TylerBrinkley
Improve build and publish workflow
- ensure proper flags for package
- generate symbols
- package and publish as part of CI flow
Old: https://nuget.info/packages/Enums.NET/5.0.0
Now:
When uploading to NuGet should also upload the snupkg file.
Thanks @lahma for doing this. Sorry I'm not too familiar with artifacts, what's the purpose for them in the CI build script?
If you approve the run, you will see artifacts section in build summary and you can download a zip file containing the nuget packages prepared.
I did similar thing here, see the bottom of the page https://github.com/totpero/DeviceDetector.NET/actions/runs/10267431264
I see, but wouldn't I want to do that for just version releases? How long do these artifacts exist? Would this support signing the assemblies?
Well you can pick artifacts from build you choose, e.g. the commit you choose for release. With Quartz.NET and a some other projects I have generated rolling preview version number and if it's a tagged build it will produce version based on tag name. But it gets complicated.
In my projects I have signing key in repo and all builds have signed binaries.
My goal with this PR was to ensure that build artifacts correlate to repository and there won't be possible problems from building on random developer box with code not in version control.
As I was on mobile before so wasn't able to investigate. So I see that you don't share the snk file for signing. I would suggest to just add it publicly to repository and have it for all builds. If you look at the Microsoft's guidance, there's:
✔️ CONSIDER strong naming your library's assemblies. ✔️ CONSIDER adding the strong naming key to your source control system.
As it's not a security measure it's common for OSS projects to have the key as part of repository contents.