Automate NuGet Package Creation and GitHub Release Process

[RenanCarlosPereira]

Overview

This pull request introduces a GitHub Actions workflow to automate the process of building, signing, packaging, and publishing our .NET project as a NuGet package. Additionally, it creates a GitHub release with the NuGet package and source code archives attached whenever a new tag following the v*.*.* pattern is pushed.

Changes Implemented

1. PowerShell Script for Signing and Building:

   • Created build-signed.ps1 to handle the signing and building of the project.
   • This script:
     • Accepts the path to the .csproj file and a base64-encoded signing key as parameters.
     • Converts the base64 signing key to a .snk file and places it in the same directory as the .csproj file.
     • Builds the project with the appropriate signing key parameters.

2. GitHub Actions Workflow:

   • Added a workflow file .github/workflows/dotnetcore-release.ymll to automate the following steps:
     • Checkout Code: Checks out the repository.
     • Setup .NET Core: Sets up the .NET SDK.
     • Setup PowerShell: Sets up PowerShell.
     • Restore Dependencies: Restores the project dependencies using dotnet restore.
     • Sign and Build Project: Runs the build-signed.ps1 script to sign and build the project.
     • Create NuGet Package: Creates the NuGet package with the version extracted from the tag.
     • Publish NuGet Package to NuGet.org: Publishes the NuGet package using the dotnet nuget push command.
     • Create Source Code Archives: Generates zip and tar.gz archives of the source code.
     • Upload Artifacts: Uploads the source code archives as artifacts.
     • Create GitHub Release: Uses the softprops/action-gh-release@v1 action to create a GitHub release with the NuGet package and source code archives attached.

Secrets Management

• SIGNING_KEY: Base64-encoded signing key used for signing the assemblies.
• NUGET_API_KEY: API key for publishing the NuGet package.
• GITHUB_TOKEN: Automatically provided by GitHub Actions for creating the release.

Benefits

• Automation: Streamlines the release process by automating the build, sign, package, and publish steps.
• Consistency: Ensures consistent versioning and release notes based on tag names.
• Security: Keeps sensitive keys secure using GitHub Secrets.

Instructions for Reviewers

1. Review the PowerShell script build-signed.ps1 for correctness and security.
2. Check the GitHub Actions workflow configuration in .github/workflows/dotnetcore-release.ymll.
3. Ensure the necessary secrets (SIGNING_KEY and NUGET_API_KEY) are added to the repository's secrets.

How to Test

1. Add the required secrets to your GitHub repository.
2. Push a new tag following the v*.*.* pattern to trigger the workflow.
3. Verify that the workflow completes successfully, publishes the NuGet package, and creates a GitHub release with the attached artifacts.

this is related to the issue #42

[RenanCarlosPereira]

@abbasc52 could you please check this PR? If I'm not asking too much.

I generated a new sign key, we will add it to GitHub secrets, so to generate the package we decided to automate in this PR

@asulwer please add the required secrets in the repo settings

[asulwer]

@RenanCarlosPereira both keys have been created and added.

[asulwer]

@abbasc52 would you like to be added as a contributor?

[RenanCarlosPereira]

Nice, set up the build and then create the tag, it should trigger the build automatically and generate the nuget and release 🙌

[asulwer]

quick question though about nuget. i released under RulesEngineEx and the latest unlisted version is 6.0.3. will there be issues publishing?

[asulwer]

silly question, i need to merge this before i build and tag?

[RenanCarlosPereira]

Merge and then create the tag