-
Notifications
You must be signed in to change notification settings - Fork 17
95 lines (87 loc) · 3.31 KB
/
release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
name: Ion Hash DotNet Release
on:
release:
types: [ created ]
jobs:
test:
name: Test
if: startsWith(github.ref, 'refs/tags/')
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ windows-latest ]
dotnet: ['2.1']
steps:
- name: Git Checkout
uses: actions/checkout@v2
with:
submodules: recursive
- name: Setup .NET
uses: actions/setup-dotnet@v1
with:
dotnet-version: ${{ matrix.dotnet }}
- name: Build
run: dotnet build --configuration Release
- name: Unit test
run: dotnet test --configuration Release --no-build --no-restore --verbosity normal
release:
name: Release
if: startsWith(github.ref, 'refs/tags/')
needs: [test]
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ windows-latest ]
dotnet: ['2.1']
steps:
- uses: aws-actions/configure-aws-credentials@v1
with:
role-skip-session-tagging: true
aws-region: us-west-2
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
role-external-id: ${{ secrets.AWS_ROLE_EXTERNAL_ID }}
role-duration-seconds: 900
- name: Setup .NET
uses: actions/setup-dotnet@v1
with:
dotnet-version: ${{ matrix.dotnet }}
- name: Git Checkout
uses: actions/checkout@v2
with:
submodules: recursive
- name: Sign
shell: bash
run: |
dotnet build --configuration Release
# Push unsigned DLL to S3
version_id=$( aws s3api put-object --bucket ${{ secrets.AWS_UNSIGNED_BUCKET }} --key ${{ secrets.AWS_KEY }} --body Amazon.IonHashDotnet/bin/Release/netstandard2.0/Amazon.IonHashDotnet.dll --acl bucket-owner-full-control | jq '.VersionId' )
job_id=""
# Attempt to get Job ID from bucket tagging, will retry up to 3 times before exiting with a failure code.
# Will sleep for 5 seconds between retries.
for (( i=0; i<3; i++ ))
do
# Get job ID
id=$( aws s3api get-object-tagging --bucket ${{ secrets.AWS_UNSIGNED_BUCKET }} --key ${{ secrets.AWS_KEY }} --version-id ${version_id} | jq -r '.TagSet[0].Value' )
if [ $id != "null" ]
then
job_id=$id
break
fi
sleep 5s
done
if [[ $job_id = "" ]]
then
echo "Exiting because unable to retrieve job ID"
exit 1
fi
# Poll signed S3 bucket to see if the signed artifact is there
aws s3api wait object-exists --bucket ${{ secrets.AWS_SIGNED_BUCKET }} --key ${{ secrets.AWS_KEY }}-${job_id}
# Get signed DLL from S3
aws s3api get-object --bucket ${{ secrets.AWS_SIGNED_BUCKET }} --key ${{ secrets.AWS_KEY }}-${job_id} Amazon.IonHashDotnet/bin/Release/netstandard2.0/Amazon.IonHashDotnet.dll
- name: release
shell: bash
run: |
dotnet pack --configuration Release --no-build
dotnet nuget push Amazon.IonHashDotnet/bin/Release/Amazon.IonHashDotnet.*.nupkg --api-key ${{ secrets.AWS_NUGET_KEY }} --source https://api.nuget.org/v3/index.json