-
-
Notifications
You must be signed in to change notification settings - Fork 1
247 lines (233 loc) · 8.7 KB
/
dotnet-build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
on:
workflow_call:
inputs:
runs-on:
type: string
description: The hosted runner to use.
default: windows-latest
name:
type: string
description: The name of the workflow to call.
required: true
submodules:
type: boolean
description: Whether or not to checkout submodules.
default: false
dotnet-version:
type: string
description: The version of dotnet to use.
default: 8.0.201
install-workload:
type: string
description: The name of the workload to install.
required: false
default: ''
jdk-version:
type: string
description: The version of the OpenJdk SDK to use.
required: false
default: ''
uno-check:
type: boolean
description: Whether or not to ensure that the host has all of the Uno prerequisites.
default: false
required: false
uno-check-version:
type: string
description: The version of Uno Check to use.
default: 1.20.2
required: false
uno-check-manifest:
type: string
description: An override to the manifest to use.
default: ''
required: false
uno-check-parameters:
type: string
description: The parameters to pass to the Uno Check command.
default: ''
required: false
windows-sdk-version:
type: string
description: The version of the Windows SDK to use.
required: false
default: ''
solution-path:
type: string
description: The path to the solution or project to build.
required: false
default: ''
build-configuration:
type: string
description: The build configuration to use.
default: Release
required: false
build-args:
type: string
description: The arguments to pass to the build.
required: false
default: ''
run-tests:
type: boolean
description: Whether to run the tests or not.
default: true
required: false
dotnet-test-logger:
type: string
required: false
default: GitHubActions
test-result-path:
type: string
description: The path to the test results.
default: ./TestResults/*.trx
required: false
code-sign:
type: boolean
description: Whether to code sign the build or not.
default: false
required: false
artifacts-path:
type: string
description: The path to the artifacts.
default: ./Artifacts/
required: false
artifact-name:
type: string
description: The name of the artifact.
default: NuGet
nugetFeedUrl:
type: string
description: Url of a Private NuGet feed.
required: false
default: ''
secrets:
nugetUserName:
description: The username to use to access the NuGet feed.
required: false
nugetToken:
description: The token to use to access the NuGet feed.
required: false
codeSignTimestampUrl:
description: The url to the timestamp server.
required: false
codeSignKeyVault:
description: The name of the Azure KeyVault to use.
required: false
codeSignClientId:
description: The client id to use to access the KeyVault.
required: false
codeSignTenantId:
description: The tenant id to use to access the KeyVault.
required: false
codeSignClientSecret:
description: The client secret to use to access the KeyVault.
required: false
codeSignCertificate:
description: The name of the certificate to use to code sign the build.
required: false
codecovToken:
required: false
jobs:
dotnet-build:
runs-on: ${{ inputs.runs-on }}
name: ${{ inputs.name }}
env:
DOTNET_SYSTEM_CONSOLE_ALLOW_ANSI_COLOR_REDIRECTION: true
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
DOTNET_NOLOGO: true
DOTNET_CLI_TELEMETRY_OPTOUT: true
# Secrets can't be referenced in conditionals, but environment variables can.
# https://github.com/github/docs/issues/6861#issuecomment-870757186
CODECOV_TOKEN: ${{ secrets.codecovToken }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: ${{ inputs.submodules }}
- name: Setup .NET ${{ inputs.dotnet-version }}
if: ${{ inputs.dotnet-version }}
uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ inputs.dotnet-version }}
- name: Setup Windows SDK ${{ inputs.windows-sdk-version }}
if: ${{ inputs.windows-sdk-version }}
shell: pwsh
run: |
Write-Host "Downloading Windows SDK installer..."
Invoke-WebRequest -UseBasicParsing -Uri https://raw.githubusercontent.com/avantipoint/workflow-templates/master/build/Install-WindowsSdkISO.ps1 -OutFile Install-WindowsSdkISO.ps1
Write-Host "Finished downloading Windows SDK installer."
