analytics-dotnet-client/.github/workflows/release.yml at f0e2a6a7dbaa9849a7d49594b11d6cb8e62fa46d · couchbaselabs/analytics-dotnet-client · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
name: Release

on:
  release:
    types: [published]
  workflow_dispatch:
    inputs:
      version_tag:
        description: 'Git tag to release (e.g., 1.0.0 or 1.0.0-rc1)'
        required: true
      publish:
        description: 'Publish to NuGet (leave false for smoke run)'
        type: boolean
        required: false
        default: false

env:
  DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
  DOTNET_NOLOGO: 1

jobs:
  validate-inputs:
    name: Validate Inputs
    runs-on: ubuntu-latest
    outputs:
      tag: ${{ steps.compute.outputs.tag }}
      version: ${{ steps.compute.outputs.version }}
      publish: ${{ steps.compute.outputs.publish }}
    steps:
      - id: compute
        name: Compute tag, version, and publish flag
        shell: bash
        run: |
          if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
            TAG_INPUT="${{ github.event.inputs.version_tag }}"
            PUBLISH_INPUT="${{ github.event.inputs.publish }}"
          else
            TAG_INPUT="${{ github.ref_name }}"
            PUBLISH_INPUT="true"
          fi
          if [ -z "$TAG_INPUT" ]; then
            echo "Tag input is required." >&2
            exit 1
          fi
          if ! echo "$TAG_INPUT" | grep -Eq '^[0-9]+\.[0-9]+\.[0-9]+(-[A-Za-z0-9.-]+)?$'; then
            echo "Tag must be a semantic version (e.g., 1.0.0 or 1.0.0-rc1)." >&2
            exit 1
          fi
          VER="$TAG_INPUT"
          echo "tag=$TAG_INPUT" >> $GITHUB_OUTPUT
          echo "version=$VER" >> $GITHUB_OUTPUT
          echo "publish=$PUBLISH_INPUT" >> $GITHUB_OUTPUT

  build-and-test:
    name: Build & Test (${{ matrix.name }})
    runs-on: ${{ matrix.os }}
    needs: validate-inputs
    strategy:
      fail-fast: false
      matrix:
        include:
          - name: ubuntu
            os: ubuntu-latest
          - name: windows
            os: windows-latest
          - name: macos
            os: macos-latest
          - name: centos
            os: ubuntu-latest
            container: quay.io/centos/centos:stream9
    container: ${{ matrix.container }}
    steps:
      - name: Checkout master (smoke)
        if: needs.validate-inputs.outputs.publish != 'true'
        uses: actions/checkout@v4
        with:
          ref: master
          fetch-depth: 0

      - name: Checkout tag
        if: needs.validate-inputs.outputs.publish == 'true'
        uses: actions/checkout@v4
        with:
          ref: ${{ needs.validate-inputs.outputs.tag }}
          fetch-depth: 0

      - name: Setup .NET SDK
        uses: actions/setup-dotnet@v4
        with:
          dotnet-version: 8.0.x
          cache: false

      - name: Install prerequisites (CentOS)
        if: matrix.name == 'centos'
        run: |
          yum -y update
          yum -y install tar gzip ca-certificates krb5-libs libicu zlib openssl

      - name: Restore
        run: dotnet restore src/Couchbase.Analytics/Couchbase.Analytics.csproj

      - name: Build (Release)
        run: dotnet build src/Couchbase.Analytics/Couchbase.Analytics.csproj --configuration Release --no-restore

      - name: Test - Couchbase.Analytics.UnitTests (Release)
        run: dotnet test tests/Couchbase.Analytics.UnitTests/Couchbase.Analytics.UnitTests.csproj --configuration Release --logger trx --results-directory "TestResults"

      - name: Upload Test Results
        if: always()
        uses: actions/upload-artifact@v4
        with:
          name: unit-test-results-${{ matrix.name }}
          path: TestResults

  pack:
    name: Pack (Windows)
    runs-on: windows-latest
    needs: [validate-inputs, build-and-test]
    env:
      NETSDK_SIGNKEY: ${{ secrets.NETSDK_SIGNKEY }}
    steps:
      - name: Checkout master (smoke)
        if: needs.validate-inputs.outputs.publish != 'true'
        uses: actions/checkout@v4
        with:
          ref: master
          fetch-depth: 0

      - name: Checkout tag
        if: needs.validate-inputs.outputs.publish == 'true'
        uses: actions/checkout@v4
        with:
          ref: ${{ needs.validate-inputs.outputs.tag }}
          fetch-depth: 0

      - name: Setup .NET SDK
        uses: actions/setup-dotnet@v4
        with:
          dotnet-version: 8.0.x
          cache: false

