diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 4b25247e..e851aa41 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -23,7 +23,7 @@ jobs: steps: - name: checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Get current or bumped version tag id: bumpVersion diff --git a/.github/workflows/shared-build-deploy-container.yml b/.github/workflows/shared-build-deploy-container.yml index 34f7d8d5..412fc537 100644 --- a/.github/workflows/shared-build-deploy-container.yml +++ b/.github/workflows/shared-build-deploy-container.yml @@ -58,10 +58,10 @@ jobs: tagPrefix: ${{ steps.load-environment.outputs.tagPrefix }} steps: - name: Checkout calling repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Checkout trakx/github-actions repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: repository: trakx/github-actions path: ./github-actions-shared-build-deploy-container @@ -101,10 +101,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout calling repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Checkout trakx/github-actions repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: repository: trakx/github-actions path: ./github-actions-shared-build-deploy-container @@ -143,10 +143,10 @@ jobs: && github.event.workflow_run.conclusion == 'success' )) steps: - name: Checkout calling repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Checkout trakx/github-actions repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: repository: trakx/github-actions path: ./github-actions-shared-build-deploy-container diff --git a/.github/workflows/shared-deploy-container-kubernetes.yml b/.github/workflows/shared-deploy-container-kubernetes.yml index ecf1be91..308c1c86 100644 --- a/.github/workflows/shared-deploy-container-kubernetes.yml +++ b/.github/workflows/shared-deploy-container-kubernetes.yml @@ -43,10 +43,10 @@ jobs: runnerName: ${{ steps.load-environment.outputs.runnerName }} steps: - name: Checkout calling repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Checkout trakx/github-actions repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: repository: trakx/github-actions path: ./github-actions-shared-deploy-image @@ -103,10 +103,10 @@ jobs: runs-on: ${{ needs.prepare-and-validate.outputs.runnerName }} steps: - name: Checkout calling repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Checkout trakx/github-actions repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: repository: trakx/github-actions path: ./github-actions-shared-deploy-image diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index ad0ff90e..88ff5792 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -26,7 +26,7 @@ jobs: steps: - name: checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Get current or bumped version tag id: bumpVersion diff --git a/restore-dotnet/action.yml b/restore-dotnet/action.yml index 1094ac5e..b14469b5 100644 --- a/restore-dotnet/action.yml +++ b/restore-dotnet/action.yml @@ -20,13 +20,53 @@ runs: with: dotnet-version: ${{ inputs.dotnetVersion }} - - name: Add Trakx github nuget source + - name: Ensure Trakx GitHub Packages source exists and has credentials shell: bash - run: dotnet nuget add source "https://nuget.pkg.github.com/trakx/index.json" - --name "github" - --username "trakx-bot" - --password ${{inputs.packageReadonlyPat}} - --store-password-in-clear-text + env: + PACKAGE_READONLY_PAT: ${{ inputs.packageReadonlyPat }} + run: | + set -euo pipefail + + FEED_URL="https://nuget.pkg.github.com/trakx/index.json" + FEED_FALLBACK_NAME="github" + FEED_USERNAME="trakx-bot" + + get_nuget_source_name_by_url() { + local source_url="$1" + dotnet nuget list source \ + | awk -v url="$source_url" ' + match($0, /^[[:space:]]*[0-9]+[.][[:space:]]*(.+)[[:space:]]+\[(Enabled|Disabled)\][[:space:]]*$/, m) { + name=m[1] + status=m[2] + next + } + index($0, url) && status=="Enabled" { + print name + exit + } + ' + } + + FEED_NAME="$(get_nuget_source_name_by_url "$FEED_URL" || true)" + + if [ -n "${FEED_NAME:-}" ]; then + echo "GitHub feed already configured as '$FEED_NAME'. Updating credentials." + echo "ADDED_GITHUB_SOURCE=false" >> "$GITHUB_ENV" + + dotnet nuget update source "$FEED_NAME" \ + --username "$FEED_USERNAME" \ + --password "$PACKAGE_READONLY_PAT" \ + --store-password-in-clear-text + else + echo "GitHub feed not configured. Adding as '$FEED_FALLBACK_NAME'." + echo "ADDED_GITHUB_SOURCE=true" >> "$GITHUB_ENV" + + dotnet nuget add source "$FEED_URL" \ + --name "$FEED_FALLBACK_NAME" \ + --username "$FEED_USERNAME" \ + --password "$PACKAGE_READONLY_PAT" \ + --store-password-in-clear-text + fi - name: Restore Cache uses: actions/cache@v4 @@ -39,8 +79,10 @@ runs: shell: bash env: DOTNET_NUGET_SIGNATURE_VERIFICATION: false + NUGET_AUTH_TOKEN: ${{ inputs.packageReadonlyPat }} run: dotnet restore --locked-mode - - name: Remove Trakx github source + - name: Remove Trakx github source (only if action added it) + if: env.ADDED_GITHUB_SOURCE == 'true' shell: bash - run: dotnet nuget remove source "github" \ No newline at end of file + run: dotnet nuget remove source "github" || true \ No newline at end of file