Fix Workflow not using API token #4192
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - release-* | |
| - dev-* | |
| - feature-* | |
| tags: | |
| - v* | |
| pull_request: | |
| branches: | |
| - master | |
| - release-* | |
| - dev-* | |
| - feature-* | |
| jobs: | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| env: | |
| NUPKG_OUTDIR: bin/Release/nugets | |
| steps: | |
| - uses: actions/checkout@v1 | |
| with: | |
| clean: true | |
| - name: Parse release version | |
| run: python ./.github/scripts/get_release_version.py | |
| - name: Setup .NET Core | |
| uses: actions/setup-dotnet@v3 | |
| with: | |
| dotnet-version: 10.0.x | |
| dotnet-quality: 'ga' | |
| - name: Restore dependencies | |
| run: dotnet restore | |
| - name: Build | |
| run: dotnet build --configuration release --no-restore | |
| - name: Generate Packages | |
| run: dotnet pack --configuration release | |
| - name: Upload packages | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: packages | |
| path: ${{ env.NUPKG_OUTDIR }} | |
| discover-integration-v2-tests: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| projects: ${{ steps.set-matrix.outputs.projects }} | |
| steps: | |
| - uses: actions/checkout@v1 | |
| - id: set-matrix | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| PROJECTS_JSON=$( | |
| find test -name "Dapr.IntegrationTest.*.csproj" ! -name "*E2E*" -print0 \ | |
| | jq -Rs -c ' | |
| split("\u0000")[:-1] | |
| | map({ | |
| project: ., | |
| projectName: ( | |
| . | |
| | gsub("\\\\"; "/") # normalize \ to / | |
| | split("/") | last # basename | |
| | sub("\\.csproj$"; "") # strip extension | |
| | sub("^Dapr\\.IntegrationTest\\."; "") # drop prefix once | |
| ) | |
| }) | |
| ' | |
| ) | |
| printf 'projects=%s\n' "${PROJECTS_JSON}" >> "$GITHUB_OUTPUT" | |
| discover-unit-test-projects: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix: ${{ steps.set-matrix.outputs.matrix }} | |
| steps: | |
| - uses: actions/checkout@v1 | |
| - id: set-matrix | |
| run: | | |
| # Find all csproj files matching the pattern recursively | |
| PROJECTS=$(find test -name "Dapr.*.Test.csproj" ! -name "*E2E*" | jq -R -s -c 'split("\n")[:-1]') | |
| echo "matrix=$PROJECTS" >> $GITHUB_OUTPUT | |
| get-dapr-versions: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix_json: ${{ steps.compute.outputs.matrix_json }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| cache: npm | |
| cache-dependency-path: .github/tools/tag-selector/package-lock.json | |
| - working-directory: .github/tools/tag-selector | |
| run: npm ci && npm test && npm run build | |
| - id: compute | |
| name: Run selector | |
| env: | |
| INPUT_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| INPUT_TAG_PREFIX: "v" | |
| INPUT_STABLE_COUNT: "2" | |
| INPUT_RC_COUNT: "2" | |
| INPUT_RC_IDENTIFIER: "rc" | |
| run: | | |
| node .github/tools/tag-selector/dist/index.js | |
| - name: Show outputs | |
| run: | | |
| echo "Matrix: ${{ steps.compute.outputs.matrix_json }}" | |
| compute-integration-matrix: | |
| runs-on: ubuntu-latest | |
| needs: [ discover-integration-v2-tests, get-dapr-versions ] | |
| outputs: | |
| matrix: ${{ steps.build.outputs.matrix }} | |
| steps: | |
| - id: build | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| # Pull upstream outputs (may be empty) | |
| projects_raw='${{ needs.discover-integration-v2-tests.outputs.projects }}' | |
| dapr_raw='${{ needs.get-dapr-versions.outputs.matrix_json }}' | |
| # Default empty to valid JSON arrays to avoid null iteration | |
| if [ -z "${projects_raw}" ] || [ "${projects_raw}" = "null" ]; then | |
| projects_raw='[]' | |
| fi | |
| if [ -z "${dapr_raw}" ] || [ "${dapr_raw}" = "null" ]; then | |
| dapr_raw='[]' | |
| fi | |
| # Static axes | |
| dotnets='[ | |
| {"dotnet-version":"8.0", "display-name":".NET 8.0", "framework":"net8.0", "prefix":"net8", "install-version":"8.0.x"}, | |
| {"dotnet-version":"9.0", "display-name":".NET 9.0", "framework":"net9.0", "prefix":"net9", "install-version":"9.0.x"}, | |
