1.0.0 Release

Author: mthierba

.config/dotnet-tools.json

@@ -0,0 +1,20 @@
+{
+  "version": 1,
+  "isRoot": true,
+  "tools": {
+    "gitversion.tool": {
+      "version": "6.2.0",
+      "commands": [
+        "dotnet-gitversion"
+      ],
+      "rollForward": false
+    },
+    "nugetkeyvaultsigntool": {
+      "version": "3.2.3",
+      "commands": [
+        "NuGetKeyVaultSignTool"
+      ],
+      "rollForward": false
+    }
+  }
+}

.github/dependabot.yml

@@ -0,0 +1,14 @@
+version: 2
+updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      # Check for updates to GitHub Actions every week
+      interval: "weekly"
+
+  - package-ecosystem: "nuget"
+    directory: "/"
+    schedule:
+      # Check for updates to NuGet packages every week
+      interval: "daily"

.github/workflows/ci.yaml

@@ -0,0 +1,194 @@
+name: CI Workflow
+run-name: '${{ github.workflow }} [${{ github.event_name }}:${{ github.ref_name }}]'
+
+on:
+  push:
+    tags:
+      - '*'       # Create nuget.org releases from tags only (must verify source branch in job)
+  pull_request:
+    branches:     # pull requests into the main branch publish to GitHub packages, all others merely publish build artifacts
+      - main
+      - release/*
+      - Release/*
+  workflow_dispatch:
+
+env:
+  ENVIRONMENT: >-
+    ${{ (github.event_name == 'push' && github.ref_type == 'tag' && github.event.base_ref == 'refs/heads/main') 
+        && 'nuget.org' 
+        || ((github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'main') 
+            && 'github' 
+            || 'dev') }}
+
+jobs:
+  build-pack-test:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+    - name: 'Cache: ~/.nuget/packages'
+      uses: actions/cache@v4
+      with:
+        path: |
+          ~/.nuget/packages
+        key: nuget-${{ hashFiles('**/global.json', '**/*.csproj', '**/Directory.Packages.props') }}
+        restore-keys: |
+          nuget-
+    - name: Setup .NET SDK
+      uses: actions/setup-dotnet@v4
+    - name: dotnet info
+      run: dotnet --info
+    - name: dotnet restore
+      run: dotnet restore
+    - name: dotnet build & pack
+      run: |
+        dotnet build \
+          -c Release \
+          -p:ENVIRONMENT=${{env.ENVIRONMENT}} \
+          --no-restore
+    - name: dotnet test
+      run: |
+        dotnet test -c Release -f net8.0 --no-restore --verbosity normal -p:GeneratePackageOnBuild=false
+        dotnet test -c Release -f net9.0 --no-restore --verbosity normal -p:GeneratePackageOnBuild=false
+    - name: List output files
+      run: ls -la ./out
+    - name: Upload Artifact
+      id: upload-nupkg
+      uses: actions/upload-artifact@v4
+      with:
+        name: nuget-packages
+        path: ./out/*nupkg
+    - name: Job Summary
+      run: |
+        echo "# Build/Pack/Test: ${{ env.GitVersion_SemVer }} from branch: ${{ env.GitVersion_BranchName }}" >> $GITHUB_STEP_SUMMARY
+        echo "" >> $GITHUB_STEP_SUMMARY
+        echo "NUPKG Artifact Url: ${{ steps.upload-nupkg.outputs.artifact-url }}" >> $GITHUB_STEP_SUMMARY
+        echo "" >> $GITHUB_STEP_SUMMARY
+
+    outputs:
+      PKG_VERSION: ${{ env.GitVersion_SemVer }}
+      BRANCH_NAME: ${{ env.GitVersion_BranchName }}
+
+  sign-packages:
+    if: >
+      (github.event_name == 'pull_request' && 
+       github.event.pull_request.base.ref == 'main') || 
+      (github.event_name == 'push' && 
+       github.ref_type == 'tag' && 
+       github.event.base_ref == 'refs/heads/main')
+    runs-on: windows-latest
+    needs: build-pack-test
+    permissions:
+      id-token: write
+
+    steps:
+    - name: Download NUPKG
+      uses: actions/download-artifact@v4
+      with:
+        name: nuget-packages
+        path: ./packages
+    - name: List downloaded files
+      run: ls -R ./packages
+
+    - name: Install AzureSignTool
+      run: dotnet tool install -g NuGetKeyVaultSignTool
+
+    - name: Azure Login
+      uses: azure/login@v2
+      with:
+        client-id: ${{ secrets.PBITOOLS_KVI }}
+        tenant-id: ${{ secrets.PBITOOLS_KVT }}
+        subscription-id: ${{ secrets.PBITOOLS_AKV_SUBSCRIPTION_ID }}
+        allow-no-subscriptions: true
+
+    - name: Sign packages
+      shell: cmd
+      working-directory: ./packages
+      env:
+        AKV_URL: ${{ secrets.PBITOOLS_KVU }}
+        AKV_CERT_NAME: ${{ secrets.PBITOOLS_KVC }}
+      run: |
+        NuGetKeyVaultSignTool sign ^
+          -kvu %AKV_URL% ^
+          -kvc %AKV_CERT_NAME% ^
+          -kvm ^
+          -tr http://timestamp.globalsign.com/tsa/advanced ^
+          -td sha256 ^
+          -fd sha256 ^
+          -o ./signed ^
+          *.nupkg
+        NuGetKeyVaultSignTool sign ^
+          -kvu %AKV_URL% ^
+          -kvc %AKV_CERT_NAME% ^
+          -kvm ^
+          -tr http://timestamp.globalsign.com/tsa/advanced ^
+          -td sha256 ^
+          -fd sha256 ^
+          -o ./signed ^
+          *.snupkg
+
+    - name: List signed packages
+      run: ls -R ./packages/signed
+    - name: Upload Artifact
+      id: upload-nupkg
+      uses: actions/upload-artifact@v4
+      with:
+        name: nuget-packages-signed
+        path: ./packages/signed
+    outputs:
+      PKG_VERSION: ${{ needs.build-pack-test.outputs.PKG_VERSION }}
+
+  publish-github-packages: # Push to GitHub Packages if inside pull-request targeting main
+    if: github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'main'
+    runs-on: ubuntu-latest
+    needs: sign-packages
+    permissions:
+      packages: write
+      # https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token
+    steps:
+    - name: Download NUPKG
+      uses: actions/download-artifact@v4
+      with:
+        name: nuget-packages-signed
+        path: ./artifacts
+    - name: List packages
+      run: ls -la ./artifacts
+    - name: Publish to GitHub Packages
+      run: |
+        dotnet nuget push \
+          ./artifacts/*nupkg \
+          --api-key ${{ secrets.GITHUB_TOKEN }} \
+          --source https://nuget.pkg.github.com/${{ github.repository_owner }}
+    - name: Job Summary
+      run: |
+        echo "## Published $VERSION to GitHub Packages" >> $GITHUB_STEP_SUMMARY
+      env:
+        VERSION: ${{ needs.sign-packages.outputs.PKG_VERSION }}
+
+  publish-nuget-org: # Sign nupkg & Push to nuget.org if tag was created on main branch
+    if: github.event_name == 'push' && github.ref_type == 'tag' && github.event.base_ref == 'refs/heads/main'
+    runs-on: ubuntu-latest
+    needs: sign-packages
+    steps:
+      - name: Download NUPKG
+        uses: actions/download-artifact@v4
+        with:
+          name: nuget-packages-signed
+          path: ./artifacts
+      - name: List packages
+        run: ls -la ./artifacts
+      - name: Publish to nuget.org
+        env:
+          NUGET_API_KEY: ${{ secrets.NUGET_ORG_API_KEY_navidataIO }}
+        run: |
+          dotnet nuget push \
+            ./artifacts/*nupkg \
+            --api-key ${{env.NUGET_API_KEY}} \
+            --source https://api.nuget.org/v3/index.json
+      - name: Job Summary
+        run: |
+          echo "## Published $VERSION to nuget.org" >> $GITHUB_STEP_SUMMARY
+        env:
+          VERSION: ${{ needs.sign-packages.outputs.PKG_VERSION }}

