Update workflows
This commit is contained in:
Lance McCarthy
@@ -1,7 +1,4 @@
|
||||
# This workflow has three examples (one for IIS, two using containers)
|
||||
# [Option A] Typical IIS build & publish
|
||||
# [Option B] DOCKER FILE BUILD - publishes the image to ghcr.io (GitHub container registry)
|
||||
# [Option C] .NET SDK CONTAINER BUILD - publishes the image to Docker Hub
|
||||
# For docker publish example, see: main_docker.yml
|
||||
name: Blazor (with Reporting)
|
||||
|
||||
on:
|
||||
@@ -13,17 +10,10 @@ on:
|
||||
paths:
|
||||
- 'src/Blazor/**/*'
|
||||
- '.github/workflows/main_build-blazor.yml'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write # to publish to GitHub container registry
|
||||
id-token: write # # JWT for Akeyless auth
|
||||
|
||||
env:
|
||||
CONFIGURATION: Release
|
||||
BLAZOR_PROJ_PATH: src/Blazor/MyBlazorApp/MyBlazorApp.csproj
|
||||
TEST_PROJ_PATH: src/Blazor/MyBlazorApp.Tests/MyBlazorApp.Tests.csproj
|
||||
NUGET_CONFIG_PATH: src/NuGet.Config
|
||||
PROJ_PATH: src/Blazor/MyBlazorApp.Tests/MyBlazorApp.Tests.csproj
|
||||
DOTNET_VERSION: "10.0.x"
|
||||
|
||||
jobs:
|
||||
@@ -31,78 +21,30 @@ jobs:
|
||||
runs-on: windows-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
# Using AKeyless for secrets in this demo
|
||||
- name: Fetch secrets from AKeyless
|
||||
id: akeyless
|
||||
uses: LanceMcCarthy/akeyless-action@v5
|
||||
with:
|
||||
access-id: 'p-4blpeo5zdfeaom'
|
||||
static-secrets: |
|
||||
{
|
||||
"/progress/TELERIK_NUGET_KEY":"TELERIK_NUGET_KEY",
|
||||
"/progress/TELERIK_LICENSE":"TELERIK_LICENSE_KEY"
|
||||
}
|
||||
export-secrets-to-outputs: true
|
||||
export-secrets-to-environment: false
|
||||
uses: actions/checkout@v6
|
||||
|
||||
- name: Setup .NET Core SDK
|
||||
uses: actions/setup-dotnet@v4
|
||||
uses: actions/setup-dotnet@v5
|
||||
with:
|
||||
dotnet-version: ${{env.DOTNET_VERSION}}
|
||||
|
||||
- name: Restore NuGet Packages
|
||||
run: |
|
||||
dotnet restore ${{env.BLAZOR_PROJ_PATH}} --configfile ${{env.NUGET_CONFIG_PATH}}
|
||||
dotnet restore ${{env.TEST_PROJ_PATH}} --configfile ${{env.NUGET_CONFIG_PATH}}
|
||||
env:
|
||||
TELERIK_USERNAME: "api-key"
|
||||
TELERIK_PASSWORD: ${{steps.akeyless.outputs.TELERIK_NUGET_KEY}}
|
||||
|
||||
- name: Build Test Project
|
||||
run: dotnet build ${{env.TEST_PROJ_PATH}} -c ${{env.CONFIGURATION}} --no-restore
|
||||
run: dotnet build ${{env.PROJ_PATH}} -c ${{env.CONFIGURATION}}
|
||||
env:
|
||||
TELERIK_LICENSE: ${{steps.akeyless.outputs.TELERIK_LICENSE_KEY}}
|
||||
TELERIK_LICENSE: ${{secrets.TELERIK_LICENSE_KEY}}
|
||||
|
||||
build_linux:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
# Using AKeyless for secrets in this demo
|
||||
- name: Fetch secrets from AKeyless
|
||||
id: akeyless
|
||||
uses: LanceMcCarthy/akeyless-action@v5
|
||||
with:
|
||||
access-id: 'p-4blpeo5zdfeaom'
|
||||
static-secrets: |
|
||||
{
|
||||
"/progress/TELERIK_NUGET_KEY":"TELERIK_NUGET_KEY",
|
||||
"/progress/TELERIK_LICENSE":"TELERIK_LICENSE_KEY"
|
||||
}
|
||||
export-secrets-to-outputs: true
|
||||
export-secrets-to-environment: false
|
||||
uses: actions/checkout@v6
|
||||
|
||||
- name: Setup .NET Core SDK
|
||||
uses: actions/setup-dotnet@v4
|
||||
uses: actions/setup-dotnet@v5
|
||||
with:
|
||||
dotnet-version: ${{env.DOTNET_VERSION}}
|
||||
|
||||
- name: Restore NuGet Packages
|
||||
run: |
|
||||
dotnet restore ${{env.BLAZOR_PROJ_PATH}} --configfile ${{env.NUGET_CONFIG_PATH}}
|
||||
dotnet restore ${{env.TEST_PROJ_PATH}} --configfile ${{env.NUGET_CONFIG_PATH}}
|
||||
env:
|
||||
TELERIK_USERNAME: "api-key"
|
||||
TELERIK_PASSWORD: ${{steps.akeyless.outputs.TELERIK_NUGET_KEY}}
|
||||
|
||||
- name: Build Test Project
|
||||
run: dotnet build ${{env.TEST_PROJ_PATH}} -c ${{env.CONFIGURATION}} --no-restore
|
||||
run: dotnet build ${{env.PROJ_PATH}} -c ${{env.CONFIGURATION}}
|
||||
env:
|
||||
TELERIK_LICENSE: ${{steps.akeyless.outputs.TELERIK_LICENSE_KEY}}
|
||||
TELERIK_LICENSE: ${{secrets.TELERIK_LICENSE_KEY}}
|
||||
|
||||
@@ -491,9 +491,15 @@ jobs:
|
||||
codesign -dv --verbose=2 "$APP_BUNDLE_PATH" >/dev/null 2>&1
|
||||
|
||||
echo "Creating signed app zip and installer pkg..."
|
||||
rm -f "$SIGNED_ZIP_PATH" "$SIGNED_PKG_PATH"
|
||||
rm -f "$SIGNED_ZIP_PATH" "$SIGNED_PKG_PATH" component.pkg
|
||||
ditto -c -k --sequesterRsrc --keepParent "$APP_BUNDLE_PATH" "$SIGNED_ZIP_PATH"
|
||||
productbuild --component "$APP_BUNDLE_PATH" /Applications --sign "$INSTALLER_SIGN_ID" "$SIGNED_PKG_PATH"
|
||||
|
||||
# Build an unsigned component pkg with relocation disabled, then wrap it
|
||||
# in a signed distribution pkg. This ensures the app always installs to
|
||||
# /Applications regardless of any existing bundle on the user's machine.
|
||||
pkgbuild --component "$APP_BUNDLE_PATH" --install-location /Applications --no-relocate component.pkg
|
||||
productbuild --package component.pkg --sign "$INSTALLER_SIGN_ID" "$SIGNED_PKG_PATH"
|
||||
rm -f component.pkg
|
||||
|
||||
echo "Done. Signed artifacts:"
|
||||
echo "- $SIGNED_PKG_PATH"
|
||||
|
||||
Reference in New Issue
Block a user