| {"dotnet-version":"10.0", "display-name":".NET 10.0", "framework":"net10.0", "prefix":"net10", "install-version":"10.0.x"} | |
| ]' | |
| oss='["ubuntu-latest"]' | |
| # Normalize dapr to an array: | |
| # - if it's already an array, use as-is | |
| # - if it's an object with "include", use .include | |
| # - if it's a single object, wrap in an array | |
| dapr_array=$( | |
| jq -cn --argjson d "$dapr_raw" ' | |
| if ($d|type) == "array" then | |
| $d | |
| elif ($d|type) == "object" and ($d|has("include")) then | |
| $d.include | |
| elif ($d|type) == "object" then | |
| [$d] | |
| else | |
| [] | |
| end | |
| ' | |
| ) | |
| # Sanity logs (optional) | |
| echo "Projects: $projects_raw" | |
| echo "Dapr (normalized): $dapr_array" | |
| # Build the full cross-product into { include: [...] } | |
| matrix_json=$( | |
| jq -cn \ | |
| --argjson projects "$projects_raw" \ | |
| --argjson dotnets "$dotnets" \ | |
| --argjson oss "$oss" \ | |
| --argjson dapr "$dapr_array" ' | |
| [ | |
| $projects[] as $p | |
| | $dotnets[] as $d | |
| | $oss[] as $o | |
| | $dapr[] as $dv | |
| | { | |
| # from discovery | |
| project: $p.project, | |
| projectName: $p.projectName, | |
| # from dotnet axis | |
| "dotnet-version": $d["dotnet-version"], | |
| "display-name": $d["display-name"], | |
| framework: $d.framework, | |
| prefix: $d.prefix, | |
| "install-version":$d["install-version"], | |
| # from OS axis | |
| os: $o, | |
| # from Dapr selector (assumes objects like { "version": "v1.17.0-rc.2", ... }) | |
| "dapr-runtime-versions": $dv | |
| } | |
| ] | |
| | { include: . } | |
| ' | |
| ) | |
| printf 'matrix=%s\n' "$matrix_json" >> "$GITHUB_OUTPUT" | |
| integration-tests-v2: | |
| name: ${{ matrix.prefix }}-${{ matrix['dapr-runtime-versions'].version }}-${{ matrix.projectName }} | |
| needs: [ compute-integration-matrix ] | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 30 | |
| strategy: | |
| fail-fast: false | |
| matrix: ${{ fromJson(needs.compute-integration-matrix.outputs.matrix) }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Parse release version | |
| run: python ./.github/scripts/get_release_version.py | |
| - name: Setup ${{ matrix.display-name }} | |
| uses: actions/setup-dotnet@v3 | |
| with: | |
| dotnet-version: ${{ matrix.install-version }} | |
| dotnet-quality: 'ga' # Prefer a GA release, but use the RC if not available | |
| - name: Integration Tests | |
| id: integration-tests-v2 | |
| continue-on-error: false # proceed if tests fail to allow for the report generation in master or next step failure in PR | |
| env: | |
| DAPR_RUNTIME_VERSION: ${{ matrix.dapr-runtime-versions.version }} | |
| run: | | |
| dotnet test "${{ matrix.project }}" \ | |
| --configuration release \ | |
| --framework ${{ matrix.framework }} \ | |
| --logger "trx;LogFilePrefix=${{ matrix.prefix }}" \ | |
| --logger "GitHubActions;report-warnings=false" \ | |
| --results-directory "${{ github.workspace }}/TestResults" \ | |
| /p:CollectCoverage=true \ | |
| /p:CoverletOutputFormat=opencover \ | |
| /p:GITHUB_ACTIONS=false | |
| timeout-minutes: 60 | |
| - name: Upload test coverage | |
| uses: codecov/codecov-action@v1 | |
| with: | |
| flags: ${{ matrix.framework }} | |
| - name: Parse Trx files | |
| uses: NasAmin/trx-parser@v0.2.0 | |
| id: trx-parser | |
| if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository # does not work on PRs from forks | |
| with: | |
| TRX_PATH: ${{ github.workspace }}/TestResults | |
| REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| ci-integration-tests-gate: | |
| runs-on: ubuntu-latest | |
| needs: [integration-tests-v2, integration-test] | |
| steps: | |
| - name: "All integration tests passed" | |
| run: echo "All unit tests passed" | |
| unit-tests: | |
| name: Unit Tests ${{ matrix.display-name }} / ${{ matrix.os }} - ${{ matrix.project}} | |
| needs: discover-unit-test-projects | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| dotnet-version: ['8.0', '9.0', '10.0'] | |
