[gh-actions] publishing nuget package on release

Author: springcomp

.github/workflows/publish.yaml

@@ -0,0 +1,76 @@
+name: 🚀 release
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  release:
+    name: 🚀 release
+    runs-on: windows-latest
+    permissions:
+      contents: read
+      id-token: write # enable GitHub OIDC token issuance for this job
+
+    steps:
+      - name: 📚 checkout
+        uses: actions/checkout@v4
+
+      - name: ⚙️ Setup .NET
+        uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: "6.0.x"
+
+      - name: 🔓 Decrypt strong-name key
+        run: bin/EncryptDecryptFile.PS1
+        shell: pwsh
+        env:
+          SN_PASSPHRASE: ${{ secrets.SN_PASSPHRASE }}
+          SN_SALT: ${{ secrets.SN_SALT }}
+          SN_INIT: ${{ secrets.SN_INIT }}
+
+      - name: 📝 Update version
+        run: bin/Update-Version.PS1 -Version "$env:VERSION"
+        shell: pwsh
+        env:
+          VERSION: ${{ github.ref_name }}
+
+      - name: 📦 Restore dependencies
+        run: dotnet restore jmespath.net.sln
+
+      - name: 🔨 Build
+        run: dotnet build jmespath.net.sln --configuration Release --no-restore
+
+      - name: 🏗️ Create NuGet packages
+        run: |
+          dotnet pack --no-build "src/jmespath.net" -c Release
+          $targetPath = "src/jmespath.net.parser/bin/Release"
+          cp "src/jmespath.net.parser/JmesPath.Net.Parser.nuspec" $targetPath
+          mkdir "$targetPath/lib" | Out-Null
+          mv "$targetPath/netstandard1.3" "$targetPath/lib/netstandard1.3"
+          mv "$targetPath/netstandard2.1" "$targetPath/lib/netstandard2.1"
+          mv "$targetPath/net45" "$targetPath/lib/net45"
+          cd $targetPath
+          nuget pack
+        shell: pwsh
+
+      # Use the ambient GitHub token to login to NuGet and retrieve an API key
+      - name: 🔑 NuGet login (OIDC → temp API key)
+        uses: NuGet/login@v1
+        id: login
+        with:
+          # Secret is your NuGet username, e.g. 'jmespath-community'
+          user: ${{ secrets.NUGET_USER }}
+
+      - name: 📤 Push to NuGet
+        # Only push to NuGet if we're building a tag (optional)
+        if: startsWith(github.ref, 'refs/tags/')
+        shell: pwsh
+        # Loop through all the packages in the output folder and push them to
+        # nuget.org, using the NUGET_API_KEY generated by the previous login step
+        run: |
+          Get-ChildItem src/ -Filter *.nupkg | ForEach-Object {
+            dotnet nuget push $_.FullName `
+              --api-key "${{ steps.login.outputs.NUGET_API_KEY }}" `
+              --source https://api.nuget.org/v3/index.json
+          }

bin/EncryptDecryptFile.PS1

@@ -1,17 +1,30 @@
+[CmdletBinding()]
+param(
+  [switch]$Encrypt
+)
+
 #################
 # Powershell Allows The Loading of .NET Assemblies
-# Load the Security assembly to use with this script 
+# Load the Security assembly to use with this script
 #################
-[Reflection.Assembly]::LoadWithPartialName("System.Security")
+[Reflection.Assembly]::LoadWithPartialName("System.Security") | Out-Null
 
 #################
 # This function is to Encrypt A String.
 # $string is the string to encrypt, $passphrase is a second security "password" that has to be passed to decrypt.
 # $salt is used during the generation of the crypto password to prevent password guessing.
 # $init is used to compute the crypto hash -- a checksum of the encryption
 #################
-function Encrypt-File($path, $Passphrase, $salt="SaltCrypto", $init="IV_Password", $outputPath)
+Function Encrypt-File
 {
+  param(
+    [string] $path,
+    [string] $Passphrase,
+    [string] $outputPath,
+    [string] $salt="SaltCrypto",
+    [string] $init="IV_Password"
+  )
+
     # Create a COM Object for RijndaelManaged Cryptography
 	$r = new-Object System.Security.Cryptography.RijndaelManaged
 	# Convert the Passphrase to UTF8 Bytes
@@ -23,8 +36,8 @@ function Encrypt-File($path, $Passphrase, $salt="SaltCrypto", $init="IV_Password
 	$r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes $pass, $salt, "SHA1", 5).GetBytes(32) #256/8
 	# Create the Intersecting Vector Cryptology Hash with the init
 	$r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
-	
-	# Starts the New Encryption using the Key and IV   
+
+	# Starts the New Encryption using the Key and IV
 	$c = $r.CreateEncryptor()
 	# Creates a MemoryStream to do the encryption in
 	$ms = new-Object IO.MemoryStream
@@ -48,8 +61,16 @@ function Encrypt-File($path, $Passphrase, $salt="SaltCrypto", $init="IV_Password
     $os.Close();
 }
 
