-
Notifications
You must be signed in to change notification settings - Fork 11
216 lines (181 loc) · 6.54 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
name: main
on:
push:
branches:
- main
pull_request:
branches:
- main
release:
types:
- published
env:
# Setting these variables allows .NET CLI to use rich color codes in console output
TERM: xterm
DOTNET_SYSTEM_CONSOLE_ALLOW_ANSI_COLOR_REDIRECTION: true
# Skip boilerplate output
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
DOTNET_NOLOGO: true
DOTNET_CLI_TELEMETRY_OPTOUT: true
# Note that as much as we'd love to avoid repetitive work, splitting the pipeline into separate jobs
# makes it very difficult to share artifacts between them. Even if we succeed, we'll still end up
# pushing and pulling gigabytes worth of data, which makes the jobs so much slower that we might as
# well just repeat the checkout-restore-build steps instead.
# Having a setup that involves separate jobs gives us significant benefits, on the other hand, namely:
# - Most of the jobs can run in parallel, which reduces the overall execution time significantly,
# despite the repetitive work.
# - We can catch more issues this way, for example if the formatting job fails, we can still see the
# the test results too.
# - If one of the jobs fails due to reasons unrelated to our code (e.g. NuGet server is down), we get
# the option to rerun only that job, saving us time.
# - It's easier to understand what each job does (and later, read its output) because the scope is much
# more narrow.
# - We can set permissions on a more granular (per-job) level, which allows us to expose only a few select
# steps to more sensitive access scopes.
jobs:
# Determine version
version:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Determine stable version
id: stable-version
if: ${{ github.event_name == 'release' }}
run: echo "version=${{ github.event.release.tag_name }}" >> $GITHUB_OUTPUT
- name: Determine prerelease version
id: pre-version
if: ${{ github.event_name != 'release' }}
run: |
hash="${{ github.event.pull_request.head.sha || github.sha }}"
echo "version=0.0.0-ci-${hash:0:7}" >> $GITHUB_OUTPUT
outputs:
version: ${{ steps.stable-version.outputs.version || steps.pre-version.outputs.version }}
# Check formatting
format:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Install .NET
uses: actions/setup-dotnet@607fce577a46308457984d59e4954e075820f10a # v3.0.3
- name: Validate format
run: dotnet format --verify-no-changes
# Run tests
test:
runs-on: ${{ matrix.os }}
permissions:
contents: read
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest]
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Install .NET
uses: actions/setup-dotnet@607fce577a46308457984d59e4954e075820f10a # v3.0.3
- name: Run restore
run: dotnet restore
- name: Run build
run: >
dotnet build
--no-restore
--configuration Release
- name: Run tests
run: >
dotnet test
--no-restore
--no-build
--configuration Release
${{ runner.os == 'Windows' && '-p:IncludeNetCoreAppTargets=false' || '' }}
--logger "GitHubActions;summary.includePassedTests=true;summary.includeSkippedTests=true"
--
RunConfiguration.CollectSourceInformation=true
# Pack the output into NuGet packages
pack:
needs: version
runs-on: ubuntu-latest
permissions:
actions: write
contents: read
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Install .NET
uses: actions/setup-dotnet@607fce577a46308457984d59e4954e075820f10a # v3.0.3
- name: Run restore
run: dotnet restore
- name: Run build
run: >
dotnet build
--no-restore
--configuration Release
-p:ContinuousIntegrationBuild=true
- name: Create packages
run: >
dotnet pack
-p:Version=${{ needs.version.outputs.version }}
-p:ContinuousIntegrationBuild=true
--no-restore
--no-build
--configuration Release
- name: Upload artifacts
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: packages
path: "**/*.nupkg"
# Deploy the NuGet packages to the corresponding registries
deploy:
needs:
# Technically, it's not required for the format job to succeed for us to push the package,
# so we may consider removing it as a prerequisite here.
- format
- test
- pack
runs-on: ubuntu-latest
permissions:
actions: read
packages: write
steps:
- name: Download artifacts
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: packages
- name: Install .NET
uses: actions/setup-dotnet@607fce577a46308457984d59e4954e075820f10a # v3.0.3
# Publish to GitHub package registry every time, whether it's a prerelease
# version or a stable release version.
- name: Publish packages (GitHub Registry)
run: >
dotnet nuget push **/*.nupkg
--source https://nuget.pkg.github.com/passwordless/index.json
--api-key ${{ secrets.GITHUB_TOKEN }}
# Only publish to NuGet on stable releases
- name: Publish packages (NuGet Registry)
if: ${{ github.event_name == 'release' }}
run: >
dotnet nuget push **/*.nupkg
--source https://api.nuget.org/v3/index.json
--api-key ${{ secrets.nuget_api_key }}
# Notify the Slack channel about the release
notify:
if: ${{ github.event_name == 'release' }}
needs:
- version
- deploy
runs-on: ubuntu-latest
steps:
- name: Send Slack message
uses: tyrrrz/action-http-request@28a403e52ea0f292b85a1850aeab1b90abc54be0 # 1.0.0
with:
url: ${{ secrets.SLACK_WEBHOOK_URL }}
method: POST
headers: |
Content-Type: application/json; charset=UTF-8
body: |
{
"text": "*Passwordless-dotnet* version `${{ needs.version.outputs.version }}` has been released! 🎉\nDetails: ${{ github.event.release.html_url }}"
}