From e14a8e4779e4da62cc8ff51ee12bb9b8df5954eb Mon Sep 17 00:00:00 2001 From: Emmz Rendle Date: Thu, 28 May 2026 20:24:27 +0100 Subject: [PATCH 1/2] ci: add NuGet pack & publish workflow Add .github/workflows/release.yml to pack and publish the `dcli` and `dcli.testing` packages. - Triggers on `v*` version tags (version derived from the tag) or manual dispatch (optional version override + dry-run pack-only mode). - Gates publish on a Release build + full test run. - Packs both library projects, uploads the .nupkg/.snupkg as a workflow artifact, and pushes to nuget.org with --skip-duplicate. - Version override propagates to dcli.testing's dependency on dcli, so both packages always ship in lockstep. Requires a NUGET_API_KEY secret (repo- or `nuget`-environment-scoped). Co-Authored-By: Claude Opus 4.8 --- .github/workflows/release.yml | 108 ++++++++++++++++++++++++++++++++++ 1 file changed, 108 insertions(+) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..83caf1d --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,108 @@ +name: Release + +# Packs and publishes the `dcli` and `dcli.testing` NuGet packages. +# +# Two ways to release: +# 1. Push a version tag, e.g. git tag v0.2.0-rc.3 && git push origin v0.2.0-rc.3 +# → the version is taken from the tag (the leading "v" is stripped) and published. +# 2. Run manually (Actions → Release → Run workflow), optionally overriding the version +# and/or ticking "dry run" to pack without publishing. +# +# Requires a repository (or `nuget` environment) secret named NUGET_API_KEY. + +on: + push: + tags: ["v*"] + workflow_dispatch: + inputs: + version: + description: "Version to publish (e.g. 0.2.0-rc.3). Blank = use the version in the .csproj files." + required: false + type: string + dry_run: + description: "Pack only; do not push to NuGet." + required: false + type: boolean + default: false + +permissions: + contents: read + +concurrency: + group: release-${{ github.ref }} + cancel-in-progress: false + +jobs: + release: + name: Pack & Publish + runs-on: ubuntu-latest + # Scopes NUGET_API_KEY and allows optional required-reviewer protection. + # Create an environment named "nuget" (Settings → Environments) or move the + # secret to the repository level and delete this line. + environment: nuget + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup .NET + uses: actions/setup-dotnet@v4 + with: + dotnet-version: "10.0.x" + + - name: Determine version + id: version + run: | + if [ "${{ github.event_name }}" = "push" ]; then + VERSION="${GITHUB_REF_NAME#v}" + else + VERSION="${{ inputs.version }}" + fi + if [ -n "$VERSION" ]; then + echo "version_arg=-p:Version=$VERSION" >> "$GITHUB_OUTPUT" + echo "Publishing version: $VERSION" + else + echo "version_arg=" >> "$GITHUB_OUTPUT" + echo "Using version from .csproj files" + fi + + - name: Restore + run: dotnet restore + + - name: Build + run: dotnet build -c Release --no-restore ${{ steps.version.outputs.version_arg }} + + - name: Test + run: dotnet test -c Release --no-build --verbosity normal + + - name: Pack + run: | + dotnet pack src/Dcli/Dcli.csproj \ + -c Release --no-build -o artifacts ${{ steps.version.outputs.version_arg }} + dotnet pack src/Dcli.Testing/Dcli.Testing.csproj \ + -c Release --no-build -o artifacts ${{ steps.version.outputs.version_arg }} + + - name: List packages + run: ls -l artifacts + + - name: Upload packages artifact + uses: actions/upload-artifact@v4 + with: + name: nuget-packages + path: artifacts/* + if-no-files-found: error + + - name: Push to NuGet + if: ${{ github.event_name == 'push' || inputs.dry_run == false }} + env: + NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }} + run: | + if [ -z "$NUGET_API_KEY" ]; then + echo "::error::NUGET_API_KEY secret is not set." + exit 1 + fi + # Pushes the .nupkg files; matching .snupkg symbol packages are uploaded automatically. + dotnet nuget push "artifacts/*.nupkg" \ + --api-key "$NUGET_API_KEY" \ + --source https://api.nuget.org/v3/index.json \ + --skip-duplicate From ab1d26da2def168bbb5f934b140aca64be098a07 Mon Sep 17 00:00:00 2001 From: Emmz Rendle Date: Thu, 28 May 2026 20:30:07 +0100 Subject: [PATCH 2/2] ci: use org-level NUGET_API_KEY, drop nuget environment The NUGET_API_KEY secret is configured at the daemonicai org level and is available to this repo's workflows directly, so the per-job `environment: nuget` reference is unnecessary. Remove it. Co-Authored-By: Claude Opus 4.8 --- .github/workflows/release.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 83caf1d..1d7c981 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,7 +8,8 @@ name: Release # 2. Run manually (Actions → Release → Run workflow), optionally overriding the version # and/or ticking "dry run" to pack without publishing. # -# Requires a repository (or `nuget` environment) secret named NUGET_API_KEY. +# Requires a NUGET_API_KEY secret. This repo uses the organization-level secret +# configured in the daemonicai org settings (ensure this repo is in its access list). on: push: @@ -36,10 +37,6 @@ jobs: release: name: Pack & Publish runs-on: ubuntu-latest - # Scopes NUGET_API_KEY and allows optional required-reviewer protection. - # Create an environment named "nuget" (Settings → Environments) or move the - # secret to the repository level and delete this line. - environment: nuget steps: - name: Checkout