-function Decrypt-File($path, $Passphrase, $salt="SaltCrypto", $init="IV_Password", $OutputPath)
+Function Decrypt-File
 {
+  param(
+    [string] $path,
+    [string] $Passphrase,
+    [string] $OutputPath,
+    [string] $salt="SaltCrypto",
+    [string] $init="IV_Password"
+  )
+
 	# Create a COM Object for RijndaelManaged Cryptography
 	$r = new-Object System.Security.Cryptography.RijndaelManaged
 	# Convert the Passphrase to UTF8 Bytes
@@ -63,33 +84,50 @@ function Decrypt-File($path, $Passphrase, $salt="SaltCrypto", $init="IV_Password
 	$r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
 
     $fs = [IO.File]::OpenRead($path)
-    
+
 	# Create a new Decryptor
 	$d = $r.CreateDecryptor()
 	# Create a New memory stream with the encrypted value.
-	
+
 	# Read the new memory stream and read it in the cryptology stream
 	$cs = new-Object Security.Cryptography.CryptoStream $fs,$d,"Read"
 	# Read the new decrypted stream
 
 	# Return from the function the stream
-	
+
     $os = [IO.File]::Open($outputPath, [IO.FileMode]::Truncate, [IO.FileAccess]::Write);
     $cs.CopyTo($os);
 
     $os.Close();
     # Stops the crypology stream
 	$cs.Close()
-	
+
 	# Stops the memory stream
 	$fs.Close()
 	# Clears the RijndaelManaged Cryptology IV and Key
 	$r.Clear()
 }
 
-Decrypt-File `
-	-path "C:\projects\jmespath-net\src\jmespath.net.snk.crypted" `
-	-Passphrase $env:SNK_PASSPHRASE `
-	-salt $env:SNK_SALT `
-	-init $env:SNK_INIT `
-	-outputPath "C:\projects\jmespath-net\src\jmespath.net.snk"
+$SRC_DIR = (Resolve-Path -Path (
+  Join-Path -Path $PSScriptRoot -ChildPath "..")).Path
+
+$STRONG_NAME_PLAINTEXT_KEY_PATH="$($SRC_DIR)/src/jmespath.net.snk"
+$STRONG_NAME_ENCRYPTED_KEY_PATH="$($SRC_DIR)/src/jmespath.net.snk.crypted"
+
+if ($Encrypt.IsPresent) {
+  Encrypt-File `
+  	-path $STRONG_NAME_PLAINTEXT_KEY_PATH `
+  	-Passphrase $env:SNK_PASSPHRASE `
+  	-salt $env:SNK_SALT `
+  	-init $env:SNK_INIT `
+  	-outputPath $STRONG_NAME_ENCRYPTED_KEY_PATH
+}
+
+else {
+  Decrypt-File `
+  	-path $STRONG_NAME_ENCRYPTED_KEY_PATH `
+  	-Passphrase $env:SNK_PASSPHRASE `
+  	-salt $env:SNK_SALT `
+  	-init $env:SNK_INIT `
+  	-outputPath $STRONG_NAME_PLAINTEXT_KEY_PATH
+}

bin/Update-Version.ps1

@@ -1,58 +1,54 @@
 [CmdletBinding()]
 param(
     [Parameter(Mandatory = $true)]
-    $version = $ENV:appveyor_build_version
+    [string]$version
 )
 
 BEGIN {
 
-    if (-not $version -or [String]::IsNullOrWhitespace($version))
-    {
-        Write-Host "Please, specify a valid version number." -ForegroundColor Red
-        throw;
-    }
-
-    Function Get-ScriptDirectory { Split-Path -parent $PSCommandPath }
-    Function Update-CsprojVersion {
-        param([string]$path, [string]$version)
-        [xml]$document = Get-Content -Path $path -Raw
-        $newPrefix = $document.Project.PropertyGroup.VersionPrefix.Replace("42.43.44", $version)
-        $document.Project.PropertyGroup.VersionPrefix = $newPrefix
-        $document.Save($path)
-
-        Write-Host "Updated version of $path to $version." -ForegroundColor Cyan
-    }
-    Function Update-NuspecVersion {
-        param([string]$path, [string]$version)
-        [xml]$document = Get-Content -Path $path -Raw
-        $newPrefix = $document.package.metadata.version.Replace("42.43.44", $version)
-        $document.package.metadata.version = $newPrefix
-        $document.Save($path)
-
-        Write-Host "Updated version of $path to $version." -ForegroundColor Cyan
-    }
+  if (-not $version -or [String]::IsNullOrWhitespace($version))
+  {
+      Write-Host "Please, specify a valid version number." -ForegroundColor Red
+      throw;
+  }
+
+  Function Update-CsprojVersion {
+    param([string]$path, [string]$version)
+    [xml]$document = Get-Content -Path $path -Raw
+    $newPrefix = $document.Project.PropertyGroup.VersionPrefix.Replace("42.43.44", $version)
+    $document.Project.PropertyGroup.VersionPrefix = $newPrefix
+    $document.Save($path)
+
+    Write-Host "Updated version of $path to $version." -ForegroundColor Cyan
+  }
+  Function Update-NuspecVersion {
+    param([string]$path, [string]$version)
+    [xml]$document = Get-Content -Path $path -Raw
+    $newPrefix = $document.package.metadata.version.Replace("42.43.44", $version)
+    $document.package.metadata.version = $newPrefix
+    $document.Save($path)
+
+    Write-Host "Updated version of $path to $version." -ForegroundColor Cyan
+  }
 }
 
