Attest contents of NuGet packages (#87)

2025-10-08 02:28:40 +00:00 · 2024-06-17 23:37:53 +01:00
parent e17e769d5a
commit 56ac203570
3 changed files with 142 additions and 9 deletions
--- a/.github/workflows/nuget-push.sh
+++ b/.github/workflows/nuget-push.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+SOURCE_NUPKG=$(find . -type f -name '*.nupkg')
+
+PACKAGE_VERSION=$(basename "$SOURCE_NUPKG" | rev | cut -d '.' -f 2-4 | rev)
+
+echo "version=$PACKAGE_VERSION" >> "$GITHUB_OUTPUT"
+
+tmp=$(mktemp)
+
+if ! dotnet nuget push "$SOURCE_NUPKG" --api-key "$NUGET_API_KEY" --source https://api.nuget.org/v3/index.json > "$tmp" ; then
+    cat "$tmp"
+    if grep 'already exists and cannot be modified' "$tmp" ; then
+        echo "result=skipped" >> "$GITHUB_OUTPUT"
+        exit 0
+    else
+        echo "Unexpected failure to upload"
+        exit 1
+    fi
+fi
+
+cat "$tmp"
+
+echo "result=published" >> "$GITHUB_OUTPUT"