.github/workflows/build-and-publish-release.yml

Don't use environment variables #1

Workflow file for this run

.github/workflows/build-and-publish-release.yml at 1e89a1c

	name: "Build: Release"

	on:
	push:
	branches:
	- 'release/*'
	- 'hotfix/*'

	# Don't cancel anything in progress
	concurrency:
	group: ${{github.workflow}}-${{github.ref}}-release
	cancel-in-progress: false

	permissions:
	contents: write
	security-events: write

	jobs:
	build-release:

	runs-on: [self-hosted, linux]

	steps:
	- name: "Initialise Workspace"
	if: startsWith(runner.name, 'buildagent-')
	shell: bash
	run: sudo chown -R "$USER:$USER" "$GITHUB_WORKSPACE"

	- name: "Harden Security"
	uses: step-security/[email protected]
	with:
	egress-policy: block
	disable-sudo: true
	allowed-endpoints: >
	aka.ms:443
	api.github.com:443
	api.nuget.org:443
	azuresearch-usnc.nuget.org:443
	crl3.digicert.com:80
	crl4.digicert.com:80
	dc.services.visualstudio.com:443
	dotnet-nuget.s3.eu-west-1.amazonaws.com:443
	dotnetcli.azureedge.net:443
	github.com:443
	objects.githubusercontent.com:443
	raw.githubusercontent.com:443
	s.symcb.com:80
	s3-eu-west-1.amazonaws.com:443
	toolbox-data.anchore.io:443
	ts-crl.ws.symantec.com:80
	www.microsoft.com:80
	www.nuget.org:443
	octopus.funfair.io:443
	api.github.com:443
	api.osv.dev:443
	api.securityscorecards.dev:443
	codeload.github.com:443
	fulcio.sigstore.dev:443
	github.com:443
	oss-fuzz-build-logs.storage.googleapis.com:443
	rekor.sigstore.dev:443
	tuf-repo-cdn.sigstore.dev:443
	www.bestpractices.dev:443
	dotnet-nuget.s3.eu-west-1.amazonaws.com:443
	registry-1.docker.io:443

	## Ignore pre-release
	## dotnet-nuget-prerelease.s3.eu-west-1.amazonaws.com:443

	- name: "Checkout Source"
	uses: actions/[email protected]
	with:
	fetch-depth: 0
	fetch-tags: true

	- name: "Check Repo Visibility"
	uses: credfeto/[email protected]
	id: visibility
	with:
	repository: ${{github.repository}}
	token: ${{secrets.SOURCE_PUSH_TOKEN}}

	- name: "Check Runner details"
	uses: actions/[email protected]
	with:
	script: \|
	core.info('Name: ${{runner.name}}');
	core.info('OS: ${{runner.os}}');

	- name: "Build and deploy"
	if: startsWith(runner.name, 'buildagent-')
	uses: ./.github/actions/build
	with:
	PRODUCTION_BUILD: True
	NPM_PRODUCTION_PACKAGER_VERSION: ${{vars.PRODUCTION_PACKAGER_VERSION}}
	NPM_CONTENT_PACKAGE_WALLET_PASSWORD: ${{secrets.CONTENT_PACKAGE_WALLET_PASSWORD}}
	NPM_PACKAGE_STORE_SIGNING_WALLET: ${{secrets.PACKAGE_STORE_SIGNING_WALLET}}
	NPM_PACKAGE_STORE_SIGNING_WALLET_PASSWORD: ${{secrets.PACKAGE_STORE_SIGNING_WALLET_PASSWORD}}
	NUGET_PUBLIC_RESTORE_FEED_CACHE: ${{vars.NUGET_BAGET_CACHE}}
	NUGET_PUBLIC_RESTORE_FEED: ${{vars.NUGET_PUBLIC_RESTORE_FEED}}
	NUGET_ADDITIONAL_RESTORE_FEED_RELEASE_CACHE: ${{vars.RELEASE_BAGET_CACHE}}
	NUGET_ADDITIONAL_RESTORE_FEED_PRERELEASE_CACHE: ""
	NUGET_ADDITIONAL_RESTORE_FEED_RELEASE: ${{vars.NUGET_ADDITIONAL_RESTORE_FEED_RELEASE}}
	NUGET_ADDITIONAL_RESTORE_FEED_PRERELEASE: ""
	NUGET_PACK: ${{vars.NUGET_PACK}}
	NUGET_FEED: ${{secrets.NUGET_FEED}}
	NUGET_SYMBOL_FEED: ${{secrets.NUGET_SYMBOL_FEED}}
	NUGET_API_KEY: ${{secrets.NUGET_API_KEY}}
	SLEET_CONFIG: ${{secrets.SLEET_CONFIG}}
	SLEET_FEED: "dotnet-release"
	OCTOPUS_SERVER: ${{vars.OCTOPUS_SERVER}}
	OCTOPUS_SPACE_NAME: ${{vars.OCTOPUS_SPACE}}
	OCTOPUS_PROJECT: ${{vars.OCTOPUS_PROJECT}}
	OCTOPUS_CHANNEL: ${{vars.OCTOPUS_RELEASE_CHANNEL}}
	OCTOPUS_DEPLOY_TO: ${{vars.OCTOPUS_DEPLOYTO_RELEASE}}
	OCTOPUS_API_KEY: ${{secrets.OCTOPUS_API_KEY}}
	OCTOPUS_DEPLOY_PACKAGE: ${{vars.OCTOPUS_DEPLOY_PACKAGE}}
	OCTOPUS_DEPLOY_PACKAGE_ZIP: ${{vars.OCTOPUS_DEPLOY_PACKAGE_ZIP}}
	GITHUB_TOKEN: ${{secrets.SOURCE_PUSH_TOKEN}}
	REPO_VISIBILITY: ${{env.REPO_STATUS}}
	CREATE_RELEASE: true