 PROCESS {
 
-    "../src/jmespath.net/jmespath.net.csproj", `
-    "../src/jmespath.net.parser/jmespath.net.parser.csproj" |% {
-
-        Update-CsprojVersion `
-            -Version $version `
-            (Join-Path `
-                -Path (Get-ScriptDirectory) `
-                -ChildPath $_ `
-            )
-    }
-
-    "../src/jmespath.net.parser/jmespath.net.parser.nuspec" |% {
-
-        Update-NuspecVersion `
-            -Version $version `
-            (Join-Path `
-                -Path (Get-ScriptDirectory) `
-                -ChildPath $_ `
-            )
-    }
-}
+  $SRC_DIR = (Resolve-Path -Path (
+    Join-Path -Path $PSScriptRoot -ChildPath "..")).Path
+
+  "$SRC_DIR/src/jmespath.net/jmespath.net.csproj", `
+  "$SRC_DIR/src/jmespath.net.parser/jmespath.net.parser.csproj" |% {
+
+    Update-CsprojVersion `
+      -Version $version `
+      -Path $_
+  }
+
+  "$SRC_DIR/src/jmespath.net.parser/jmespath.net.parser.nuspec" |% {
+
+    Update-NuspecVersion `
+      -Version $version `
+      -Path $_
+  }
+}

src/jmespath.net.parser/InternalsVisibleTo.cs

@@ -1,3 +1,7 @@
 using System.Runtime.CompilerServices;
 
+#if DEBUG
 [assembly: InternalsVisibleTo("jmespathnet.tests, PublicKey=0024000004800000940000000602000000240000525341310004000001000100055796df0ae0f975fabb3455d92c9edfef1e266fe66273a7f42c298406335fef71fdf99f46033f5f1e890fa2c6a5f230bfdd5832aa16eb45af02ad70ff716f97a51ff955abaaa2490da59ece7f2474dd43695c6bc8f1c82d1bb38f166fdfa7716e11291bda347bc8689d5435e68401a9ab5b4e8e49c1074173d21edf4fbda1b1")]
+#else
+[assembly: InternalsVisibleTo("jmespathnet.tests, PublicKey=002400000480000094000000060200000024000052534131000400000100010055709b8bb177721db5eb5a9e7437bfa5f46251aef5dcf91f4a36a7dcb98e51a8ecf5a37284004fa6694f3471f5dfc82244c9672eb085cd65c7cb75d8251aa971a349d4641b492ca0963b74fd9878a5872d6ccbb7b7ceff82aa3687c240a70b4d5565c7cff5df0a12cdbde58e937320fb302b7ccedff72008f3bec0bee8384dc5")]
+#endif

src/jmespath.net/InternalsVisibleTo.cs

@@ -1,3 +1,7 @@
 using System.Runtime.CompilerServices;
 
+#if DEBUG
 [assembly: InternalsVisibleTo("jmespathnet.tests, PublicKey=0024000004800000940000000602000000240000525341310004000001000100055796df0ae0f975fabb3455d92c9edfef1e266fe66273a7f42c298406335fef71fdf99f46033f5f1e890fa2c6a5f230bfdd5832aa16eb45af02ad70ff716f97a51ff955abaaa2490da59ece7f2474dd43695c6bc8f1c82d1bb38f166fdfa7716e11291bda347bc8689d5435e68401a9ab5b4e8e49c1074173d21edf4fbda1b1")]
+#else
+[assembly: InternalsVisibleTo("jmespathnet.tests, PublicKey=002400000480000094000000060200000024000052534131000400000100010055709b8bb177721db5eb5a9e7437bfa5f46251aef5dcf91f4a36a7dcb98e51a8ecf5a37284004fa6694f3471f5dfc82244c9672eb085cd65c7cb75d8251aa971a349d4641b492ca0963b74fd9878a5872d6ccbb7b7ceff82aa3687c240a70b4d5565c7cff5df0a12cdbde58e937320fb302b7ccedff72008f3bec0bee8384dc5")]
+#endif