Skip to content

Commit

Permalink
Use new release method (#5)
Browse files Browse the repository at this point in the history
  • Loading branch information
jborean93 authored Sep 25, 2023
1 parent fb004c8 commit 773a026
Show file tree
Hide file tree
Showing 4 changed files with 91 additions and 88 deletions.
56 changes: 20 additions & 36 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,36 +8,45 @@ on:
branches:
- main

release:
types:
- published

env:
DOTNET_CLI_TELEMETRY_OPTOUT: 1
POWERSHELL_TELEMETRY_OPTOUT: 1
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
DOTNET_NOLOGO: true
BUILD_CONFIGURATION: ${{ fromJSON('["Debug", "Release"]')[startsWith(github.ref, 'refs/tags/v')] }}
BUILD_CONFIGURATION: ${{ fromJSON('["Debug", "Release"]')[github.ref == 'refs/heads/main'] }}

jobs:
build:
name: build
runs-on: ubuntu-latest
permissions:
id-token: write # Azure OIDC auth
contents: read # Repo checkout

steps:
- name: Check out repository
uses: actions/checkout@v3

- name: Build module - Debug
- name: OIDC Login to Azure
if: ${{ env.BUILD_CONFIGURATION == 'Release' }}
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

- name: Build module - Release
if: ${{ env.BUILD_CONFIGURATION == 'Release' }}
shell: pwsh
run: ./build.ps1 -Configuration $env:BUILD_CONFIGURATION -Task Build
if: ${{ env.BUILD_CONFIGURATION == 'Debug' }}
env:
AZURE_KEYVAULT_NAME: ${{ secrets.AZURE_KEYVAULT_NAME }}
AZURE_KEYVAULT_CERT: ${{ secrets.AZURE_KEYVAULT_CERT }}

- name: Build module - Publish
- name: Build module - Debug
shell: pwsh
run: ./build.ps1 -Configuration $env:BUILD_CONFIGURATION -Task Build
if: ${{ env.BUILD_CONFIGURATION == 'Release' }}
env:
AZURE_KEYVAULT_CREDENTIALS: ${{ secrets.AZURE_KEYVAULT_CREDENTIALS }}
if: ${{ env.BUILD_CONFIGURATION == 'Debug' }}

- name: Capture PowerShell Module
uses: actions/upload-artifact@v3
Expand Down Expand Up @@ -133,28 +142,3 @@ jobs:
with:
files: ./output/TestResults/Coverage.xml
flags: ${{ matrix.info.name }}

publish:
name: publish
if: startsWith(github.ref, 'refs/tags/v')
needs:
- build
- test
runs-on: ubuntu-latest
steps:
- name: Restore Built PowerShell Module
uses: actions/download-artifact@v3
with:
name: PSModule
path: ./

- name: Publish to Gallery
if: github.event_name == 'release'
shell: pwsh
run: >-
dotnet nuget push '*.nupkg'
--api-key $env:PSGALLERY_TOKEN
--source 'https://www.powershellgallery.com/api/v2/package'
--no-symbols
env:
PSGALLERY_TOKEN: ${{ secrets.PSGALLERY_TOKEN }}
36 changes: 36 additions & 0 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
name: Publish module
on:
release:
types:
- published

jobs:
build:
name: publish
if: startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
permissions:
contents: write # Needed for GitHub release asset task

steps:
- name: Download
uses: dawidd6/action-download-artifact@v2
with:
workflow: ci.yml
commit: ${{ github.sha }}
name: PSModule

- name: Upload nupkg as release asset
uses: softprops/action-gh-release@v1
with:
files: '*.nupkg'

- name: Publish to the PowerShell Gallery
shell: pwsh
run: >-
dotnet nuget push '*.nupkg'
--api-key $env:PSGALLERY_TOKEN
--source 'https://www.powershellgallery.com/api/v2/package'
--no-symbols
env:
PSGALLERY_TOKEN: ${{ secrets.PSGALLERY_TOKEN }}
83 changes: 33 additions & 50 deletions PSToml.build.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -84,26 +84,16 @@ task CopyToRelease {
}

task Sign {
if (-not $env:AZURE_KEYVAULT_CREDENTIALS) {
$vaultName = $env:AZURE_KEYVAULT_NAME
$vaultCert = $env:AZURE_KEYVAULT_CERT
if (-not $vaultName -or -not $vaultCert) {
return
}

$credInfo = ConvertFrom-Json -InputObject $env:AZURE_KEYVAULT_CREDENTIALS
$vaultName = $credInfo.vaultName
$vaultCert = $credInfo.vaultCert