Check failure on line 122 in .github/workflows/build-and-publish-release.yml View workflow run for this annotation GitHub Actions / .github/workflows/build-and-publish-release.yml Invalid workflow file `You have an error in your yaml syntax on line 122`
	- name: "Build and deploy"
	if: !startsWith(runner.name, 'buildagent-')
	uses: ./.github/actions/build
	with:
	PRODUCTION_BUILD: True
	NPM_PRODUCTION_PACKAGER_VERSION: ${{vars.PRODUCTION_PACKAGER_VERSION}}
	NPM_CONTENT_PACKAGE_WALLET_PASSWORD: ${{secrets.CONTENT_PACKAGE_WALLET_PASSWORD}}
	NPM_PACKAGE_STORE_SIGNING_WALLET: ${{secrets.PACKAGE_STORE_SIGNING_WALLET}}
	NPM_PACKAGE_STORE_SIGNING_WALLET_PASSWORD: ${{secrets.PACKAGE_STORE_SIGNING_WALLET_PASSWORD}}
	NUGET_PUBLIC_RESTORE_FEED_CACHE: ${{vars.NUGET_BAGET_CACHE}}
	NUGET_PUBLIC_RESTORE_FEED: ${{vars.NUGET_PUBLIC_RESTORE_FEED}}
	NUGET_ADDITIONAL_RESTORE_FEED_RELEASE_CACHE: ${{vars.RELEASE_BAGET_CACHE}}
	NUGET_ADDITIONAL_RESTORE_FEED_PRERELEASE_CACHE: ""
	NUGET_ADDITIONAL_RESTORE_FEED_RELEASE: ${{vars.NUGET_ADDITIONAL_RESTORE_FEED_RELEASE}}
	NUGET_ADDITIONAL_RESTORE_FEED_PRERELEASE: ""
	NUGET_PACK: ${{vars.NUGET_PACK}}
	NUGET_FEED: ${{secrets.NUGET_FEED}}
	NUGET_SYMBOL_FEED: ${{secrets.NUGET_SYMBOL_FEED}}
	NUGET_API_KEY: ${{secrets.NUGET_API_KEY}}
	SLEET_CONFIG: ${{secrets.SLEET_CONFIG}}
	SLEET_FEED: "dotnet-release"
	OCTOPUS_SERVER: ${{vars.OCTOPUS_SERVER}}
	OCTOPUS_SPACE_NAME: ${{vars.OCTOPUS_SPACE}}
	OCTOPUS_PROJECT: ${{vars.OCTOPUS_PROJECT}}
	OCTOPUS_CHANNEL: ${{vars.OCTOPUS_RELEASE_CHANNEL}}
	OCTOPUS_DEPLOY_TO: ${{vars.OCTOPUS_DEPLOYTO_RELEASE}}
	OCTOPUS_API_KEY: ${{secrets.OCTOPUS_API_KEY}}
	OCTOPUS_DEPLOY_PACKAGE: ${{vars.OCTOPUS_DEPLOY_PACKAGE}}
	OCTOPUS_DEPLOY_PACKAGE_ZIP: ${{vars.OCTOPUS_DEPLOY_PACKAGE_ZIP}}
	GITHUB_TOKEN: ${{secrets.SOURCE_PUSH_TOKEN}}
	REPO_VISIBILITY: ${{env.REPO_STATUS}}
	CREATE_RELEASE: true

	- name: "Build Version"
	uses: actions/[email protected]
	with:
	script: \|
	core.info('Version: \u001b[38;5;6m${{env.BUILD_VERSION}}');
	core.notice('Version: ${{env.BUILD_VERSION}}');

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Don't use environment variables #1

Workflow file

Don't use environment variables #1

Jobs

Run details

Workflow file for this run

GitHub Actions / .github/workflows/build-and-publish-release.yml