GitHub 操作:自动推送 NuGet 包

GitHub Actions: automatically push NuGet package

我正在尝试配置我的 Github 存储库,以便自动构建 NuGet 包并将其推送到 nuget.org 和 github.com。所以我想要的是,每次在 master 分支上进行提交,或者另一个分支合并到 master 时,github 将 master 头部的新 Nuget 包发布到 Nuget 和 Github.

NuGet

  1. 在我的 nuget 组织帐户上,我生成了一个访问令牌(用户名 - API 密钥 - 创建)
  2. 在 Github(select 您的组织 - 查看组织 - 设置选项卡 - 机密)我添加了一个名为 PUBLISH_TO_NUGET_ORG 的机密和我的 nuget 访问令牌

Github

  1. 在我的个人帐户上,我生成了一个访问令牌(帐户 - 设置 - 开发人员设置 - 个人访问令牌 - 生成)
  2. 在 Github 我添加了一个名为 PUBLISH_TO_GITHUB_COM 的秘密和我的 github 访问令牌

这些是我的 Github 访问令牌的范围:

设置

在我的 github 存储库中,我设置了一个操作来恢复、构建、测试、打包和发布:

name: .NET Core

on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v2
    - name: Setup .NET Core
      uses: actions/setup-dotnet@v1
      with:
        dotnet-version: 3.1.301
    - name: Install dependencies
      run: dotnet restore
    - name: Build
      run: dotnet build --configuration Release --no-restore
    - name: Test
      run: dotnet test --no-restore --verbosity normal
#    - name: Publish
#      uses: brandedoutcast/publish-nuget@v2.5.2
#      with:
#          PROJECT_FILE_PATH: MintPlayer.SeasonChecker/MintPlayer.SeasonChecker.csproj
#          NUGET_KEY: ${{secrets.PUBLISH_TO_NUGET_ORG}}
#          INCLUDE_SYMBOLS: true
    - name: Pack
      run: dotnet pack --no-build --configuration Release MintPlayer.SeasonChecker/MintPlayer.SeasonChecker.csproj --output .
    - name: PushNuget
      run: dotnet nuget push *.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{secrets.PUBLISH_TO_NUGET_ORG}} --skip-duplicate
    - name: AddGithubSource
      run: dotnet nuget add source --username PieterjanDeClippel --password ${{secrets.PUBLISH_TO_GITHUB_COM}} --name github https://nuget.pkg.github.com/MintPlayer/index.json
    - name: PushGithub
      run: dotnet nuget push *.nupkg --source github --skip-duplicate

推送到 nuget.org 工作正常,但是推送到我的 GitHub 提要失败并出现未经授权的错误。

我看过一些插件 like this one,我想将其嵌入到我的操作中,以免多次构建我的项目。

第一次拍摄:

dotnet nuget push *.nupkg --source https://nuget.pkg.github.com/MintPlayer/index.json --api-key ${{secrets.PUBLISH_TO_GITHUB_COM}} --skip-duplicate

结果:

warn : Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured.

第二次使用多个命令:

dotnet nuget add source --username PieterjanDeClippel --password ${{secrets.PUBLISH_TO_GITHUB_COM}} --name github https://nuget.pkg.github.com/MintPlayer/index.json
dotnet nuget push *.nupkg --source github --skip-duplicate

此失败并显示以下(明显)消息:

error: Password encryption is not supported on .NET Core for this platform. The following feed try to use an encrypted password: 'github'. You can use a clear text password as a workaround.
error:   Encryption is not supported on non-Windows platforms.

有没有人有将 Nuget 包自动发布到 Github 的经验?

Link to action configuration file

编辑

我尝试发送 POST 请求:

而且我正在获取我的用户信息,因此我的访问令牌绝对有效。

编辑

我也在我的计算机上尝试了 运行 命令,将令牌替换为我自己的令牌,同样有效。

根据 github 操作文档

<packageSourceCredentials>
    <github>
        <add key="Username" value="USERNAME" />
        <add key="ClearTextPassword" value="TOKEN" />
    </github>
</packageSourceCredentials>

所以我认为您只需要在 nuget add source 命令中设置 -StorePasswordInClearText,因为您当前正在加密令牌

参考文献:

Github 操作 - https://docs.github.com/en/packages/using-github-packages-with-your-projects-ecosystem/configuring-dotnet-cli-for-use-with-github-packages#authenticating-to-github-packages

Nuget 配置文档 - https://docs.microsoft.com/en-us/nuget/reference/nuget-config-file#packagesourcecredentials

原来我的解决方案中缺少一个 nuget.config 文件

https://github.community/t/github-actions-automatically-push-nuget-package/128242/4

nuget.config

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <packageSources>
    <add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
  </packageSources>
</configuration>

还有我的工作流文件:

name: .NET Core

on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - name: Checkout
      uses: actions/checkout@v2
    - name: Setup .NET Core
      uses: actions/setup-dotnet@v1.5.0
      with:
        dotnet-version: 3.1.301
        # Authenticates packages to push to GPR
        source-url: https://nuget.pkg.github.com/${{ github.repository_owner }}/index.json
      env:
        NUGET_AUTH_TOKEN: '%NUGET_AUTH_TOKEN%'
    - name: Install dependencies
      run: dotnet restore
    - name: Build
      run: dotnet build --configuration Release --no-restore
    - name: Test
      run: dotnet test --no-restore --verbosity normal
    - name: Pack
      run: dotnet pack --no-build --configuration Release
    - name: PushNuget
      run: dotnet nuget push **/*.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.PUBLISH_TO_NUGET_ORG }} --skip-duplicate
    - name: PushGithub
      # The github token is automatically being pulled from the workflow
      run: dotnet nuget push **/*.nupkg --no-symbols --skip-duplicate
      env:
        NUGET_AUTH_TOKEN: ${{ github.token }}