| project: ${{ fromJson(needs.discover-unit-test-projects.outputs.matrix) }} | |
| include: | |
| - dotnet-version: '8.0' | |
| display-name: '.NET 8.0' | |
| framework: 'net8.0' | |
| prefix: 'net8' | |
| install-version: '8.0.x' | |
| - dotnet-version: '9.0' | |
| display-name: '.NET 9.0' | |
| framework: 'net9.0' | |
| prefix: 'net9' | |
| install-version: '9.0.x' | |
| - dotnet-version: '10.0' | |
| display-name: '.NET 10.0' | |
| framework: 'net10.0' | |
| prefix: 'net10' | |
| install-version: '10.0.x' | |
| steps: | |
| - uses: actions/checkout@v1 | |
| - name: Parse release version | |
| run: python ./.github/scripts/get_release_version.py | |
| - name: Setup ${{ matrix.display-name }} | |
| uses: actions/setup-dotnet@v3 | |
| with: | |
| dotnet-version: ${{ matrix.install-version }} | |
| dotnet-quality: 'ga' # Prefer a GA release, but use the RC if not available | |
| - name: Test | |
| id: tests | |
| continue-on-error: true # proceed if tests fail to allow for the report generation in master or next step failure in PR | |
| run: | | |
| dotnet test "${{ matrix.project }}" \ | |
| --configuration release \ | |
| --framework ${{ matrix.framework }} \ | |
| --logger "trx;LogFilePrefix=${{ matrix.prefix }}" \ | |
| --logger "GitHubActions;report-warnings=false" \ | |
| --results-directory "${{ github.workspace }}/TestResults" \ | |
| /p:CollectCoverage=true \ | |
| /p:CoverletOutputFormat=opencover \ | |
| /p:GITHUB_ACTIONS=false | |
| timeout-minutes: 60 | |
| - name: Check test failure in PR | |
| if: github.event_name == 'pull_request' && steps.tests.outcome != 'success' | |
| run: exit 1 | |
| - name: Upload test coverage | |
| uses: codecov/codecov-action@v1 | |
| with: | |
| flags: ${{ matrix.framework }} | |
| - name: Parse Trx files | |
| uses: NasAmin/trx-parser@v0.2.0 | |
| id: trx-parser | |
| if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository # does not work on PRs from forks | |
| with: | |
| TRX_PATH: ${{ github.workspace }}/TestResults | |
| REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| ci-unit-tests-gate: | |
| runs-on: ubuntu-latest | |
| needs: [unit-tests] | |
| steps: | |
| - name: "All unit tests passed" | |
| run: echo "All unit tests passed" | |
| integration-test: | |
| uses: ./.github/workflows/itests.yml | |
| discover: | |
| name: 'Discover Packages' | |
| needs: ['build', 'ci-unit-tests-gate', 'ci-integration-tests-gate'] | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix: ${{ steps.set-matrix.outputs.matrix }} | |
| steps: | |
| - name: Download release artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: packages | |
| path: packages | |
| - name: List packages | |
| run: ls packages/*.nupkg | |
| - name: Generate matrix | |
| id: set-matrix | |
| run: | | |
| echo "Generating package matrix..." | |
| files=$(ls packages/*.nupkg | jq -R -s -c ' | |
| split("\n")[:-1] | |
| | map(select( | |
| (test("/Dapr\\.Workflow\\.Versioning\\.(Abstractions|Generators|Runtime)\\.")) | not | |
| )) | |
| ') | |
| echo "matrix=$files" >> $GITHUB_OUTPUT | |
| publish: | |
| permissions: | |
| id-token: write # Enable GitHub OIDC token issuance for this job | |
| name: Publish Packages | |
| needs: ['discover'] | |
| if: | | |
| startswith(github.ref, 'refs/tags/v') && | |
| !(endsWith(github.ref, '-rc') || endsWith(github.ref, '-dev') || endsWith(github.ref, '-prerelease')) | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| package: ${{ fromJson(needs.discover.outputs.matrix) }} | |
| steps: | |
| - name: Download release artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: packages | |
| path: packages | |
| - name: NuGet logic (OIDC -> temp API key) | |
| uses: NuGet/login@v1 | |
| id: login | |
| with: | |
| user: ${{ secrets.NUGETORG_DAPR_USER }} | |
| - name: Publish ${{ matrix.package }} to NuGet | |
| run: | | |
| dotnet nuget push "${{ matrix.package }}" --skip-duplicate --api-key ${{ steps.login.outputs.NUGET_API_KEY }} --source https://api.nuget.org/v3/index.json | |