Fix hook to get the schema endpoints from aspire (#8971) #620
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 🚀 Release | |
| on: | |
| push: | |
| tags: | |
| - "16.*" | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| release: | |
| name: 📦 Build & Publish NuGet Packages | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: 📦 Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| show-progress: false | |
| - name: 🛠 Install .NET | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: | | |
| 8.x | |
| 9.x | |
| 10.x | |
| - name: 🏷 Get the version from tag | |
| run: echo "GIT_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV | |
| - name: 📦 Build NuGet Packages | |
| run: | | |
| ./build.sh pack --SemVersion ${{ env.GIT_TAG }} --Configuration Release | |
| env: | |
| NitroApiClientId: ${{ secrets.NITRO_API_CLIENT_ID }} | |
| NitroIdentityClientId: ${{ secrets.NITRO_IDENTITY_CLIENT_ID }} | |
| NitroIdentityScopes: ${{ secrets.NITRO_IDENTITY_SCOPES }} | |
| - name: 📦 Publish Nitro CLI client | |
| run: | | |
| ./build.sh UploadNitroClient --SemVersion ${{ env.GIT_TAG }} | |
| ./build.sh PublishNitroClient --SemVersion ${{ env.GIT_TAG }} | |
| env: | |
| NitroApiClientId: ${{ secrets.NITRO_API_CLIENT_ID }} | |
| NitroApiKey: ${{ secrets.NITRO_API_KEY }} | |
| - name: 🚀 Push Packages to NuGet | |
| run: | | |
| ./build.cmd publish --skip | |
| env: | |
| NuGetApiKey: ${{ secrets.NUGETAPIKEY }} | |
| - name: 📤 Attach .nupkg assets to GitHub release | |
| run: | | |
| for file in ./output/packages/*.nupkg; do | |
| echo "📤 Uploading $file" | |
| gh release upload ${{ env.GIT_TAG }} "$file" --repo "${{ github.repository }}" | |
| done | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| build-nitro-cli: | |
| name: 🧱 Build and Publish Nitro CLI | |
| runs-on: ${{ matrix.os }} | |
| # We need to depend on this job, as it publishes the persisted operations of the CLI. | |
| needs: [release] | |
| if: startsWith(github.ref, 'refs/tags/') | |
| permissions: | |
| contents: write | |
| strategy: | |
| matrix: | |
| include: | |
| # Linux (x64) | |
| - os: ubuntu-22.04 | |
| rid: linux-x64 | |
| - os: ubuntu-22.04 | |
| rid: linux-musl-x64 | |
| # Linux (arm64 on ARM runner!) | |
| - os: ubuntu-24.04-arm | |
| rid: linux-arm64 | |
| # macOS | |
| - os: macos-15 | |
| rid: osx-x64 | |
| - os: macos-15 | |
| rid: osx-arm64 | |
| # Windows | |
| - os: windows-2025 | |
| rid: win-x64 | |
| - os: windows-2025 | |
| rid: win-x86 | |
| # Windows (arm64 on ARM runner!) | |
| # - os: windows-11-arm | |
| # rid: win-arm64 | |
| steps: | |
| - name: 📦 Checkout | |
| uses: actions/checkout@v4 | |
| - name: 🛠 Install .NET | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: 10.x | |
| - name: 🏷 Get the version from tag (Windows) | |
| if: runner.os == 'Windows' | |
| run: echo "GIT_TAG=$($env:GITHUB_REF -replace '^refs/tags/','')" >> $env:GITHUB_ENV | |
| shell: pwsh | |
| - name: 🏷 Get the version from tag (Unix) | |
| if: runner.os != 'Windows' | |
| run: echo "GIT_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV | |
| shell: bash | |
| - name: 📦 Publish binary (Windows) | |
| if: runner.os == 'Windows' | |
| run: | | |
| ./build.ps1 publishaot --SemVersion $env:GIT_TAG --RuntimeIdentifier ${{ matrix.rid }} --Configuration Release | |
| shell: pwsh | |
| env: | |
| NitroApiClientId: ${{ secrets.NITRO_API_CLIENT_ID }} | |
| NitroIdentityClientId: ${{ secrets.NITRO_IDENTITY_CLIENT_ID }} | |
| NitroIdentityScopes: ${{ secrets.NITRO_IDENTITY_SCOPES }} | |
| - name: 📦 Publish binary (Unix) | |
