gewuyou/GFramework
1
0
Fork 0
mirror of https://github.com/GeWuYou/GFramework.git synced 2026-03-24 04:06:48 +08:00
Code Issues Packages Projects Releases Wiki Activity
GFramework/.github/workflows/publish.yml
GwWuYou 8058860a80 feat(ci): 发布流程支持 NuGet 和 GitHub Release 双发布 
- 合并发布工作流,支持同时推送到 NuGet 和创建 GitHub Release
- 添加对多个 .nupkg 包的批量推送支持
- 自动从 .nuspec 提取版本号用于 Release 描述
- 使用 OIDC 身份验证增强安全性
- 安装 unzip 工具以支持解析 nupkg 内部结构
- 移除独立的 release.yml 文件,统一到 publish.yml 中管理
2025-12-10 09:13:58 +08:00

149 lines
4.9 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

name: Publish (NuGet + GitHub Release)
# 触发:推送 tag 时触发(例如 v1.0.0 或 1.0.0
on:
push:
tags:
- '*'
# 顶级权限:允许创建 release、写 packages并允许 id-tokenOIDC
permissions:
contents: write
packages: write
id-token: write
jobs:
build-and-publish:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: write
packages: write
steps:
- name: Checkout repository (at tag)
uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: true
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: 9.0.x
- name: Install unzip (for reading .nuspec from .nupkg)
run: sudo apt-get update && sudo apt-get install -y unzip
- name: Restore dependencies
run: dotnet restore
- name: Build
run: dotnet build --no-restore -c Release
- name: Test
run: dotnet test --no-build -c Release --verbosity normal
- name: Determine tag version
id: tag_version
run: |
set -e
echo "GITHUB_REF = ${GITHUB_REF}"
TAG=${GITHUB_REF#refs/tags/}
VERSION=${TAG#v}
VERSION=${VERSION#V}
echo "tag='$TAG' -> version='$VERSION'"
echo "version=$VERSION" >> $GITHUB_OUTPUT
- name: Pack (use tag version)
run: |
set -e
echo "Packing with version=${{ steps.tag_version.outputs.version }}"
dotnet pack --no-build -c Release -o ./packages -p:PackageVersion=${{ steps.tag_version.outputs.version }}
- name: Show packages
run: ls -la ./packages || true
- name: NuGet login (OIDC → temporary API key)
id: nuget_login
uses: NuGet/login@v1
with:
user: ${{ secrets.NUGET_USER }} # 推荐将用户名放 secrets
- name: Push all packages to nuget.org
env:
NUGET_API_KEY: ${{ steps.nuget_login.outputs.NUGET_API_KEY }}
run: |
set -e
echo "Found API key: ${NUGET_API_KEY:+*** present ***}"
pushed_any=false
for PKG in ./packages/*.nupkg; do
[ -f "$PKG" ] || continue
pushed_any=true
echo "Pushing $PKG to nuget.org..."
dotnet nuget push "$PKG" \
--api-key "${NUGET_API_KEY}" \
--source https://api.nuget.org/v3/index.json \
--skip-duplicate
done
if [ "$pushed_any" = false ]; then
echo "No packages found to push."
fi
- name: Get Version and First Package Path
id: get_version
run: |
set -e
PACKAGE_FILE=$(find ./packages -name "*.nupkg" | head -n 1 || true)
if [ -z "$PACKAGE_FILE" ]; then
echo "No .nupkg file found in ./packages"
exit 1
fi
# 从 .nupkgzip里读取 .nuspec 并提取 <version>
VERSION=$(unzip -p "$PACKAGE_FILE" '*.nuspec' 2>/dev/null | sed -n 's:.*<version>\(.*\)</version>.*:\1:p' | head -n1)
if [ -z "$VERSION" ]; then
echo "Failed to parse version from $PACKAGE_FILE"
exit 1
fi
BASENAME=$(basename "$PACKAGE_FILE")
echo "package_file=$PACKAGE_FILE" >> $GITHUB_OUTPUT
echo "package_basename=$BASENAME" >> $GITHUB_OUTPUT
echo "version=$VERSION" >> $GITHUB_OUTPUT
- name: Create GitHub Release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref_name }}
release_name: "Release ${{ github.ref_name }}"
body: "Release created by CI for tag ${{ github.ref_name }} (package version ${{ steps.get_version.outputs.version }})"
draft: false
prerelease: false
- name: Upload all .nupkg to Release (curl)
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
UPLOAD_URL_TEMPLATE: ${{ steps.create_release.outputs.upload_url }}
run: |
set -e
# upload_url from create-release is like: https://uploads.github.com/repos/OWNER/REPO/releases/ID/assets{?name,label}
# strip template part "{?name,label}"
UPLOAD_URL="${UPLOAD_URL_TEMPLATE%\{*}"
echo "Upload base URL: $UPLOAD_URL"
for package_file in ./packages/*.nupkg; do
if [ -f "$package_file" ]; then
basename=$(basename "$package_file")
echo "Uploading $basename to release..."
curl --fail -sS -X POST \
-H "Authorization: Bearer $GITHUB_TOKEN" \
-H "Content-Type: application/octet-stream" \
--data-binary @"$package_file" \
"$UPLOAD_URL?name=$basename"
echo "Uploaded $basename"
fi
done
Reference in New Issue View Git Blame Copy Permalink