From afd8642f27d593c3e3f21624454b4647e5d671e5 Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Mon, 21 Jul 2025 14:52:11 -0700
Subject: [PATCH 01/13] Add signing job before publishing

---
 .github/workflows/release.yml | 61 +++++++++++++++++++++++++++++++++--
 1 file changed, 59 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index b8a07e975..1803e647c 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -69,9 +69,63 @@ jobs:
           name: build-artifacts
           path: ${{ github.workspace }}/artifacts
 
+  sign:
+    needs: build
+    runs-on: windows-latest # Code signing must run on a Windows agent for Authenticode signing (dll/exe)
+    if: github.event_name == 'release'
+    environment: release # Needed for OIDC subject for releases triggered on release being created.
+    permissions:
+      id-token: write # Required for requesting the JWT
+      
+    steps:
+    - name: Download build artifacts
+      uses: actions/download-artifact@v4
+      with:
+        name: build-artifacts
+        path: ${{ github.workspace }}/build-artifacts
+    
+    # .NET is required on the agent for the tool to run
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v3
+      with:
+        dotnet-version: '9.x'
+
+    # Install the code signing tool    
+    - name: Install Sign CLI tool
+      run: dotnet tool install --tool-path . --prerelease sign
+    
+    # Login to Azure using a ServicePrincipal configured to authenticate agaist a GitHub Action
+    - name: 'Az CLI login'
+      uses: azure/login@v2
+      with:
+        allow-no-subscriptions: true
+        client-id: 80125de0-6f58-4f16-bd05-b2fa621d36a5
+        tenant-id: 16076fdc-fcc1-4a15-b1ca-32c9a255900e
+        subscription-id: 997e7c30-fd83-4b3d-bcf5-492e194f9b98
+
+    # Run the signing command
+    - name: Sign artifacts
+      shell: pwsh
+      run: >
+        ./sign code azure-key-vault
+        **/*.nupkg
+        --base-directory "${{ github.workspace }}/build-artifacts/packages"
+        --publisher-name "OpenAI"
+        --description "OpenAI SDK for .NET"
+        --description-url "https://github.com/openai/openai-dotnet"
+        --azure-key-vault-managed-identity true
+        --azure-key-vault-url "https://sc-openaisdk.vault.azure.net/"
+        --azure-key-vault-certificate "OpenAISDKSCCert"
+    
+    - name: Upload signed artifact
+      uses: actions/upload-artifact@v4
+      with:
+        name: build-artifacts-signed
+        path: ${{ github.workspace }}/artifacts
+        
   deploy:
     name: Publish Package
-    needs: build
+    needs: sign
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
@@ -79,6 +133,9 @@ jobs:
 
       - name: Download build artifacts
         uses: actions/download-artifact@v4
+        with:
+          name: build-artifacts-signed
+          path: ${{ github.workspace }}/build-artifacts
 
       - name: Upload release asset
         if: github.event_name == 'release'
@@ -114,4 +171,4 @@ jobs:
             ${{ github.workspace }}/build-artifacts/packages/*.nupkg
             --source https://api.nuget.org/v3/index.json
             --api-key ${{ secrets.NUGET_API_KEY }}
-            --skip-duplicate
\ No newline at end of file
+            --skip-duplicate

From 947cf094a8d6270cc8a82b6e7d5979b8339c50ce Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Mon, 21 Jul 2025 14:58:38 -0700
Subject: [PATCH 02/13] Update .github/workflows/release.yml

---
 .github/workflows/release.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 1803e647c..456b11773 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -72,7 +72,6 @@ jobs:
   sign:
     needs: build
     runs-on: windows-latest # Code signing must run on a Windows agent for Authenticode signing (dll/exe)
-    if: github.event_name == 'release'
     environment: release # Needed for OIDC subject for releases triggered on release being created.
     permissions:
       id-token: write # Required for requesting the JWT