| if: runner.os != 'Windows' | |
| run: | | |
| ./build.sh publishaot --SemVersion $GIT_TAG --RuntimeIdentifier ${{ matrix.rid }} --Configuration Release | |
| shell: bash | |
| env: | |
| NitroApiClientId: ${{ secrets.NITRO_API_CLIENT_ID }} | |
| NitroIdentityClientId: ${{ secrets.NITRO_IDENTITY_CLIENT_ID }} | |
| NitroIdentityScopes: ${{ secrets.NITRO_IDENTITY_SCOPES }} | |
| - name: 🖋️ Azure login (Windows) | |
| uses: azure/login@v1 | |
| if: runner.os == 'Windows' | |
| with: | |
| creds: ${{ secrets.SIGNING_CREDENTIALS }} | |
| - name: 🖋️ Sign binary (Windows) | |
| uses: azure/trusted-signing-action@v0 | |
| if: runner.os == 'Windows' | |
| with: | |
| endpoint: ${{ vars.AZURE_TRUSTED_SIGNING_ACCOUNT_ENDPOINT }} | |
| trusted-signing-account-name: ${{ secrets.AZURE_CODE_SIGNING_NAME }} | |
| certificate-profile-name: ${{ secrets.WINDOWS_APP_CERT_PROFILE_NAME }} | |
| files: ${{ github.workspace }}\publish\nitro.exe | |
| file-digest: SHA256 | |
| timestamp-rfc3161: http://timestamp.acs.microsoft.com | |
| timestamp-digest: SHA256 | |
| exclude-environment-credential: true | |
| exclude-workload-identity-credential: true | |
| exclude-managed-identity-credential: true | |
| exclude-shared-token-cache-credential: true | |
| exclude-visual-studio-credential: true | |
| exclude-visual-studio-code-credential: true | |
| exclude-azure-cli-credential: false | |
| exclude-azure-powershell-credential: true | |
| exclude-azure-developer-cli-credential: true | |
| exclude-interactive-browser-credential: true | |
| # https://docs.github.com/en/actions/how-tos/deploy/deploy-to-third-party-platforms/sign-xcode-applications | |
| - name: 🖋️ Setup signing resources (macOS) | |
| if: runner.os == 'macOS' | |
| env: | |
| BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_DEVELOPER_CERTFICATE_BASE64 }} | |
| P12_PASSWORD: ${{ secrets.APPLE_DEVELOPER_CERTFICATE_PASSWORD }} | |
| KEYCHAIN_PASSWORD: ${{ secrets.TEMPORARY_KEYCHAIN_PASSWORD }} | |
| run: | | |
| # create variables | |
| CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 | |
| KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
| # import certificate from secrets | |
| echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH | |
| # create temporary keychain | |
| security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| # import certificate to keychain | |
| security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
| security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| security list-keychain -d user -s $KEYCHAIN_PATH | |
| - name: 🖋️ Sign binary (macOS) | |
| if: runner.os == 'macOS' | |
| env: | |
| CODESIGN_IDENTITY: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_IDENTITY }} | |
| run: | | |
| echo "Code signing 'publish/nitro'..." | |
| codesign --sign "$CODESIGN_IDENTITY" \ | |
| --verbose=3 \ | |
| --identifier "com.chillicream.nitro" \ | |
| --options runtime \ | |
| --timestamp \ | |
| --force \ | |
| publish/nitro | |
| codesign --verify --deep --strict --verbose=2 publish/nitro | |
| - name: 📦 Zip binary (Windows) | |
| if: runner.os == 'Windows' | |
| run: | | |
| Compress-Archive -Path (Get-Item publish/nitro.exe) -DestinationPath nitro-${{ matrix.rid }}.zip | |
| shell: pwsh | |
| - name: 📦 Zip binary (Unix) | |
| if: runner.os != 'Windows' | |
| run: | | |
| zip -j nitro-${{ matrix.rid }}.zip publish/nitro | |
| shell: bash | |
| - name: 🖋️ Notarize binary (macOS) | |
| if: runner.os == 'macOS' | |
| env: | |
| CODESIGN_IDENTITY: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_IDENTITY }} | |
