Github nuget workflow and versioning via gitversion

[anpin]

Action to publish nuget

First commit adds the action for publishing nuget to github and nuget feed. Currently it doesn't perform any tests as we discussed in the linked issue, however it does run npm run build:prod to see if it at least builds correctly. For successful operation of publishing steps you will have to add secrets to the nuget environment of the repo (repo settings -> environments -> new environment called nuget -> open it and add tokens). The GH_PAT secret is a github pat of repo owner with write:packages permissions used for publishing to github feed (Your Account -> Settings -> Developer Settings -> Personal access token -> Generate new token (classic) -> Select write:packages). The NUGET_TOKEN secret is api key for nuget.org (Your -Account -> API keys -> Create key with push scope). Please note that the github nuget feed would be your personal one and you have to link it to the repo from your profile packages page. _I'm not an authority on gh actions (had much more experience with azure devops and gitlab), so there might be better ways to achieve the result.

Versioning

Second commit adds dependency on GitVersion which is configured via GitVersion.yml and will generate consistent incremented version for both CI and local builds. Version schema is [Major].[Minor].[Patch]-[PreReleaseLabel].[PreReleaseNumber] and as you can find out in the config each commit to main increments Minor, then each commit to dev (or develop or development and support and hotfix ) will bump Patch, then finally everything under feature/* and pr/* will put branch name in PreReleaseLabel and increment the PreReleaseNumber. Now I'm thinking that we might need to limit publishing to nuget.org for main branch only and leave the rest for github.

3

[anpin]

The action is configured to run on PR branch which currently fails without letting me know why. I think it is either missing nuget environment or repo has some limitation on contributing to actions

[mark-gerarts]

First off, thanks again for the PR! Interesting stuff, and very useful once everything is set up.

I configured the GH_PAT and NUGET_TOKEN env vars. However, I'm not entirely sure what you mean by this:

Please note that the github nuget feed would be your personal one and you have to link it to the repo from your profile packages page.

Is it because of this line: https://nuget.pkg.github.com/${{ github.repository_owner }}/index.json? In that case I think it's fine, since it's both mark-gerarts for Github and Nuget. That is, if I understand the problem correctly.

ETA: I triggered a manual rerun of the action. It does give an error message now, but not a very helpful one.

[anpin]

In case of this repo nugets pushed to https://nuget.pkg.github.com/${{ github.repository_owner }}/index.json will end up at https://github.com/mark-gerarts?tab=packages and in order for them to appear on the repo page as such [1] you would have to go in the settings and associate the package with the repo. Unfortunately I couldn't make it to work with ${{ secrets.GITHUB_TOKEN }} as it was failing with 403 Forbidden, so for now it requires PAT token which means this action would have access to all your personal packages. Automatic authentication should work but is in beta (automatic auth, packages permissions)

[1] Package associated to my fork

[anpin]

I think you have to reconfigure secrets as current version deploys fine in my fork. Here [1] is how it should look in the settings, please pay attention to the nuget environment for each secret. [1]

[mark-gerarts]

I suspected things didn't work because this is a PR, so I merged this. Now the CI ran without problems, so that's good news! The package is created on Github, but with private visibility. Is this something wrong on my part?

[mark-gerarts]

To answer my own question: yes it is :slightly_smiling_face: Everything looks good now, thanks again! I'll create a development branch to work on, to follow the GitVersion logic.

[anpin]

@mark-gerarts does it publish on nuget.org too? EDIT: It does, but published version was 0.1.0 which is smaller than already pushed version and it doesn't have alpha prefix.