mcpb/.github/workflows/publish-dotnet.yml at fb0e98f4d63e7f56771d288614401a26249eb05f · modelcontextprotocol/mcpb · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
name: Publish .NET Tool

# This workflow publishes the .NET tool to NuGet using Trusted Publishing (OIDC).
#
# Setup required on NuGet.org:
# 1. Navigate to your package page at https://www.nuget.org/packages/Mcpb.Cli/
# 2. Go to "Manage Package" and select "Publishing" or "Trusted publishers"
# 3. Click "Add" to configure a new trusted publisher
# 4. Configure the GitHub Actions OIDC settings:
#    - Subject Repository: asklar/mcpb
#    - Subject Workflow: .github/workflows/publish-dotnet.yml
#    - Subject Environment: nuget (optional but recommended)
# 5. Save the trusted publisher configuration
#
# Setup required in GitHub:
# 1. Create an environment named "nuget" in repository settings
# 2. Add protection rules if desired (e.g., required reviewers)
#
# The workflow will run automatically when the version in dotnet/mcpb/mcpb.csproj is changed
# and pushed to the dotnet branch, or it can be triggered manually.

on:
  workflow_dispatch:
  push:
    branches:
      - dotnet
    paths:
      - 'dotnet/mcpb/mcpb.csproj'

permissions:
  contents: read
  id-token: write

jobs:
  publish:
    name: Publish to NuGet
    runs-on: ubuntu-latest
    environment: nuget

    steps:
      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Setup .NET
        uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0
        with:
          dotnet-version: '8.0.x'

      - name: Restore dependencies
        run: |
          cd dotnet
          dotnet restore

      - name: Build
        run: |
          cd dotnet
          dotnet build -c Release --no-restore

      - name: Test
        run: |
          cd dotnet
          dotnet test -c Release --no-build --verbosity normal

      - name: Pack
        run: |
          cd dotnet/mcpb
          dotnet pack -c Release --no-build --output ./artifacts
      - name: Remove old v2 NuGet source if exists
        run: dotnet nuget remove source nuget.org || true

      # Get a short-lived NuGet API key
      - name: NuGet login (OIDC → temp API key)
        uses: NuGet/login@v1
        id: login
        with:
          user: ${{ secrets.NUGET_USER }} # Recommended: use a secret like ${{ secrets.NUGET_USER }} for your nuget.org username (profile name), NOT your email address

      # Push the package
      - name: NuGet push
        run: |
          cd dotnet/mcpb
          dotnet nuget push ./artifacts/*.nupkg --api-key ${{steps.login.outputs.NUGET_API_KEY}} --source https://api.nuget.org/v3/index.json --skip-duplicate