From 2ec69a64ecfb09b8b6de8c575f37a07243fe09f1 Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Mon, 21 Jul 2025 16:21:12 -0700
Subject: [PATCH 03/13] Disable live test and nuget publish for testing only

---
 .github/workflows/release.yml | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 456b11773..d5bdd964a 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -52,15 +52,15 @@ jobs:
           --logger "trx;LogFileName=${{ github.workspace }}/artifacts/test-results/smoke.trx"
           ${{ env.version_suffix_args }}
 
-      - name: Run Live Tests
-        run: dotnet test ./tests/OpenAI.Tests.csproj
-          --configuration Release
-          --filter="TestCategory!=Smoke&TestCategory!=Assistants&TestCategory!=Images&TestCategory!=Uploads&TestCategory!=Moderations&TestCategory!=FineTuning&TestCategory!=Conversation&TestCategory!=Manual"
-          --logger "trx;LogFilePrefix=live"
-          --results-directory ${{ github.workspace }}/artifacts/test-results
-          ${{ env.version_suffix_args }}
-        env:
-          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
+#      - name: Run Live Tests
+#        run: dotnet test ./tests/OpenAI.Tests.csproj
+#          --configuration Release
+#          --filter="TestCategory!=Smoke&TestCategory!=Assistants&TestCategory!=Images&TestCategory!=Uploads&TestCategory!=Moderations&TestCategory!=FineTuning&TestCategory!=Conversation&TestCategory!=Manual"
+#          --logger "trx;LogFilePrefix=live"
+#          --results-directory ${{ github.workspace }}/artifacts/test-results
+#          ${{ env.version_suffix_args }}
+#        env:
+#          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
 
       - name: Upload artifact
         uses: actions/upload-artifact@v4
@@ -164,10 +164,10 @@ jobs:
             --api-key ${{ secrets.GITHUB_TOKEN }}
             --skip-duplicate
 
-      - name: Publish package to nuget.org
-        if: github.event_name == 'release'
-        run: dotnet nuget push
-            ${{ github.workspace }}/build-artifacts/packages/*.nupkg
-            --source https://api.nuget.org/v3/index.json
-            --api-key ${{ secrets.NUGET_API_KEY }}
-            --skip-duplicate
+#      - name: Publish package to nuget.org
+#        if: github.event_name == 'release'
+#        run: dotnet nuget push
+#            ${{ github.workspace }}/build-artifacts/packages/*.nupkg
+#            --source https://api.nuget.org/v3/index.json
+#            --api-key ${{ secrets.NUGET_API_KEY }}
+#            --skip-duplicate

From 4784fd76d3adc106f093a23dbe6b00d4204ce8f7 Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Tue, 22 Jul 2025 10:18:35 -0700
Subject: [PATCH 04/13] Update .github/workflows/release.yml

Co-authored-by: Scott Addie <10702007+scottaddie@users.noreply.github.com>
---
 .github/workflows/release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index d5bdd964a..ae50ad4cc 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -110,7 +110,7 @@ jobs:
         **/*.nupkg
         --base-directory "${{ github.workspace }}/build-artifacts/packages"
         --publisher-name "OpenAI"
-        --description "OpenAI SDK for .NET"
+        --description "OpenAI library for .NET"
         --description-url "https://github.com/openai/openai-dotnet"
         --azure-key-vault-managed-identity true
         --azure-key-vault-url "https://sc-openaisdk.vault.azure.net/"

From e092361fce1b6188776793fe842fc4d49f742577 Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Tue, 22 Jul 2025 10:18:51 -0700
Subject: [PATCH 05/13] Update release.yml

---
 .github/workflows/release.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index ae50ad4cc..717a282b9 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -97,7 +97,6 @@ jobs:
     - name: 'Az CLI login'
       uses: azure/login@v2
       with:
-        allow-no-subscriptions: true
         client-id: 80125de0-6f58-4f16-bd05-b2fa621d36a5
         tenant-id: 16076fdc-fcc1-4a15-b1ca-32c9a255900e
         subscription-id: 997e7c30-fd83-4b3d-bcf5-492e194f9b98

