From 746c367dcd19d3d6422754f36f6ca9daac05da80 Mon Sep 17 00:00:00 2001 From: Serpensin Date: Sun, 14 Sep 2025 23:35:16 +0200 Subject: [PATCH 1/2] Update NuGet publish workflow configuration Added a release trigger for published types and enabled manual triggering of the workflow with a required version input for NuGet package version. --- .github/workflows/nuget-publish.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml index 0a57cea..f66303d 100644 --- a/.github/workflows/nuget-publish.yml +++ b/.github/workflows/nuget-publish.yml @@ -1,9 +1,8 @@ name: Build and Publish NuGet on: - push: - tags: - - 'v*.*.*' + release: + types: [published] workflow_dispatch: inputs: version: From 5a9b1d99e283d4f39bef3a334d8358dd0c7b4989 Mon Sep 17 00:00:00 2001 From: Serpensin Date: Sun, 14 Sep 2025 23:41:29 +0200 Subject: [PATCH 2/2] Update NuGet API key access in nuget-publish.yml Changed the way the NuGet API key is accessed in the `dotnet nuget push` command from a string to an environment variable for improved security and correctness. --- .github/workflows/nuget-publish.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml index f66303d..f6aacd3 100644 --- a/.github/workflows/nuget-publish.yml +++ b/.github/workflows/nuget-publish.yml @@ -105,11 +105,13 @@ jobs: - name: Push package(s) to NuGet.org shell: pwsh + env: + NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }} run: | $nupkgs = Get-ChildItem -Path 'nupkg' -Filter '*.nupkg' foreach ($pkg in $nupkgs) { Write-Host "Pushing $($pkg.FullName)..." - dotnet nuget push $pkg.FullName --api-key '${{ secrets.NUGET_API_KEY }}' --source https://api.nuget.org/v3/index.json --skip-duplicate + dotnet nuget push $pkg.FullName --api-key $env:NUGET_API_KEY --source https://api.nuget.org/v3/index.json --skip-duplicate } - name: Push package(s) to GitHub Packages