Automate NuGet Package Creation and GitHub Release Process

RenanCarlosPereira commented 3 days ago

Overview

This pull request introduces a GitHub Actions workflow to automate the process of building, signing, packaging, and publishing our .NET project as a NuGet package. Additionally, it creates a GitHub release with the NuGet package and source code archives attached whenever a new tag following the v*.*.* pattern is pushed.

Changes Implemented

PowerShell Script for Signing and Building:
- Created build-signed.ps1 to handle the signing and building of the project.
- This script:
  - Accepts the path to the .csproj file and a base64-encoded signing key as parameters.
  - Converts the base64 signing key to a .snk file and places it in the same directory as the .csproj file.
  - Builds the project with the appropriate signing key parameters.
GitHub Actions Workflow:
- Added a workflow file .github/workflows/dotnetcore-release.ymll to automate the following steps:
  - Checkout Code: Checks out the repository.
  - Setup .NET Core: Sets up the .NET SDK.
  - Setup PowerShell: Sets up PowerShell.
  - Restore Dependencies: Restores the project dependencies using dotnet restore.
  - Sign and Build Project: Runs the build-signed.ps1 script to sign and build the project.
  - Create NuGet Package: Creates the NuGet package with the version extracted from the tag.
  - Publish NuGet Package to NuGet.org: Publishes the NuGet package using the dotnet nuget push command.
  - Create Source Code Archives: Generates zip and tar.gz archives of the source code.
  - Upload Artifacts: Uploads the source code archives as artifacts.
  - Create GitHub Release: Uses the softprops/action-gh-release@v1 action to create a GitHub release with the NuGet package and source code archives attached.

Secrets Management

SIGNING_KEY: Base64-encoded signing key used for signing the assemblies.
NUGET_API_KEY: API key for publishing the NuGet package.
GITHUB_TOKEN: Automatically provided by GitHub Actions for creating the release.

Benefits

Automation: Streamlines the release process by automating the build, sign, package, and publish steps.
Consistency: Ensures consistent versioning and release notes based on tag names.
Security: Keeps sensitive keys secure using GitHub Secrets.

Instructions for Reviewers

Review the PowerShell script build-signed.ps1 for correctness and security.
Check the GitHub Actions workflow configuration in .github/workflows/dotnetcore-release.ymll.
Ensure the necessary secrets (SIGNING_KEY and NUGET_API_KEY) are added to the repository's secrets.

How to Test

Add the required secrets to your GitHub repository.
Push a new tag following the v*.*.* pattern to trigger the workflow.
Verify that the workflow completes successfully, publishes the NuGet package, and creates a GitHub release with the attached artifacts.

this is related to the issue #42

RenanCarlosPereira commented 3 days ago

@abbasc52 could you please check this PR? If I'm not asking too much.

I generated a new sign key, we will add it to GitHub secrets, so to generate the package we decided to automate in this PR

@asulwer please add the required secrets in the repo settings

asulwer commented 2 days ago

@RenanCarlosPereira both keys have been created and added.

Untitled

asulwer commented 2 days ago

@abbasc52 would you like to be added as a contributor?

RenanCarlosPereira commented 2 days ago

Nice, set up the build and then create the tag, it should trigger the build automatically and generate the nuget and release 🙌

asulwer commented 2 days ago

quick question though about nuget. i released under RulesEngineEx and the latest unlisted version is 6.0.3. will there be issues publishing?

asulwer commented 2 days ago

silly question, i need to merge this before i build and tag?

RenanCarlosPereira commented 2 days ago

Merge and then create the tag

asulwer / RulesEngine