From 9c1d2306eef21b2c098fcbba65c24a40a24d65c3 Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Tue, 22 Jul 2025 13:29:41 -0700
Subject: [PATCH 06/13] Update release.yml

---
 .github/workflows/release.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 717a282b9..6d5665941 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -99,7 +99,8 @@ jobs:
       with:
         client-id: 80125de0-6f58-4f16-bd05-b2fa621d36a5
         tenant-id: 16076fdc-fcc1-4a15-b1ca-32c9a255900e
-        subscription-id: 997e7c30-fd83-4b3d-bcf5-492e194f9b98
+        #subscription-id: 997e7c30-fd83-4b3d-bcf5-492e194f9b98
+        allow-no-subscriptions: true
 
     # Run the signing command
     - name: Sign artifacts

From a67a22d38657f42de06f0b33ec4b59b08827e618 Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Tue, 22 Jul 2025 13:55:34 -0700
Subject: [PATCH 07/13] Update release.yml

---
 .github/workflows/release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 6d5665941..d57a30a25 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -112,7 +112,7 @@ jobs:
         --publisher-name "OpenAI"
         --description "OpenAI library for .NET"
         --description-url "https://github.com/openai/openai-dotnet"
-        --azure-key-vault-managed-identity true
+        --managed-identity-client-id 80125de0-6f58-4f16-bd05-b2fa621d36a5
         --azure-key-vault-url "https://sc-openaisdk.vault.azure.net/"
         --azure-key-vault-certificate "OpenAISDKSCCert"
     

From c59f77192bd51ab98acac3a52543372d0ba6e0a1 Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Tue, 22 Jul 2025 15:29:46 -0700
Subject: [PATCH 08/13] Update release.yml

---
 .github/workflows/release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index d57a30a25..1a33a568e 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -112,7 +112,7 @@ jobs:
         --publisher-name "OpenAI"
         --description "OpenAI library for .NET"
         --description-url "https://github.com/openai/openai-dotnet"
-        --managed-identity-client-id 80125de0-6f58-4f16-bd05-b2fa621d36a5
+        --azure-credential-type "azure-cli"
         --azure-key-vault-url "https://sc-openaisdk.vault.azure.net/"
         --azure-key-vault-certificate "OpenAISDKSCCert"
     

From fb8b0e5498d4b44529a51358a925ed7880cbab0f Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Tue, 22 Jul 2025 15:35:50 -0700
Subject: [PATCH 09/13] Update release.yml

---
 .github/workflows/release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 1a33a568e..3439f5807 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -120,7 +120,7 @@ jobs:
       uses: actions/upload-artifact@v4
       with:
         name: build-artifacts-signed
-        path: ${{ github.workspace }}/artifacts
+        path: ${{ github.workspace }}/build-artifacts
         
   deploy:
     name: Publish Package

From b87bb600cecc15d6e82ee82c75f0c42d696f9daf Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Tue, 22 Jul 2025 15:41:20 -0700
Subject: [PATCH 10/13] Update release.yml

---
 .github/workflows/release.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 3439f5807..c4abc1127 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -148,6 +148,8 @@ jobs:
         run: |
           gh release edit "${{ github.event.release.tag_name }}" \
             --notes "See full changelog: ${{ github.server_url }}/${{ github.repository }}/blob/${{ github.event.release.tag_name }}/CHANGELOG.md"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: NuGet authenticate
         run: dotnet nuget add source

From 7fbbbc4b6bf5d7d61e166e2e145f38bfaeafe1fc Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Tue, 22 Jul 2025 15:53:36 -0700
Subject: [PATCH 11/13] Update release.yml

---
 .github/workflows/release.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c4abc1127..287627d6b 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -151,6 +151,11 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
+      - name: Setup .NET
+        uses: actions/setup-dotnet@v3
+        with:
+          dotnet-version: '9.x'
+
       - name: NuGet authenticate
         run: dotnet nuget add source
           "https://nuget.pkg.github.com/${{ github.repository_owner }}/index.json"