$env:AZURE_CLIENT_ID = $credInfo.clientId
$env:AZURE_CLIENT_SECRET = $credInfo.clientSecret
$env:AZURE_TENANT_ID = $credInfo.tenantId
$key = Get-OpenAuthenticodeAzKey -Vault $vaultName -Certificate $vaultCert
$env:AZURE_CLIENT_ID = ''
$env:AZURE_CLIENT_SECRET = ''
$env:AZURE_TENANT_ID = ''

$signParams = @{
Key = $key
TimeStampServer = 'http://timestamp.digicert.com'
HashAlgorithm = 'SHA256'
}

Get-ChildItem -LiteralPath $ReleasePath -Recurse -ErrorAction SilentlyContinue |
Expand Down Expand Up @@ -182,16 +172,14 @@ task DoUnitTest {
'test'
$testsPath
'--results-directory', $tempResultsPath
if ($Configuration -eq 'Debug') {
'--collect:"XPlat Code Coverage"'
'--'
"$runSettingsPrefix.Format=json"
if ($UseNativeArguments) {
"$runSettingsPrefix.IncludeDirectory=`"$CSharpPath`""
}
else {
"$runSettingsPrefix.IncludeDirectory=\`"$CSharpPath\`""
}
'--collect:"XPlat Code Coverage"'
'--'
"$runSettingsPrefix.Format=json"
if ($UseNativeArguments) {
"$runSettingsPrefix.IncludeDirectory=`"$CSharpPath`""
}
else {
"$runSettingsPrefix.IncludeDirectory=\`"$CSharpPath\`""
}
)

Expand All @@ -202,9 +190,7 @@ task DoUnitTest {
throw "Unit tests failed"
}

if ($Configuration -eq 'Debug') {
Move-Item -Path $tempResultsPath/*/*.json -Destination $resultsPath/UnitCoverage.json -Force
}
Move-Item -Path $tempResultsPath/*/*.json -Destination $resultsPath/UnitCoverage.json -Force
}
finally {
Remove-Item -LiteralPath $tempResultsPath -Force -Recurse
Expand Down Expand Up @@ -235,33 +221,30 @@ task DoTest {
'-OutputFile', $resultsFile
)

if ($Configuration -eq 'Debug') {
# We use coverlet to collect code coverage of our binary
$unitCoveragePath = [IO.Path]::Combine($resultsPath, 'UnitCoverage.json')
$targetArgs = '"' + ($arguments -join '" "') + '"'
# We use coverlet to collect code coverage of our binary
$unitCoveragePath = [IO.Path]::Combine($resultsPath, 'UnitCoverage.json')
$targetArgs = '"' + ($arguments -join '" "') + '"'

if ($UseNativeArguments) {
$watchFolder = [IO.Path]::Combine($ReleasePath, 'bin', $PSFramework)
}
else {
$targetArgs = '"' + ($targetArgs -replace '"', '\"') + '"'
$watchFolder = '"{0}"' -f ([IO.Path]::Combine($ReleasePath, 'bin', $PSFramework))
}

$arguments = @(
$watchFolder
'--target', $pwsh
'--targetargs', $targetArgs
'--output', ([IO.Path]::Combine($resultsPath, 'Coverage.xml'))
'--format', 'cobertura'
if (Test-Path -LiteralPath $unitCoveragePath) {
'--merge-with', $unitCoveragePath
}
)
$pwsh = 'coverlet'
if ($UseNativeArguments) {
$watchFolder = [IO.Path]::Combine($ReleasePath, 'bin', $PSFramework)
}
else {
$targetArgs = '"' + ($targetArgs -replace '"', '\"') + '"'
$watchFolder = '"{0}"' -f ([IO.Path]::Combine($ReleasePath, 'bin', $PSFramework))
}

$arguments = @(
$watchFolder
'--target', $pwsh
'--targetargs', $targetArgs
'--output', ([IO.Path]::Combine($resultsPath, 'Coverage.xml'))
'--format', 'cobertura'
if (Test-Path -LiteralPath $unitCoveragePath) {
'--merge-with', $unitCoveragePath
}
)

&$pwsh $arguments
& coverlet $arguments
if ($LASTEXITCODE) {
throw "Pester failed tests"
}
Expand Down
4 changes: 2 additions & 2 deletions requirements-dev.psd1
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
@{
InvokeBuild = '5.10.4'
OpenAuthenticode = '0.2.0'
Pester = '5.4.1'
OpenAuthenticode = '0.4.0'
Pester = '5.5.0'
platyPS = '0.14.2'
PSScriptAnalyzer = '1.21.0'
}

0 comments on commit 773a026

Please sign in to comment.