.github/workflows/delete-package-version.yml

@@ -0,0 +1,24 @@
+
+on:
+  workflow_dispatch:
+    inputs:
+      package-name:
+        description: 'The package name to delete'
+        required: true
+        default: 'navidataIO.Utils'
+      package-version:
+        description: 'The package version to delete'
+        required: true
+        default: '99.99.99'
+
+jobs:
+  delete-package-version:
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+    steps:
+    - uses: actions/delete-package-versions@v5
+      with:
+        package-name: ${{ github.event.inputs.package-name }}
+        package-version-ids: ${{ github.event.inputs.package-version }}
+        package-type: 'nuget'

.gitignore

@@ -1,14 +1,18 @@
 ## Ignore Visual Studio temporary files, build results, and
 ## files generated by popular Visual Studio add-ons.
 ##
-## Get latest from https://github.com/github/gitignore/blob/main/VisualStudio.gitignore
+## Get latest from `dotnet new gitignore`
+
+# dotenv files
+.env
 
 # User-specific files
 *.rsuser
 *.suo
 *.user
 *.userosscache
 *.sln.docstates
+*.sln
 
 # User-specific files (MonoDevelop/Xamarin Studio)
 *.userprefs
@@ -31,6 +35,7 @@ bld/
 [Oo]bj/
 [Ll]og/
 [Ll]ogs/
+out/
 
 # Visual Studio 2015/2017 cache/options directory
 .vs/
@@ -57,11 +62,14 @@ dlldata.c
 # Benchmark Results
 BenchmarkDotNet.Artifacts/
 
-# .NET Core
+# .NET
 project.lock.json
 project.fragment.lock.json
 artifacts/
 
+# Tye
+.tye/
+
 # ASP.NET Scaffolding
 ScaffoldingReadMe.txt
 
@@ -396,3 +404,83 @@ FodyWeavers.xsd
 
 # JetBrains Rider
 *.sln.iml
+.idea
+
+##
+## Visual studio for Mac
+##
+
+
+# globs
+Makefile.in
+*.userprefs
+*.usertasks
+config.make
+config.status
+aclocal.m4
+install-sh
+autom4te.cache/
+*.tar.gz
+tarballs/
+test-results/
+
+# Mac bundle stuff
+*.dmg
+*.app
+
+# content below from: https://github.com/github/gitignore/blob/master/Global/macOS.gitignore
+# General
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+# content below from: https://github.com/github/gitignore/blob/master/Global/Windows.gitignore
+# Windows thumbnail cache files
+Thumbs.db
+ehthumbs.db
+ehthumbs_vista.db
+
+# Dump file
+*.stackdump
+
+# Folder config file
+[Dd]esktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Windows Installer files
+*.cab
+*.msi
+*.msix
+*.msm
+*.msp
+
+# Windows shortcuts
+*.lnk
+
+# Vim temporary swap files
+*.swp