Skip to content
Test Sign Workflow

Build(deps): bump actions/setup-dotnet from 4 to 5 #457

Sign in to view logs

Build(deps): bump actions/setup-dotnet from 4 to 5

Build(deps): bump actions/setup-dotnet from 4 to 5 #457

Workflow file for this run

.github/workflows/test_sign-artifacts-workflow.yaml at f34ff3e
name: Test Sign Workflow
on:
workflow_dispatch:
pull_request:
branches: [main]
permissions:
id-token: write
contents: read
jobs:
upload-test-gh-artifacts:
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v5
- name: Create Test Fixtures
run: |
.github/workflows/deploy-artifacts/create-test-fixtures.sh test-fixtures
- name: Upload Artifacts
uses: actions/upload-artifact@v5
with:
name: test-fixtures
path: test-fixtures
test-sign-workflow:
uses: ./.github/workflows/reusable_sign-artifacts.yaml
needs: upload-test-gh-artifacts
secrets:
gpg-private-key: ${{ secrets.GPG_SECRET_KEY }}
gpg-public-key: ${{ secrets.GPG_PUBLIC_KEY }}
gpg-key-pass: ${{ secrets.GPG_PASS }}
es-username: ${{ secrets.ES_USERNAME }}
es-password: ${{ secrets.ES_PASSWORD }}
credential_id: ${{ secrets.CREDENTIAL_ID }}
es-totp_secret: ${{ secrets.ES_TOTP_SECRET }}
with:
gh-unsigned-artifacts: test-fixtures
gh-workflows-ref: v2.0.2
verify-nuget-signatures:
needs: test-sign-workflow
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v5
- name: Setup .NET SDK
uses: actions/setup-dotnet@v5
with:
dotnet-version: 8.x
- name: Download Signed Artifacts
uses: actions/download-artifact@v4
with:
name: ${{ needs.test-sign-workflow.outputs.gh-artifact-name }}
path: signed
- name: Verify NuGet Signatures
shell: bash
run: |
set -euo pipefail
export PATH="$HOME/.dotnet/tools:$PATH"
shopt -s nullglob globstar
mapfile -t pkgs < <(printf '%s\n' signed/**/*.nupkg)
echo "Found ${#pkgs[@]} .nupkg files"
if [ "${#pkgs[@]}" -lt 1 ]; then
echo "No .nupkg files found under signed/" >&2
exit 1
fi
for p in "${pkgs[@]}"; do
echo "Verifying $p"
dotnet nuget verify "$p" --all
done
run-tests:
needs: test-sign-workflow
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v5
- name: Download Test Fixtures
uses: actions/download-artifact@v4
with:
name: test-fixtures
path: test-fixtures
- name: Install dpkg-sig
run: |
sudo apt-get update && sudo apt-get install dpkg-sig dpkg-dev -y
- name: Test Entrypoint
run: |
.github/workflows/sign-artifacts/test-entrypoint.sh test-fixtures