Call publishing under AzureCLI and publish without SAS tokens.

dotnet / arcade

Tools that provide common build infrastructure for multiple .NET Foundation projects.

MIT License

667 stars 345 forks source link

Call publishing under AzureCLI and publish without SAS tokens. #14842

Closed mmitche closed 3 months ago

mmitche commented 3 months ago

To double check:

[ ] The right tests are in and the right validation has happened. Guidance: https://github.com/dotnet/arcade/blob/main/Documentation/Validation.md

premun commented 3 months ago

Is this meant for nuget feed publishing?

@mmitche I am planning almost the same change but for all BAR publishing in Arcade. I want to send out an email first to partners as this will start triggering service connection approvals. We will need to then obtain the BAR entra token in a step before yours if we need 2.

Please see https://github.com/dotnet/arcade/pull/14843

premun commented 3 months ago

I think altogether it will look something like this: https://dev.azure.com/dnceng/internal/_git/dotnet-arcade/commit/8babee88dc9d6cac6e800dfeb14338cdfa2cf2ac/

I am testing it https://dev.azure.com/dnceng/internal/_build/results?buildId=2472857&view=results

mmitche commented 3 months ago

We don't need this for nuget push actually. NuGet authenticate + nuget push works fine. We do pass a PAT right now, but it's only for purposes of downloading and comparing existing packages.