Skip to content

#13, use validated principal claims #31

#13, use validated principal claims

#13, use validated principal claims #31

Workflow file for this run

name: ci
permissions:
contents: read
checks: write
packages: write
on:
workflow_dispatch:
push:
pull_request:
env:
DOTNET_NOLOGO: true
DOTNET_CLI_TELEMETRY_OPTOUT: true
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-dotnet@v4
with:
dotnet-version: |
8.0.x
9.0.x
- name: Build
run: dotnet build -c Release AspNetCore.sln
- name: Test
run: |
dotnet test -c Release test/AspNetCore.Authentication.JwtBearer.Tests/AspNetCore.Authentication.JwtBearer.Tests.csproj \
--logger "console;verbosity=normal" \
--logger "trx;LogFileName=Tests.trx" \
--collect:"XPlat Code Coverage"
- name: Test report
id: test-report
uses: dorny/test-reporter@v1
if: success() || failure() # run this step even if previous step failed
with:
name: Test results
path: test/AspNetCore.Authentication.JwtBearer.Tests/TestResults/Tests.trx
reporter: dotnet-trx
fail-on-error: true
fail-on-empty: true
- name: Pack
run: |
dotnet pack -c Release \
src/AspNetCore.Authentication.JwtBearer/AspNetCore.Authentication.JwtBearer.csproj \
--no-build \
-o artifacts
- name: Sign
if: (github.ref == 'refs/heads/main')
run: |
echo "Install Sectigo CodeSiging CA certificates"
sudo apt-get update
sudo apt-get install -y ca-certificates
sudo cp .github/workflows/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
echo "Restore tools"
dotnet tool restore
echo "Sign"
for file in artifacts/*.nupkg; do
dotnet NuGetKeyVaultSignTool sign "$file" \
--file-digest sha256 \
--timestamp-rfc3161 http://timestamp.digicert.com \
--azure-key-vault-url https://duendecodesigning.vault.azure.net/ \
--azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 \
--azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 \
--azure-key-vault-client-secret ${{ secrets.SignClientSecret }} \
--azure-key-vault-certificate CodeSigning
done
- name: Push packages
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: (github.ref == 'refs/heads/main')
run: |
dotnet nuget push artifacts/*.nupkg -s https://www.myget.org/F/duende_identityserver/api/v2/package -k ${{ secrets.MYGET }} --skip-duplicate
dotnet nuget push artifacts/*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
- name: Upload artifacts
uses: actions/upload-artifact@v4
if: (github.ref == 'refs/heads/main')
with:
path: artifacts/*.nupkg
compression-level: 0
overwrite: true
retention-days: 15