Release #73
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow is used for publishing the NuGet package and Docker image. | |
# | |
# Before triggering a release the `semver.txt` file should be updated in the | |
# relevant branch. | |
# | |
# When commiting the version change in `semver.txt` the commit message is | |
# important as it will be used for the release in GitHub. | |
# | |
# For an example commit browse to | |
# https://github.com/CycloneDX/cyclonedx-dotnet/commit/d110af854371374460430bb8438225a7d7a84274. | |
# | |
# The resulting release is here | |
# https://github.com/CycloneDX/cyclonedx-dotnet/releases/tag/v1.0.0. | |
# | |
# Releases are triggered manually. This can be done by browsing to | |
# https://github.com/CycloneDX/cyclonedx-dotnet/actions?query=workflow%3ARelease | |
# and selecting "Run workflow". If releasing a patch for a previous version | |
# make sure the correct branch is selected. It will default to the default | |
# branch. | |
name: Release | |
on: | |
workflow_dispatch | |
jobs: | |
release: | |
name: Release | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v4.1.2 | |
- name: Setup dotnet | |
uses: actions/setup-dotnet@v4 | |
with: | |
dotnet-version: | | |
8.x | |
# The tests should have already been run during the PR workflow, so this is really just a sanity check | |
- name: Tests | |
run: dotnet test --framework net8.0 | |
# Build and package everything, including the Docker image | |
- name: Package release | |
id: package_release | |
run: | | |
VERSION=`cat semver.txt` | |
OUTPUT=./nupkgs | |
echo "##[set-output name=version;]$VERSION" | |
echo "##[set-output name=package_name;]CycloneDX.$VERSION.nupkg" | |
echo "##[set-output name=package_filename;]$OUTPUT/CycloneDX.$VERSION.nupkg" | |
REPO=cyclonedx/cyclonedx-dotnet | |
dotnet build --configuration Release /p:Version=$VERSION | |
dotnet pack CycloneDX/CycloneDX.csproj --configuration Release /p:Version=$VERSION --output $OUTPUT | |
docker build -f Dockerfile --build-arg VERSION=$VERSION -t $REPO:$VERSION -t $REPO:latest . | |
# We install the newly generated tool as bit of a "smoke test" and to generate an SBOM for the release | |
- name: Install newly generated version of CLI tool | |
run: | | |
dotnet tool install --global CycloneDX --version ${{ steps.package_release.outputs.version }} --add-source ./nupkgs | |
- name: Generate XML SBOM | |
uses: CycloneDX/gh-dotnet-generate-sbom@master | |
with: | |
path: ./CycloneDX.sln | |
github-bearer-token: ${{ secrets.GITHUB_TOKEN }} | |
# Generate the JSON with the docker container as additional smoke test | |
- name: Generate JSON SBOM | |
run: docker run --rm -v ${GITHUB_WORKSPACE}:/usr/src/project cyclonedx/cyclonedx-dotnet:${{ steps.package_release.outputs.version }} /usr/src/project/CycloneDX.sln -j -o /usr/src/project | |
- name: Publish package to NuGet | |
env: | |
NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }} | |
run: | | |
dotnet nuget push --source https://api.nuget.org/v3/index.json --api-key "$NUGET_API_KEY" ${{ steps.package_release.outputs.package_filename }} | |
- name: Publish Docker image to Docker Hub | |
env: | |
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }} | |
run: | | |
REPO=cyclonedx/cyclonedx-dotnet | |
docker login --username coderpatros --password "$DOCKER_TOKEN" | |
docker push $REPO:latest | |
docker push $REPO:${{ steps.package_release.outputs.version }} | |
- name: Create github release and git tag for release | |
id: create_release | |
uses: actions/create-release@v1.1.4 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
release_name: ${{ steps.package_release.outputs.version }} | |
tag_name: v${{ steps.package_release.outputs.version }} | |
draft: false | |
prerelease: false | |
- name: Upload package to github release | |
uses: actions/upload-release-asset@v1.0.2 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
upload_url: ${{ steps.create_release.outputs.upload_url }} | |
asset_path: ${{ steps.package_release.outputs.package_filename }} | |
asset_name: ${{ steps.package_release.outputs.package_name }} | |
asset_content_type: application/zip | |
- name: Upload XML SBOM to github release | |
uses: actions/upload-release-asset@v1.0.2 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
upload_url: ${{ steps.create_release.outputs.upload_url }} | |
asset_path: bom.xml | |
asset_name: bom.xml | |
asset_content_type: application/xml | |
- name: Upload JSON SBOM to github release | |
uses: actions/upload-release-asset@v1.0.2 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
upload_url: ${{ steps.create_release.outputs.upload_url }} | |
asset_path: bom.json | |
asset_name: bom.json | |
asset_content_type: application/json |