From 11865f2a0bf856dee29fe83ba38ba92490572df1 Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Wed, 23 Jul 2025 09:11:39 -0700
Subject: [PATCH 12/13] Update release.yml

---
 .github/workflows/release.yml | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 287627d6b..fb13db6e7 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -83,26 +83,21 @@ jobs:
         name: build-artifacts
         path: ${{ github.workspace }}/build-artifacts
     
-    # .NET is required on the agent for the tool to run
     - name: Setup .NET
       uses: actions/setup-dotnet@v3
       with:
         dotnet-version: '9.x'
-
-    # Install the code signing tool    
+  
     - name: Install Sign CLI tool
       run: dotnet tool install --tool-path . --prerelease sign
     
-    # Login to Azure using a ServicePrincipal configured to authenticate agaist a GitHub Action
     - name: 'Az CLI login'
       uses: azure/login@v2
       with:
         client-id: 80125de0-6f58-4f16-bd05-b2fa621d36a5
         tenant-id: 16076fdc-fcc1-4a15-b1ca-32c9a255900e
-        #subscription-id: 997e7c30-fd83-4b3d-bcf5-492e194f9b98
         allow-no-subscriptions: true
 
-    # Run the signing command
     - name: Sign artifacts
       shell: pwsh
       run: >

From 38e5c71f7bd8c9f8a3ad64f6f58ce8b933ff59c6 Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Wed, 23 Jul 2025 09:23:57 -0700
Subject: [PATCH 13/13] Update release.yml

---
 .github/workflows/release.yml | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index fb13db6e7..ca3d42328 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -52,15 +52,15 @@ jobs:
           --logger "trx;LogFileName=${{ github.workspace }}/artifacts/test-results/smoke.trx"
           ${{ env.version_suffix_args }}
 
-#      - name: Run Live Tests
-#        run: dotnet test ./tests/OpenAI.Tests.csproj
-#          --configuration Release
-#          --filter="TestCategory!=Smoke&TestCategory!=Assistants&TestCategory!=Images&TestCategory!=Uploads&TestCategory!=Moderations&TestCategory!=FineTuning&TestCategory!=Conversation&TestCategory!=Manual"
-#          --logger "trx;LogFilePrefix=live"
-#          --results-directory ${{ github.workspace }}/artifacts/test-results
-#          ${{ env.version_suffix_args }}
-#        env:
-#          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
+      - name: Run Live Tests
+        run: dotnet test ./tests/OpenAI.Tests.csproj
+          --configuration Release
+          --filter="TestCategory!=Smoke&TestCategory!=Assistants&TestCategory!=Images&TestCategory!=Uploads&TestCategory!=Moderations&TestCategory!=FineTuning&TestCategory!=Conversation&TestCategory!=Manual"
+          --logger "trx;LogFilePrefix=live"
+          --results-directory ${{ github.workspace }}/artifacts/test-results
+          ${{ env.version_suffix_args }}
+        env:
+          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
 
       - name: Upload artifact
         uses: actions/upload-artifact@v4
@@ -166,10 +166,10 @@ jobs:
             --api-key ${{ secrets.GITHUB_TOKEN }}
             --skip-duplicate
 
-#      - name: Publish package to nuget.org
-#        if: github.event_name == 'release'
-#        run: dotnet nuget push
-#            ${{ github.workspace }}/build-artifacts/packages/*.nupkg
-#            --source https://api.nuget.org/v3/index.json
-#            --api-key ${{ secrets.NUGET_API_KEY }}
-#            --skip-duplicate
+      - name: Publish package to nuget.org
+        if: github.event_name == 'release'
+        run: dotnet nuget push
+            ${{ github.workspace }}/build-artifacts/packages/*.nupkg
+            --source https://api.nuget.org/v3/index.json
+            --api-key ${{ secrets.NUGET_API_KEY }}
+            --skip-duplicate