| APPLE_DEVELOPER_ID_EMAIL: ${{ secrets.APPLE_DEVELOPER_ID_EMAIL }} | |
| APPLE_DEVELOPER_TEAM_ID: ${{ secrets.APPLE_DEVELOPER_TEAM_ID }} | |
| APPLE_DEVELOPER_NITRO_CLI_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_DEVELOPER_NITRO_CLI_APP_SPECIFIC_PASSWORD }} | |
| run: | | |
| echo "Code signing 'nitro-${{ matrix.rid }}.zip'..." | |
| codesign --sign "$CODESIGN_IDENTITY" \ | |
| --verbose=3 \ | |
| --options runtime \ | |
| --timestamp \ | |
| --force \ | |
| nitro-${{ matrix.rid }}.zip | |
| codesign --verify --deep --strict --verbose=2 nitro-${{ matrix.rid }}.zip | |
| echo "Notarizing 'nitro-${{ matrix.rid }}.zip'..." | |
| xcrun notarytool submit nitro-${{ matrix.rid }}.zip \ | |
| --apple-id "$APPLE_DEVELOPER_ID_EMAIL" \ | |
| --team-id "$APPLE_DEVELOPER_TEAM_ID" \ | |
| --password "$APPLE_DEVELOPER_NITRO_CLI_APP_SPECIFIC_PASSWORD" \ | |
| --wait | |
| spctl --assess --type exec -vv nitro-${{ matrix.rid }}.zip || true | |
| codesign -dvv nitro-${{ matrix.rid }}.zip || true | |
| - name: 🖋️ Clean up signing resources (macOS) | |
| if: always() && runner.os == 'macOS' | |
| run: | | |
| security delete-keychain $RUNNER_TEMP/app-signing.keychain-db | |
| - name: 📤 Upload zipped binary as artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: nitro-${{ matrix.rid }} | |
| path: nitro-${{ matrix.rid }}.zip | |
| - name: 📤 Attach zipped binary to GitHub release | |
| shell: bash | |
| run: | | |
| gh release upload ${{ github.ref_name }} nitro-${{ matrix.rid }}.zip --repo ${{ github.repository }} | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| publish-nitro-cli-npm: | |
| name: 🧱 Publish Nitro CLI to npm | |
| runs-on: ubuntu-latest | |
| needs: [build-nitro-cli] | |
| if: startsWith(github.ref, 'refs/tags/') | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: 📦 Checkout | |
| uses: actions/checkout@v4 | |
| - name: 🧰 Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "22.x" | |
| registry-url: ${{ vars.NPM_REGISTRY_URL }} | |
| scope: "@chillicream" | |
| - name: 🧰 Enable corepack | |
| run: corepack enable | |
| - name: 📥 Download all zipped nitro binaries | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: nitro-* | |
| merge-multiple: true | |
| path: dist-zips | |
| - name: 🏷 Get the version from tag | |
| run: echo "GIT_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV | |
| - name: 🗂️ Move binaries to npm package | |
| run: | | |
| PACKAGE_DIR="src/Nitro/CommandLine/src/chillicream-nitro" | |
| for z in dist-zips/nitro-*.zip; do | |
| name=$(basename "$z" .zip) # e.g. nitro-linux-x64 | |
| rid=${name#nitro-} # e.g. linux-x64 | |
| echo "Unpacking $z -> $PACKAGE_DIR/$rid" | |
| mkdir -p "$PACKAGE_DIR/$rid" | |
| unzip -q "$z" -d "$PACKAGE_DIR/$rid" | |
| done | |
| # Ensure unix binaries are executable | |
| chmod +x $PACKAGE_DIR/linux-x64/nitro || true | |
| chmod +x $PACKAGE_DIR/linux-musl-x64/nitro || true | |
| chmod +x $PACKAGE_DIR/linux-arm64/nitro || true | |
| chmod +x $PACKAGE_DIR/osx-x64/nitro || true | |
| chmod +x $PACKAGE_DIR/osx-arm64/nitro || true | |
| # Ensure cli.js is executable | |
| chmod +x $PACKAGE_DIR/cli.js | |
| - name: 🔍 Install dependencies | |
| working-directory: src/Nitro/CommandLine/src/chillicream-nitro | |
| run: yarn install --immutable | |
| - name: 🏷️ Set version | |
| working-directory: src/Nitro/CommandLine/src/chillicream-nitro | |
| run: npm version $GIT_TAG | |
| - name: 📦 Create tarball | |
| working-directory: src/Nitro/CommandLine/src/chillicream-nitro | |
| run: npm pack | |
| - name: 🚀 Publish tarball to npm | |
