTPUT
	id: version

	# ================================
	# .NET Tool
	# ================================
	dotnet-tool-build:
	name: Build .NET tool
	runs-on: ubuntu-latest
	needs: prereqs
	steps:
	- uses: actions/checkout@v4

	- name: Set up .NET
	uses: actions/[email protected]
	with:
	dotnet-version: 7.0.x

	- name: Build .NET tool
	run: \|
	src/shared/DotnetTool/layout.sh --configuration=Release

	- name: Upload .NET tool artifacts
	uses: actions/upload-artifact@v4
	with:
	name: tmp.dotnet-tool-build
	path: \|
	out/shared/DotnetTool/nupkg/Release

	dotnet-tool-payload-sign:
	name: Sign .NET tool payload
	# ESRP service requires signing to run on Windows
	runs-on: windows-latest
	environment: release
	needs: dotnet-tool-build
	steps:
	- uses: actions/checkout@v4

	- name: Download payload
	uses: actions/download-artifact@v4
	with:
	name: tmp.dotnet-tool-build

	- name: Log into Azure
	uses: azure/login@v1
	with:
	client-id: ${{ secrets.AZURE_CLIENT_ID }}
	tenant-id: ${{ secrets.AZURE_TENANT_ID }}
	subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

	- name: Download/extract Sign CLI tool
	shell: pwsh
	run: \|
	az storage blob download --file sign-cli.zip --auth-mode login `
	--account-name $env:AZURE_STORAGE_ACCOUNT --container `
	$env:AZURE_STORAGE_CONTAINER --name $env:SIGN_CLI_TOOL
	Expand-Archive -Path sign-cli.zip -DestinationPath .\sign-cli

	- name: Sign payload
	shell: pwsh
	run: \|
	./sign-cli/sign.exe code azcodesign payload/* `
	-acsu https://wus2.codesigning.azure.net/ `
	-acsa git-fundamentals-signing `
	-acscp git-fundamentals-windows-signing `
	-d "Git Fundamentals Windows Signing Certificate" `
	-u "https://github.com/git-ecosystem/git-credential-manager" `
	-acsm true

	- name: Lay out signed payload, images, and symbols
	shell: bash
	run: \|
	mkdir dotnet-tool-payload-sign
	rm -rf payload
	mv images payload.sym -t dotnet-tool-payload-sign
	unzip signed/payload.zip -d dotnet-tool-payload-sign

	- name: Upload signed payload
	uses: actions/upload-artifact@v4
	with:
	name: dotnet-tool-payload-sign
	path: \|
	dotnet-tool-payload-sign

	dotnet-tool-pack:
	name: Package .NET tool
	runs-on: ubuntu-latest
	needs: [prereqs, dotnet-tool-payload-sign]
	steps:
	- uses: actions/checkout@v4

	- name: Download signed payload
	uses: actions/download-artifact@v4
	with:
	name: dotnet-tool-payload-sign
	path: signed

	- name: Set up .NET
	uses: actions/[email protected]
	with:
	dotnet-version: 7.0.x

	- name: Package tool
	run: \|
	src/shared/DotnetTool/pack.sh --configuration=Release \
	--version="${{ needs.prereqs.outputs.version }}" \
	--publish-dir=$(pwd)/signed

	- name: Upload unsigned package
	uses: actions/upload-artifact@v4
	with:
	name: tmp.dotnet-tool-package-unsigned
	path: \|
	out/shared/DotnetTool/nupkg/Release/*.nupkg

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

release #464

Workflow file

release #464

Jobs

Run details

Workflow file for this run