      - name: Restore
        run: dotnet restore src/Couchbase.Analytics/Couchbase.Analytics.csproj

      - name: Prepare strong-name key (SNK)
        shell: pwsh
        run: |
          if ("${{ env.NETSDK_SIGNKEY }}" -eq '') { Write-Error "NETSDK_SIGNKEY secret is required"; exit 1 }
          $bytes = [System.Convert]::FromBase64String("${{ env.NETSDK_SIGNKEY }}")
          [IO.File]::WriteAllBytes("signkey.snk", $bytes)
          $signPath = (Resolve-Path "signkey.snk").Path
          "SIGNKEY_PATH=$signPath" | Out-File -FilePath $env:GITHUB_ENV -Append -Encoding utf8

      - name: Build andPack (Release, signed)
        shell: pwsh
        run: |
          dotnet build src/Couchbase.Analytics/Couchbase.Analytics.csproj -c Release --no-restore /p:ContinuousIntegrationBuild=true /p:Version="${{ needs.validate-inputs.outputs.tag }}" /p:IncludeSymbols=true /p:IncludeSource=true /p:SourceLinkCreate=true /p:SignAssembly=true /p:AssemblyOriginatorKeyFile="$env:SIGNKEY_PATH"
          dotnet pack src/Couchbase.Analytics/Couchbase.Analytics.csproj -c Release /p:ContinuousIntegrationBuild=true /p:Version="${{ needs.validate-inputs.outputs.tag }}" /p:IncludeSymbols=true /p:SymbolPackageFormat=snupkg /p:IncludeSource=true /p:SourceLinkCreate=true /p:SignAssembly=true /p:AssemblyOriginatorKeyFile="$env:SIGNKEY_PATH"

      - name: Upload Packages Artifact
        uses: actions/upload-artifact@v4
        with:
          name: nuget-packages
          path: |
            src/Couchbase.Analytics/bin/Release/*.nupkg
            src/Couchbase.Analytics/bin/Release/*.snupkg


  publish:
    name: Publish to NuGet
    runs-on: windows-latest
    needs: [validate-inputs, pack]
    environment: nuget-publish
    # Only publish when publish flag is true
    if: needs.validate-inputs.outputs.publish == 'true'
    env:
      NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }}
    steps:
      - name: Download Packages Artifact
        uses: actions/download-artifact@v4
        with:
          name: nuget-packages
          path: ./artifacts

      - name: Publish to NuGet (nupkg)
        if: env.NUGET_API_KEY != ''
        shell: pwsh
        run: |
          $ver = "${{ needs.validate-inputs.outputs.tag }}"
          Get-ChildItem -Path ./artifacts -Recurse -Filter *.nupkg | Where-Object { $_.Name -like "*.$ver.nupkg" } | ForEach-Object {
            dotnet nuget push $_.FullName --source "https://api.nuget.org/v3/index.json" --api-key "${{ env.NUGET_API_KEY }}" --skip-duplicate
          }

      - name: Publish symbols to NuGet (snupkg)
        if: env.NUGET_API_KEY != ''
        shell: pwsh
        run: |
          $ver = "${{ needs.validate-inputs.outputs.tag }}"
          Get-ChildItem -Path ./artifacts -Recurse -Filter *.snupkg | Where-Object { $_.Name -like "*.$ver.snupkg" } | ForEach-Object {
            dotnet nuget push $_.FullName --source "https://api.nuget.org/v3/index.json" --api-key "${{ env.NUGET_API_KEY }}" --skip-duplicate
          }

  smoke-summary:
    name: Smoke Summary
    runs-on: ubuntu-latest
    needs: [validate-inputs, build-and-test, pack]
    if: github.event_name == 'workflow_dispatch' && github.event.inputs.publish != 'true'
    steps:
      - name: Download Packages Artifact
        uses: actions/download-artifact@v4
        with:
          name: nuget-packages
          path: ./artifacts

      - name: Download Test Results Artifacts
        uses: actions/download-artifact@v4
        with:
          pattern: unit-test-results-*
          merge-multiple: true
          path: ./test-results

      - name: Print tag, package names, test result files
        shell: bash
        run: |
          echo "Tag: ${{ needs.validate-inputs.outputs.tag }}"
          echo "Package version: ${{ needs.validate-inputs.outputs.tag }}"
          echo "Packages:"
          find ./artifacts -type f -name "*.${{ needs.validate-inputs.outputs.tag }}.nupkg" -print | sed 's/^/  /' || true
          find ./artifacts -type f -name "*.${{ needs.validate-inputs.outputs.tag }}.snupkg" -print | sed 's/^/  /' || true
          echo "Test result files:"
          find ./test-results -type f -name "*.trx" -print | sed 's/^/  /' || true