diff --git a/publish-nuget/action.yaml b/publish-nuget/action.yaml index 5b9de39..6fe7dfc 100644 --- a/publish-nuget/action.yaml +++ b/publish-nuget/action.yaml @@ -2,46 +2,79 @@ name: "publish-nuget" description: "Publishes a NuGet package to a Gitea-hosted NuGet registry and attests to its contents." inputs: - package-name: - description: "Name of the NuGet package, e.g. Oceanbox.FvcomKit." + package-path: + description: "Path to the package directory relative to src/, e.g. Oceanbox.FvcomKit" required: true nuget-key: description: "API key with which to authenticate to the NuGet registry." required: true - nupkg-dir: - description: | - Directory in which to find the NuGet .nupkg file. We will search one level deep inside this directory for nupkg files named {package-name}.{any-string}.nupkg. - Note that this action is not designed to work if you have two .nupkg files inside this directory, one called Foo.0.0.0.nupkg and one called Foo.Bar.0.0.0.nupkg; - you should make sure there's only one package in this directory. + registry: + description: "Gitea registry domain, e.g. git.oceanbox.io" required: true - registry-url: - description: "URL of the NuGet registry, e.g. https://git.oceanbox.io/api/packages/oceanbox/nuget/index.json" + default: "git.oceanbox.io" + registry-owner: + description: "Registry owner/organization name, e.g. oceanbox" required: true - default: "https://git.oceanbox.io/api/packages/oceanbox/nuget/index.json" + default: "oceanbox" source-name: description: "Name to use for the NuGet source when adding it." required: false default: "gitea-nuget" - dotnet: - description: "Path to the `dotnet` executable, if you want to override the default (e.g. because you wish to operate inside a Nix devshell)." + nupkg-dir: + description: "Directory where .nupkg files will be output" required: false - default: "dotnet" - skip-duplicate: - description: 'If set to "true", skips publishing if the package version already exists.' + default: "./nupkgs" + configuration: + description: "Build configuration (Release or Debug)" required: false - default: "true" + default: "Release" + dotnet-restore-args: + description: "Additional arguments to pass to dotnet restore" + required: false + default: "" + dotnet-build-args: + description: "Additional arguments to pass to dotnet build" + required: false + default: "" + dotnet-pack-args: + description: "Additional arguments to pass to dotnet pack" + required: false + default: "-p:TargetsForTfmSpecificContentInPackage=" runs: using: "composite" steps: - - name: Publish to NuGet Registry + - name: Prep NuGet source shell: bash - id: publish-success - env: - NUGET_API_KEY: ${{ inputs.nuget-key }} - PACKAGE_DIR: ${{ inputs.nupkg-dir }} - PACKAGE_NAME: ${{ inputs.package-name }} - DOTNET_EXE: ${{ inputs.dotnet }} - REGISTRY_URL: ${{ inputs.registry-url }} - SOURCE_NAME: ${{ inputs.source-name }} - SKIP_DUPLICATE: ${{ inputs.skip-duplicate }} - run: '$GITHUB_ACTION_PATH/nuget_push.sh "$PACKAGE_DIR"/"$PACKAGE_NAME".*.nupkg' + run: | + nix-shell --run 'set -o pipefail; set -o nounset; set -o errexit; + dotnet nuget add source --name ${{ inputs.source-name }} "https://${{ inputs.registry }}/api/packages/${{ inputs.registry-owner }}/nuget/index.json"' + + - name: Restore dependencies + shell: bash + run: | + nix-shell --run "set -o pipefail; set -o nounset; set -o errexit; + dotnet restore src/${{ inputs.package-path }} ${{ inputs.dotnet-restore-args }}" + + - name: Build + shell: bash + run: | + nix-shell --run "set -o pipefail; set -o nounset; set -o errexit; + dotnet build --no-restore --configuration ${{ inputs.configuration }} src/${{ inputs.package-path }} ${{ inputs.dotnet-build-args }}" + + - name: Pack + shell: bash + run: | + nix-shell --run "set -o pipefail; set -o nounset; set -o errexit; + dotnet pack src/${{ inputs.package-path }} --no-restore ${{ inputs.dotnet-pack-args }} --configuration ${{ inputs.configuration }} -o ${{ inputs.nupkg-dir }}" + + - name: Publish NuGet package + shell: bash + run: | + nix-shell --run "set -o pipefail; set -o nounset; set -o errexit; + dotnet nuget push ${{ inputs.nupkg-dir }}/${{ inputs.package-path }}.*.nupkg --api-key ${{ inputs.nuget-key }} --source '${{ inputs.source-name }}' --skip-duplicate" + + # TODO: Add attestation + # - name: Attest Build Provenance + # uses: actions/attest-build-provenance@v1 + # with: + # subject-path: ${{ inputs.nupkg-dir }}/${{ inputs.package-path }}.*.nupkg diff --git a/publish-nuget/nuget_push.sh b/publish-nuget/nuget_push.sh deleted file mode 100644 index 2a81e32..0000000 --- a/publish-nuget/nuget_push.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/usr/bin/env bash -set -euo pipefail - -# Script to publish NuGet packages to a Gitea registry -# Usage: nuget_push.sh - -NUPKG_PATTERN="${1:?Missing nupkg pattern argument}" - -# Function to run commands, optionally in nix-shell -run_cmd() { - nix-shell --run "$*" -} - -# Find the nupkg file -NUPKG_FILE=$(find "$(dirname "$NUPKG_PATTERN")" -maxdepth 1 -name "$(basename "$NUPKG_PATTERN")" -type f | head -n 1) - -if [[ -z "$NUPKG_FILE" ]]; then - echo "Error: No .nupkg file found matching pattern: $NUPKG_PATTERN" - exit 1 -fi - -echo "Found package: $NUPKG_FILE" - -# Extract version from filename -FILENAME=$(basename "$NUPKG_FILE") -VERSION=$(echo "$FILENAME" | sed -E "s/^${PACKAGE_NAME}\.(.+)\.nupkg$/\1/") -echo "Package version: $VERSION" - -# Add NuGet source if not already present -echo "Configuring NuGet source: $SOURCE_NAME" -run_cmd "$DOTNET_EXE nuget list source" | grep -q "$SOURCE_NAME" || \ - run_cmd "$DOTNET_EXE nuget add source --name \"$SOURCE_NAME\" \"$REGISTRY_URL\"" - -# Publish the package -echo "Publishing package to $SOURCE_NAME..." - -PUSH_CMD="$DOTNET_EXE nuget push \"$NUPKG_FILE\" --api-key \"$NUGET_API_KEY\" --source \"$SOURCE_NAME\"" - -if [[ "${SKIP_DUPLICATE:-true}" == "true" ]]; then - PUSH_CMD="$PUSH_CMD --skip-duplicate" -fi - -if run_cmd "$PUSH_CMD"; then - # Check if it was skipped or actually pushed - # If skip-duplicate is enabled and package exists, dotnet exits with 0 but prints a message - echo "result=published" >> "$GITHUB_OUTPUT" - echo "version=$VERSION" >> "$GITHUB_OUTPUT" - echo "Successfully published (or skipped duplicate): $PACKAGE_NAME $VERSION" -else - echo "result=failed" >> "$GITHUB_OUTPUT" - echo "Failed to publish package" - exit 1 -fi