diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 75d1478242..c407a7229d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -65,27 +65,27 @@ jobs: } - name: Checkout code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: filter: 'tree:0' persist-credentials: false show-progress: false - name: Setup .NET SDKs - uses: actions/setup-dotnet@2016bd2012dba4e32de620c46fe006a3ac9f0602 # v5.0.1 + uses: actions/setup-dotnet@2016bd2012dba4e32de620c46fe006a3ac9f0602 # v5.0.1 with: dotnet-version: | 8.0.x 9.0.x - name: Setup Node - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: '24' package-manager-cache: false - name: Setup .NET SDK - uses: actions/setup-dotnet@2016bd2012dba4e32de620c46fe006a3ac9f0602 # v5.0.1 + uses: actions/setup-dotnet@2016bd2012dba4e32de620c46fe006a3ac9f0602 # v5.0.1 id: setup-dotnet - name: Install .NET tools @@ -101,7 +101,7 @@ jobs: - name: Upload Coverage Reports if: always() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: coverage-${{ runner.os }} path: ./artifacts/coverage @@ -121,7 +121,7 @@ jobs: token: ${{ secrets.CODECOV_TOKEN }} - name: Generate SBOM - uses: anchore/sbom-action@fbfd9c6c189226748411491745178e0c2017392d # v0.20.10 + uses: anchore/sbom-action@fbfd9c6c189226748411491745178e0c2017392d # v0.20.10 if: runner.os == 'Windows' with: artifact-name: Swashbuckle.AspNetCore.spdx.json @@ -142,7 +142,7 @@ jobs: ./artifacts/package/release/* - name: Publish NuGet packages - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 if: ${{ !cancelled() }} with: name: packages-${{ runner.os }} @@ -165,12 +165,12 @@ jobs: steps: - name: Download packages - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: packages-Windows - name: Setup .NET SDK - uses: actions/setup-dotnet@2016bd2012dba4e32de620c46fe006a3ac9f0602 # v5.0.1 + uses: actions/setup-dotnet@2016bd2012dba4e32de620c46fe006a3ac9f0602 # v5.0.1 with: dotnet-version: ${{ needs.build.outputs.dotnet-sdk-version }} @@ -225,12 +225,12 @@ jobs: steps: - name: Download packages - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: packages-Windows - name: Setup .NET SDK - uses: actions/setup-dotnet@2016bd2012dba4e32de620c46fe006a3ac9f0602 # v5.0.1 + uses: actions/setup-dotnet@2016bd2012dba4e32de620c46fe006a3ac9f0602 # v5.0.1 with: dotnet-version: ${{ needs.build.outputs.dotnet-sdk-version }} @@ -253,21 +253,30 @@ jobs: name: NuGet.org url: https://www.nuget.org/profiles/domaindrivendev + permissions: + id-token: write + steps: - name: Download packages - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: packages-Windows - name: Setup .NET SDK - uses: actions/setup-dotnet@2016bd2012dba4e32de620c46fe006a3ac9f0602 # v5.0.1 + uses: actions/setup-dotnet@2016bd2012dba4e32de620c46fe006a3ac9f0602 # v5.0.1 with: dotnet-version: ${{ needs.build.outputs.dotnet-sdk-version }} + - name: NuGet log in + uses: NuGet/login@d22cc5f58ff5b88bf9bd452535b4335137e24544 # v1.1.0 + id: nuget-login + with: + user: ${{ secrets.NUGET_USER }} + - name: Push NuGet packages to NuGet.org env: - API_KEY: ${{ secrets.NUGET_TOKEN }} + API_KEY: ${{ steps.nuget-login.outputs.NUGET_API_KEY }} PACKAGE_VERSION: ${{ needs.build.outputs.package-version }} SOURCE: https://api.nuget.org/v3/index.json run: |