Update actions workflows #38
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Hot Potato CI | |
on: | |
push: | |
branches: | |
- '*' | |
pull_request: | |
branches: | |
- main | |
jobs: | |
build: | |
uses: ./.github/workflows/build.yml | |
generate-sbom: | |
runs-on: ubuntu-latest | |
if: ${{ (github.ref_name == 'main') || (github.event_name == 'pull_request') || contains(github.event.commits.message, '+sbom') }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Generate sbom | |
uses: anchore/sbom-action@v0.14.3 | |
push-packages: | |
runs-on: ubuntu-latest | |
needs: build | |
if: ${{ (github.ref_name == 'main') || (github.event_name == 'pull_request') || contains(github.event.commits.message, '+push') }} | |
permissions: | |
packages: write | |
steps: | |
- name: Download artifacts | |
uses: actions/download-artifact@v3.0.2 | |
with: | |
name: nuget-packages | |
path: ./nuget | |
- name: Setup Nuget Source | |
run: | | |
dotnet nuget add source \ | |
--username ${{ github.repository_owner }} \ | |
--password ${{ secrets.GITHUB_TOKEN }} \ | |
--store-password-in-clear-text \ | |
--name github \ | |
"https://nuget.pkg.github.com/${{ github.repository_owner }}/index.json" | |
- name: NuGet push | |
run: | | |
dotnet nuget push ./nuget/**/*.nupkg \ | |
-k ${{ secrets.GITHUB_TOKEN }} \ | |
-s "github" \ | |
--skip-duplicate | |
# TODO: This mostly works, but is still failing. | |
# test-packages: | |
# needs: [build, push-packages] | |
# uses: ./.github/workflows/package-tests.yml | |
# with: | |
# version: ${{ needs.build.outputs.version }} | |
create-tag: | |
runs-on: ubuntu-latest | |
needs: build | |
if: ${{ github.ref_name == 'main' }} | |
permissions: | |
contents: write | |
steps: | |
- name: Create tag | |
uses: actions/github-script@v6 | |
env: | |
VERSION: '${{ needs.build.outputs.version }}' | |
with: | |
script: | | |
const { VERSION } = process.env | |
github.rest.git.createRef({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
ref: `refs/tags/${VERSION}`, | |
sha: context.sha | |
}); | |
create-release: | |
needs: [build, create-tag] | |
runs-on: ubuntu-latest | |
if: ${{ success() && github.ref_name == 'main' }} | |
steps: | |
- name: Download packages | |
uses: actions/download-artifact@v3.0.2 | |
with: | |
path: ./artifacts | |
- name: Create Release | |
run: gh release create ${{ needs.build.outputs.version }} ./artifacts/* --draft --verify-tag -title "Hot Potato ${{ needs.build.outputs.version }}" |