gewuyou/GFramework
1
0
Fork 0
mirror of https://github.com/GeWuYou/GFramework.git synced 2026-03-22 10:34:30 +08:00
Code Issues Packages Projects Releases Wiki Activity
GFramework/.github/workflows/publish.yml
GwWuYou 5cf3bff4cf chore(ci): 添加 NuGet 包调试信息并优化发布流程 
- 添加调试步骤以显示包信息和登录输出长度
- 检查 nuspec 文件中的 id 和 version 字段
- 验证 NuGet API 密钥的输出长度而不打印密钥内容
- 移除创建 GitHub Release 及上传 .nupkg 资产的相关步骤
- 简化发布流程,仅保留必要的 NuGet 推送操作
2025-12-09 17:39:37 +08:00

115 lines
3.9 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

name: Create Release (on tag) + Publish to NuGet (OIDC)
# 触发条件:当有标签被推送到仓库时触发该工作流(例如 v1.0.0 或 1.0.0
on:
push:
tags:
- '*'
# 顶级权限:允许创建 Releasecontents: write和写 packages如果需要
permissions:
contents: write
packages: write
jobs:
build-and-publish:
runs-on: ubuntu-latest
# 允许此 job 请求短时 OIDC tokenNuGet/login 使用)
permissions:
id-token: write
contents: write
packages: write
steps:
- name: Checkout repository (at tag)
uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: true
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: 9.0.x
- name: Restore dependencies
run: dotnet restore
- name: Build
run: dotnet build --no-restore -c Release
- name: Test
run: dotnet test --no-build -c Release --verbosity normal
- name: Pack
run: dotnet pack --no-build -c Release -o ./packages
- name: Show packages
run: ls -la ./packages || true
- name: Get Version and Package Path
id: get_version
run: |
set -e
PACKAGE_FILE=$(find ./packages -name "*.nupkg" | head -n 1)
if [ -z "$PACKAGE_FILE" ]; then
echo "No .nupkg file found in ./packages"
exit 1
fi
VERSION=$(unzip -p "$PACKAGE_FILE" *.nuspec 2>/dev/null | sed -n 's:.*<version>\(.*\)</version>.*:\1:p' | head -n1)
if [ -z "$VERSION" ]; then
echo "Failed to parse version from $PACKAGE_FILE"
exit 1
fi
BASENAME=$(basename "$PACKAGE_FILE")
echo "package_file=$PACKAGE_FILE" >> $GITHUB_OUTPUT
echo "package_basename=$BASENAME" >> $GITHUB_OUTPUT
echo "version=$VERSION" >> $GITHUB_OUTPUT
# -----------------------
# Get a short-lived NuGet API key via GitHub OIDC (NuGet login)
# -----------------------
- name: NuGet login (OIDC → temp API key)
id: login
uses: NuGet/login@v1
with:
# 推荐把用户名放到仓库 Secret不是邮箱例如 ${{ secrets.NUGET_USER }}
# 也可以直接写用户名(不推荐),但通常使用 secret 更安全
user: ${{ secrets.NUGET_USER }}
- name: Debug NuGet/login outputs (no secret printed)
run: |
echo "---- Debug: show package info and login output length ----"
ls -la ./packages || true
PKG=$(find ./packages -name "*.nupkg" | head -n1)
if [ -z "$PKG" ]; then
echo "No .nupkg found"
exit 1
fi
echo "Found package: $PKG"
echo "nuspec <id>:"
unzip -p "$PKG" *.nuspec 2>/dev/null | sed -n 's:.*<id>\(.*\)</id>.*:\1:p' || true
echo "nuspec <version>:"
unzip -p "$PKG" *.nuspec 2>/dev/null | sed -n 's:.*<version>\(.*\)</version>.*:\1:p' || true
# Check NuGet/login output length (do NOT print the key)
echo -n "Length of steps.login.outputs.NUGET_API_KEY: "
echo -n "${{ steps.login.outputs.NUGET_API_KEY }}" | wc -c
echo
# Also check whether the login step reported any error (GitHub Actions will show step logs)
echo "---- end debug ----"
- name: NuGet push (using short-lived API key from NuGet/login)
run: |
set -e
PKG="${{ steps.get_version.outputs.package_file }}"
if [ -z "$PKG" ]; then
echo "No package to push"
exit 1
fi
echo "Pushing $PKG to nuget.org (via OIDC short-lived key)..."
dotnet nuget push "$PKG" \
--api-key "${{ steps.login.outputs.NUGET_API_KEY }}" \
--source https://api.nuget.org/v3/index.json \
--skip-duplicate
Reference in New Issue View Git Blame Copy Permalink