Skip to content

Commit 7efde71

Browse files
vanbukinvanbukin
committed
Switch to OIDC-based NuGet API key generation in Release workflow
1 parent 6320224 commit 7efde71

File tree

1 file changed

+13
-6
lines changed

1 file changed

+13
-6
lines changed

.github/workflows/Release.yml

Lines changed: 13 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,14 @@ jobs:
1111
DOTNET_NOLOGO: true
1212
DOTNET_CLI_TELEMETRY_OPTOUT: true
1313
environment: Production
14+
permissions:
15+
id-token: write
1416
steps:
17+
- name: NuGet login (OIDC → temp API key)
18+
uses: NuGet/login@v1
19+
id: login
20+
with:
21+
user: ${{ secrets.NUGET_USER }}
1522
- name: Checkout
1623
uses: actions/checkout@v6
1724
with:
@@ -56,14 +63,14 @@ jobs:
5663
- name: Pack WebAuthn.Net.Storage.SqlServer
5764
run: dotnet pack src/WebAuthn.Net.Storage.SqlServer/WebAuthn.Net.Storage.SqlServer.csproj --output out --configuration Release
5865
- name: Publish package WebAuthn.Net
59-
run: dotnet nuget push out/WebAuthn.Net.${{ env.RELEASE_VERSION }}.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_PUBLISH_KEY }}
66+
run: dotnet nuget push out/WebAuthn.Net.${{ env.RELEASE_VERSION }}.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{steps.login.outputs.NUGET_API_KEY}}
6067
- name: Publish package WebAuthn.Net.OpenTelemetry
61-
run: dotnet nuget push out/WebAuthn.Net.OpenTelemetry.${{ env.RELEASE_VERSION }}.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_PUBLISH_KEY }}
68+
run: dotnet nuget push out/WebAuthn.Net.OpenTelemetry.${{ env.RELEASE_VERSION }}.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{steps.login.outputs.NUGET_API_KEY}}
6269
- name: Publish package WebAuthn.Net.Storage.InMemory
63-
run: dotnet nuget push out/WebAuthn.Net.Storage.InMemory.${{ env.RELEASE_VERSION }}.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_PUBLISH_KEY }}
70+
run: dotnet nuget push out/WebAuthn.Net.Storage.InMemory.${{ env.RELEASE_VERSION }}.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{steps.login.outputs.NUGET_API_KEY}}
6471
- name: Publish package WebAuthn.Net.Storage.MySql
65-
run: dotnet nuget push out/WebAuthn.Net.Storage.MySql.${{ env.RELEASE_VERSION }}.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_PUBLISH_KEY }}
72+
run: dotnet nuget push out/WebAuthn.Net.Storage.MySql.${{ env.RELEASE_VERSION }}.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{steps.login.outputs.NUGET_API_KEY}}
6673
- name: Publish package WebAuthn.Net.Storage.PostgreSql
67-
run: dotnet nuget push out/WebAuthn.Net.Storage.PostgreSql.${{ env.RELEASE_VERSION }}.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_PUBLISH_KEY }}
74+
run: dotnet nuget push out/WebAuthn.Net.Storage.PostgreSql.${{ env.RELEASE_VERSION }}.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{steps.login.outputs.NUGET_API_KEY}}
6875
- name: Publish package WebAuthn.Net.Storage.SqlServer
69-
run: dotnet nuget push out/WebAuthn.Net.Storage.SqlServer.${{ env.RELEASE_VERSION }}.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_PUBLISH_KEY }}
76+
run: dotnet nuget push out/WebAuthn.Net.Storage.SqlServer.${{ env.RELEASE_VERSION }}.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{steps.login.outputs.NUGET_API_KEY}}

0 commit comments

Comments
 (0)