Skip to content

Commit 0218349

Browse files
micheloliveira-commicheloliveira-com
authored
feat(actions): add nuget trusted publishing (#1760)
* feat(actions): add nuget trusted publishing * fix: add permission id-token:write
1 parent 715c554 commit 0218349

File tree

2 files changed

+18
-2
lines changed

2 files changed

+18
-2
lines changed

.github/workflows/ci.yml

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -272,6 +272,8 @@ jobs:
272272
if: github.event_name == 'workflow_dispatch' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/v2')
273273
runs-on: ubuntu-latest
274274
needs: [ validate-nuget, run-test, validate-template, validate-docs ]
275+
permissions:
276+
id-token: write
275277
steps:
276278
- uses: actions/download-artifact@v5
277279
with:
@@ -284,5 +286,11 @@ jobs:
284286
- name: 🛠️ Upload library to GitHub Package Repository
285287
run: dotnet nuget push ${{ env.NUGET_DIRECTORY }}/*.nupkg -k ${{ secrets.GITHUB_TOKEN }} -s https://nuget.pkg.github.com/bunit-dev/index.json --skip-duplicate --no-symbols
286288

289+
- name: 🛠️ NuGet login
290+
uses: NuGet/login@v1
291+
id: nuget-login
292+
with:
293+
user: ${{ secrets.NUGET_USER }}
294+
287295
- name: 🛠️ Upload library to NuGet.org repository
288-
run: dotnet nuget push ${{ env.NUGET_DIRECTORY }}/*.nupkg -k ${{ secrets.NUGET_KEY }} -s https://api.nuget.org/v3/index.json --skip-duplicate --no-symbols
296+
run: dotnet nuget push ${{ env.NUGET_DIRECTORY }}/*.nupkg -k ${{ steps.nuget-login.outputs.NUGET_API_KEY }} -s https://api.nuget.org/v3/index.json --skip-duplicate --no-symbols

.github/workflows/release.yml

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,8 @@ jobs:
2626
if: github.ref == 'refs/heads/stable' ||
2727
github.event.pull_request.merged == true && contains(github.head_ref, 'release/v') == true
2828
runs-on: ubuntu-latest
29+
permissions:
30+
id-token: write
2931
steps:
3032

3133
- name: 🛒 Checkout repository
@@ -101,9 +103,15 @@ jobs:
101103
dotnet pack src/bunit.web.query/ -c Release --property:PackageOutputPath=${GITHUB_WORKSPACE}/packages -p:ContinuousIntegrationBuild=true -p:publicrelease=true
102104
dotnet pack src/bunit.generators/ -c Release --property:PackageOutputPath=${GITHUB_WORKSPACE}/packages -p:ContinuousIntegrationBuild=true -p:publicrelease=true
103105
106+
- name: 🛠️ NuGet login
107+
uses: NuGet/login@v1
108+
id: nuget-login
109+
with:
110+
user: ${{ secrets.NUGET_USER }}
111+
104112
- name: 🛠️ Upload library to NuGet.org repository
105113
run: |
106-
dotnet nuget push ${GITHUB_WORKSPACE}/packages/*.nupkg -k ${{ secrets.NUGET_KEY }} -s https://api.nuget.org/v3/index.json --skip-duplicate --no-symbols
114+
dotnet nuget push ${GITHUB_WORKSPACE}/packages/*.nupkg -k ${{ steps.nuget-login.outputs.NUGET_API_KEY }} -s https://api.nuget.org/v3/index.json --skip-duplicate --no-symbols
107115
108116
- name: ⏩ Push stable branch
109117
run: git push origin stable

0 commit comments

Comments
 (0)