| working-directory: src/Nitro/CommandLine/src/chillicream-nitro | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_REGISTRY_TOKEN }} | |
| run: | | |
| TARBALL="chillicream-nitro-${GIT_TAG}.tgz" | |
| if [[ "$GIT_TAG" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then | |
| DIST_TAG="latest" | |
| else | |
| DIST_TAG="preview" | |
| fi | |
| npm publish "./${TARBALL}" --access public --registry=${{ vars.NPM_REGISTRY_URL }} --tag "${DIST_TAG}" | |
| shell: bash | |
| - name: 📤 Upload tarball as artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: chillicream-nitro-${{ env.GIT_TAG }}.tgz | |
| path: src/Nitro/CommandLine/src/chillicream-nitro/chillicream-nitro-${{ env.GIT_TAG }}.tgz | |
| - name: 📤 Attach tarball to GitHub release | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| working-directory: src/Nitro/CommandLine/src/chillicream-nitro | |
| run: | | |
| gh release upload "${{ github.ref_name }}" "chillicream-nitro-${{ github.ref_name }}.tgz" --repo "${{ github.repository }}" | |
| update-homebrew: | |
| name: 🍺 Update Homebrew Formula | |
| runs-on: ubuntu-latest | |
| needs: [build-nitro-cli] | |
| if: startsWith(github.ref, 'refs/tags/') | |
| steps: | |
| - name: 📥 Checkout main repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: 🏷️ Get release version | |
| id: version | |
| run: echo "version=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT | |
| - name: ⬇️ Download macOS ARM64 release | |
| run: | | |
| curl -L -o nitro-osx-arm64.zip \ | |
| "https://github.com/ChilliCream/graphql-platform/releases/download/${{ steps.version.outputs.version }}/nitro-osx-arm64.zip" | |
| - name: ⬇️ Download macOS x64 release | |
| run: | | |
| curl -L -o nitro-osx-x64.zip \ | |
| "https://github.com/ChilliCream/graphql-platform/releases/download/${{ steps.version.outputs.version }}/nitro-osx-x64.zip" | |
| - name: 🔢 Calculate SHA256 hashes | |
| id: hashes | |
| run: | | |
| ARM64_SHA=$(sha256sum nitro-osx-arm64.zip | cut -d' ' -f1) | |
| X64_SHA=$(sha256sum nitro-osx-x64.zip | cut -d' ' -f1) | |
| echo "arm64_sha=$ARM64_SHA" >> $GITHUB_OUTPUT | |
| echo "x64_sha=$X64_SHA" >> $GITHUB_OUTPUT | |
| echo "🔍 ARM64 SHA: $ARM64_SHA" | |
| echo "🔍 X64 SHA: $X64_SHA" | |
| - name: 📝 Generate Homebrew formula | |
| run: | | |
| cat > nitro-cli.rb << EOF | |
| class NitroCli < Formula | |
| desc "ChilliCream Nitro Command Line" | |
| homepage "https://chillicream.com" | |
| url "https://github.com/ChilliCream/graphql-platform" | |
| license "MIT" | |
| on_macos do | |
| if Hardware::CPU.arm? | |
| url "https://github.com/ChilliCream/graphql-platform/releases/download/${{ steps.version.outputs.version }}/nitro-osx-arm64.zip" | |
| sha256 "${{ steps.hashes.outputs.arm64_sha }}" | |
| else | |
| url "https://github.com/ChilliCream/graphql-platform/releases/download/${{ steps.version.outputs.version }}/nitro-osx-x64.zip" | |
| sha256 "${{ steps.hashes.outputs.x64_sha }}" | |
| end | |
| end | |
| def install | |
| bin.install "nitro" | |
| end | |
| test do | |
| system "#{bin}/nitro", "--version" | |
| end | |
| end | |
| EOF | |
| - name: 📥 Checkout homebrew repo | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: ChilliCream/homebrew-tools | |
| token: ${{ secrets.HOMEBREW_TAP_TOKEN }} | |
| path: homebrew-tools | |
| - name: 🚀 Update formula in homebrew repo | |
| run: | | |
| cp nitro-cli.rb homebrew-tools/nitro-cli.rb | |
| cd homebrew-tools | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git add nitro-cli.rb | |
| git commit -m "🍺 Update nitro formula to ${{ steps.version.outputs.version }}" || exit 0 | |
| git push |