From 1449d058107acc3135265305a19758d19b8e4ea1 Mon Sep 17 00:00:00 2001 From: Abbas Cyclewala Date: Thu, 9 Sep 2021 16:03:52 +0530 Subject: [PATCH] Added strongname signing for RulesEngine (#231) * Added strongname signing --- .github/workflows/nuget-publish-github.yml | 17 ------- .github/workflows/nuget-publish.yml | 49 --------------------- .gitignore | 6 ++- deployment/build-signed.ps1 | 15 +++++++ signing/RulesEngine-publicKey.snk | Bin 0 -> 160 bytes src/RulesEngine/Properties/AssemblyInfo.cs | 2 +- src/RulesEngine/RulesEngine.csproj | 5 +++ .../RulesEngine.UnitTest.csproj | 3 ++ 8 files changed, 29 insertions(+), 68 deletions(-) delete mode 100644 .github/workflows/nuget-publish-github.yml delete mode 100644 .github/workflows/nuget-publish.yml create mode 100644 deployment/build-signed.ps1 create mode 100644 signing/RulesEngine-publicKey.snk diff --git a/.github/workflows/nuget-publish-github.yml b/.github/workflows/nuget-publish-github.yml deleted file mode 100644 index 930dc44..0000000 --- a/.github/workflows/nuget-publish-github.yml +++ /dev/null @@ -1,17 +0,0 @@ -name: Nuget Publish to github -on: - [workflow_dispatch] -jobs: - publish: - name: nuget publish to github packages - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Setup .NET Core - uses: actions/setup-dotnet@v1 - with: - dotnet-version: 3.1.x - - name: Pack - run: dotnet pack src/RulesEngine/RulesEngine.csproj --configuration Release - - name: Publish - run: find ./src/RulesEngine/bin/Release -iname "*.nupkg" | xargs dotnet nuget push -s https://nuget.pkg.github.com/microsoft/index.json -k ${{secrets.GITHUB_TOKEN}} diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml deleted file mode 100644 index 9bc04fa..0000000 --- a/.github/workflows/nuget-publish.yml +++ /dev/null @@ -1,49 +0,0 @@ -name: Nuget Publish -on: - [workflow_dispatch] -jobs: - publish: - name: build, pack & publish - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - - name: Setup dotnet - uses: actions/setup-dotnet@v1 - with: - dotnet-version: 3.1.x - - # Publish - - name: publish on version change - id: publish_nuget - uses: rohith/publish-nuget@v2 - with: - # Filepath of the project to be packaged, relative to root of repository - PROJECT_FILE_PATH: src/RulesEngine/RulesEngine.csproj - - # NuGet package id, used for version detection & defaults to project name - # PACKAGE_NAME: Core - - # Filepath with version info, relative to root of repository & defaults to PROJECT_FILE_PATH - # VERSION_FILE_PATH: Directory.Build.props - - # Regex pattern to extract version info in a capturing group - # VERSION_REGEX: ^\s*(.*)<\/Version>\s*$ - - # Useful with external providers like Nerdbank.GitVersioning, ignores VERSION_FILE_PATH & VERSION_REGEX - # VERSION_STATIC: 1.0.0 - - # Flag to toggle git tagging, enabled by default - # TAG_COMMIT: true - - # Format of the git tag, [*] gets replaced with actual version - # TAG_FORMAT: v* - - # API key to authenticate with NuGet server - NUGET_KEY: ${{secrets.NUGET_API_KEY}} - - # NuGet server uri hosting the packages, defaults to https://api.nuget.org - # NUGET_SOURCE: https://api.nuget.org - - # Flag to toggle pushing symbols along with nuget package to the server, disabled by default - # INCLUDE_SYMBOLS: false diff --git a/.gitignore b/.gitignore index 728408d..9b0709d 100644 --- a/.gitignore +++ b/.gitignore @@ -330,4 +330,8 @@ ASALocalRun/ .mfractor/ /src/RulesEngine/RulesEngine.sln.licenseheader /assets/RulesEnginePackageFile.xml -coveragereport/ \ No newline at end of file +coveragereport/ + +src/**/*.snk + +dist \ No newline at end of file diff --git a/deployment/build-signed.ps1 b/deployment/build-signed.ps1 new file mode 100644 index 0000000..b6c57b4 --- /dev/null +++ b/deployment/build-signed.ps1 @@ -0,0 +1,15 @@ +param( + [Parameter(Mandatory)] + [string] $csprojFilePath, + [Parameter(Mandatory)] + [string] $signingKey +) + +# sign and build the project +$directory = Split-Path $csprojFilePath; +$signKeyFile = Join-Path $directory "signKey.snk"; + +$bytes = [Convert]::FromBase64String($signingKey) +[IO.File]::WriteAllBytes($signKeyFile, $bytes) + +dotnet build $csprojFilePath -c Release -p:ContinuousIntegrationBuild=true -p:DelaySign=false -p:AssemblyOriginatorKeyFile=$signKeyFile \ No newline at end of file diff --git a/signing/RulesEngine-publicKey.snk b/signing/RulesEngine-publicKey.snk new file mode 100644 index 0000000000000000000000000000000000000000..10341c93a5a5e47a0f6a5cebc30a6533b5a88d71 GIT binary patch literal 160 zcmV;R0AK$ABme*efB*oL000060ssI2Bme+XQ$aBR1ONa50098OSyr;F2}Q+QX`zMn z!{8!zX*&vDLdc=;jIvGx-G|v9pP-+4wzspY#NS5p>P+OnqZuH(3ay_4c{;M4>HG8# zTdCtms)cD1gjw?)q4qU?tLEV_ipRlghosgXjTePtrue true snupkg + True + ..\..\signing\RulesEngine-publicKey.snk + True + true + true diff --git a/test/RulesEngine.UnitTest/RulesEngine.UnitTest.csproj b/test/RulesEngine.UnitTest/RulesEngine.UnitTest.csproj index f29636e..7c5d82c 100644 --- a/test/RulesEngine.UnitTest/RulesEngine.UnitTest.csproj +++ b/test/RulesEngine.UnitTest/RulesEngine.UnitTest.csproj @@ -1,6 +1,9 @@  netcoreapp3.1 + True + ..\..\signing\RulesEngine-publicKey.snk + True