"${{ inputs.windows-sdk-version }}".Split(",") | ForEach-Object {
Write-Host "Installing Windows SDK $($_)"
.\Install-WindowsSdkISO.ps1 $_
Write-Host "Finished installing Windows SDK $($_)"
}
- name: Set up OpenJDK ${{ inputs.jdk-version }}
if: ${{ inputs.jdk-version }}
uses: AdoptOpenJDK/install-jdk@v1
with:
version: ${{ inputs.jdk-version }}
architecture: x64
- name: Install .NET Workload
if: ${{ inputs.install-workload }}
run: dotnet workload install ${{ inputs.install-workload }}
- name: Run Uno Check
if: ${{ inputs.uno-check }}
shell: pwsh
run: |
dotnet tool install --global Uno.Check --version ${{ inputs.uno-check-version }}
if ('${{ inputs.uno-check-manifest }}' -eq '') {
uno-check -v --ci --non-interactive --fix --verbose ${{ inputs.uno-check-parameters }}
} else {
uno-check -v --ci --non-interactive --fix --verbose --manifest ${{ inputs.uno-check-manifest }} ${{ inputs.uno-check-parameters }}
}
- name: Add NuGet Feed
if: ${{ inputs.nugetFeedUrl }}
shell: pwsh
run: |
$userName = "${{ secrets.nugetUserName }}"
$token = "${{ secrets.nugetToken }}"
if ($userName -eq '' || $token -eq '') {
dotnet nuget add source ${{ inputs.nugetFeedUrl }} -n NuGetFeed
} else {
dotnet nuget add source ${{ inputs.nugetFeedUrl }} -u $userName -p $token -n NuGetFeed
}
- name: NuGet Restore
run: dotnet restore ${{ inputs.solution-path }}
- name: Build Packages
run: dotnet build ${{ inputs.solution-path }} -c ${{ inputs.build-configuration }} ${{ inputs.build-args }}
- name: Run Tests
if: ${{ inputs.run-tests }}
run: dotnet test ${{ inputs.solution-path }} --configuration ${{ inputs.build-configuration }} --logger ${{ inputs.dotnet-test-logger }} --blame-crash --collect:"XPlat Code Coverage" -- DataCollectionRunSettings.DataCollectors.DataCollector.Configuration.Format=opencover --no-build
- name: Upload Coverage
if: ${{ env.CODECOV_TOKEN }}
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.codecovToken }}
- name: Sign NuGet Packages
if: ${{ inputs.code-sign }}
shell: pwsh
working-directory: ${{ inputs.artifacts-path }}
run: |
dotnet tool install --global NuGetKeyVaultSignTool
$timestampUrl = "${{ secrets.codeSignTimestampUrl }}"
if ($timestampUrl -eq '') {
$timestampUrl = 'http://timestamp.digicert.com'
}
Get-ChildItem -Recurse | Where-Object { $_.Name.EndsWith('.nupkg') -or $_.Name.EndsWith('.snupkg') } | ForEach-Object {
NuGetKeyVaultSignTool sign $_.Name `
--file-digest sha256 `
--timestamp-rfc3161 $timestampUrl `
--timestamp-digest sha256 `
--azure-key-vault-url '${{ secrets.codeSignKeyVault }}' `
--azure-key-vault-client-id '${{ secrets.codeSignClientId }}' `
--azure-key-vault-tenant-id '${{ secrets.codeSignTenantId }}' `
--azure-key-vault-client-secret '${{ secrets.codeSignClientSecret }}' `
--azure-key-vault-certificate '${{ secrets.codeSignCertificate }}'
}
- name: Upload Artifacts
uses: actions/upload-artifact@v4
if: ${{ inputs.artifact-name }}
with:
name: ${{ inputs.artifact-name }}
path: ${{ inputs.artifacts-path }}