Configure to publish to internal packages

Socolin · Socolin · commit 339458d34826 · 2025-12-18T16:35:30.000-05:00
diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml
@@ -4,17 +4,13 @@ on:
   push:
     branches:
       - main
-    tags:
-      - "v*"
-  pull_request:
-    branches:
-      - main
-      - release/*
-    types: [ labeled, opened, synchronize, reopened ]
+      - ci
 jobs:
   # Prime a single LFS cache and expose the exact key for the matrix
   WarmLFS:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     outputs:
       lfs_key: ${{ steps.expose-key.outputs.lfs_key }}
     steps:
@@ -55,9 +51,11 @@ jobs:
       - name: Git Pull LFS
         shell: bash
         run: git lfs pull
-        
+
   Build:
     needs: WarmLFS
+    permissions:
+      contents: read
     strategy:
       matrix:
         isARM:
@@ -210,6 +208,9 @@ jobs:
 
 
   Publish:
+    permissions:
+      id-token: write  # Required for OIDC
+      contents: read
     needs: [Build]
 
     runs-on: ubuntu-latest
@@ -240,20 +241,31 @@ jobs:
           key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj', '**/*.props', '**/*.targets') }}
           restore-keys: ${{ runner.os }}-nuget-
 
-      - name: DotNet Pack
+      - name: Compute Version
+        id: compute-version
         shell: pwsh
-        run: ./ci-pack.ps1
+        run: |
+          $date = Get-Date -Format "yyyy.MM.dd"
+          $buildNumber = "${{ github.run_number }}"
+          $version = "$date-mc.$buildNumber"
+          echo "version=$version" >> $env:GITHUB_OUTPUT
+          echo "Computed version: $version"
 
-      - name: Feedz Publish
+      - name: DotNet Pack
         shell: pwsh
-        run: |
-          dotnet nuget push .\artifacts\*.nupkg -k ${{secrets.FEEDZ_TOKEN}} -s https://f.feedz.io/sixlabors/sixlabors/nuget/index.json --skip-duplicate
-          dotnet nuget push .\artifacts\*.snupkg -k ${{secrets.FEEDZ_TOKEN}} -s https://f.feedz.io/sixlabors/sixlabors/symbols --skip-duplicate
+        run: ./ci-pack.ps1 -version "${{ steps.compute-version.outputs.version }}"
+
+      - name: Azure Login
+        uses: azure/login@v2
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
 
-      - name: NuGet Publish
-        if: ${{ startsWith(github.ref, 'refs/tags/') }}
+      - name: Install Sleet
+        run: dotnet tool install -g sleet
+
+      - name: Publish Internal
         shell: pwsh
         run: |
-          dotnet nuget push .\artifacts\*.nupkg -k ${{secrets.NUGET_TOKEN}} -s https://api.nuget.org/v3/index.json --skip-duplicate
-          dotnet nuget push .\artifacts\*.snupkg -k ${{secrets.NUGET_TOKEN}} -s https://api.nuget.org/v3/index.json --skip-duplicate
-
+          sleet push ./artifacts --config sleet.json artifacts
diff --git a/ci-pack.ps1 b/ci-pack.ps1
@@ -1,6 +1,11 @@
+param(
+  [Parameter(Mandatory = $true, Position = 0)]
+  [string]$Version
+)
+
 dotnet clean -c Release
 
 $repositoryUrl = "https://github.com/$env:GITHUB_REPOSITORY"
 
 # Building for packing and publishing.
-dotnet pack -c Release --output "$PSScriptRoot/artifacts" /p:RepositoryUrl=$repositoryUrl
+dotnet pack -c Release --output "$PSScriptRoot/artifacts" /p:RepositoryUrl=$repositoryUrl -p:MinVerVersionOverride=$Version
diff --git a/sleet.json b/sleet.json
@@ -0,0 +1,12 @@
+{
+  "username": "",
+  "useremail": "",
+  "sources": [
+    {
+      "name": "ImageSharp",
+      "type": "azure",
+      "container": "imagesharp",
+      "path": "https://mcpublicnugetstouse.blob.core.windows.net/imagesharp/"
+    }
+  ]
+}
