DuendeSoftware
diff --git a/‎.github/workflow-gen/Program.cs
Lines changed: 10 additions & 8 deletions b/‎.github/workflow-gen/Program.cs
Lines changed: 10 additions & 8 deletions
diff --git a/‎access-token-management/build/SectigoPublicCodeSigningRootCrossAAA.crt renamed to ‎.github/workflows/SectigoPublicCodeSigningRootCrossAAA.crt b/‎access-token-management/build/SectigoPublicCodeSigningRootCrossAAA.crt renamed to ‎.github/workflows/SectigoPublicCodeSigningRootCrossAAA.crt
diff --git a/‎.github/workflows/access-token-management-ci.yml
Lines changed: 3 additions & 8 deletions b/‎.github/workflows/access-token-management-ci.yml
Lines changed: 3 additions & 8 deletions
diff --git a/‎.github/workflows/access-token-management-release.yml
Lines changed: 2 additions & 5 deletions b/‎.github/workflows/access-token-management-release.yml
Lines changed: 2 additions & 5 deletions
diff --git a/‎.github/workflows/identity-model-ci.yml
Lines changed: 3 additions & 7 deletions b/‎.github/workflows/identity-model-ci.yml
Lines changed: 3 additions & 7 deletions
diff --git a/‎.github/workflows/identity-model-odic-client-release.yml
Lines changed: 0 additions & 103 deletions b/‎.github/workflows/identity-model-odic-client-release.yml
Lines changed: 0 additions & 103 deletions
diff --git a/‎.github/workflows/identity-model-oidc-client-ci.yml
Lines changed: 5 additions & 13 deletions b/‎.github/workflows/identity-model-oidc-client-ci.yml
Lines changed: 5 additions & 13 deletions
diff --git a/‎.github/workflows/identity-model-oidc-client-release.yml
Lines changed: 2 additions & 6 deletions b/‎.github/workflows/identity-model-oidc-client-release.yml
Lines changed: 2 additions & 6 deletions
diff --git a/‎.github/workflows/identity-model-release.yml
Lines changed: 2 additions & 4 deletions b/‎.github/workflows/identity-model-release.yml
Lines changed: 2 additions & 4 deletions
diff --git a/‎.github/workflows/ignore-this-ci.yml
Lines changed: 3 additions & 7 deletions b/‎.github/workflows/ignore-this-ci.yml
Lines changed: 3 additions & 7 deletions
@@ -188,8 +188,8 @@ public static void StepTestAndReport(this Job job, string componentName, string
             .Name("Test")
             .Run($"dotnet test -c Release {path} {flags}");
 
-        job.Step("test-report")
-            .Name("Test report")
+        job.Step()
+            .Name($"Test report - {componentName}")
             .Uses("dorny/test-reporter@v1")
             .If("success() || failure()")
             .With(
@@ -200,29 +200,31 @@ public static void StepTestAndReport(this Job job, string componentName, string
                 ("fail-on-empty", "true"));
     }
 
+    // These intermediate certificates are required for signing and are not installed on the GitHub runners by default.
     public static void StepInstallCACerts(this Job job)
         => job.Step()
-            .Name("Install Sectigo CodeSiging CA certificates")
-            .IfRefMain()
+            .Name("Install Sectigo CodeSiging CA certificates") 
+            .WorkingDirectory("github/workflows")
+            //.IfRefMain()
             .Run("""
                  sudo apt-get update
                  sudo apt-get install -y ca-certificates
-                 sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
+                 sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
                  sudo update-ca-certificates
                  """);
 
     public static void StepToolRestore(this Job job)
         => job.Step()
             .Name("Tool restore")
-            .IfRefMain()
+            //.IfRefMain()
             .Run("dotnet tool restore");
 
     public static void StepPack(this Job job, string componentName, string project)
     {
         var path = $"{componentName}/src/{project}";
         job.Step()
             .Name($"Pack {project}")
-            .IfRefMain()
+            //.IfRefMain()
             .Run($"dotnet pack -c Release {path} --no-build -o artifacts");
     }
 
@@ -237,7 +239,7 @@ public static void StepSign(this Job job)
                     "--azure-key-vault-certificate CodeSigning";
         job.Step()
             .Name("Sign packages")
-            .IfRefMain()
+            //.IfRefMain()
             .Run($"""
                  for file in artifacts/*.nupkg; do
                     dotnet NuGetKeyVaultSignTool sign \"$file\" {flags}
 
@@ -33,8 +33,7 @@ jobs:
         dotnet-version: 8.0.x
     - name: Test
       run: dotnet test -c Release test/AccessTokenManagement.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage"
-    - id: test-report
-      name: Test report
+    - name: Test report - access-token-management
       if: success() || failure()
       uses: dorny/test-reporter@v1
       with:
@@ -44,23 +43,19 @@ jobs:
         fail-on-error: true
         fail-on-empty: true
     - name: Install Sectigo CodeSiging CA certificates
-      if: github.ref == 'refs/heads/main'
       run: |-
         sudo apt-get update
         sudo apt-get install -y ca-certificates
-        sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
+        sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
         sudo update-ca-certificates
+      working-directory: github/workflows
     - name: Tool restore
-      if: github.ref == 'refs/heads/main'
       run: dotnet tool restore
     - name: Pack AccessTokenManagement
-      if: github.ref == 'refs/heads/main'
       run: dotnet pack -c Release access-token-management/src/AccessTokenManagement --no-build -o artifacts
     - name: Pack AccessTokenManagement.OpenIdConnect
-      if: github.ref == 'refs/heads/main'
       run: dotnet pack -c Release access-token-management/src/AccessTokenManagement.OpenIdConnect --no-build -o artifacts
     - name: Sign packages
-      if: github.ref == 'refs/heads/main'
       run: |-
         for file in artifacts/*.nupkg; do
            dotnet NuGetKeyVaultSignTool sign \"$file\" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning
 
@@ -39,20 +39,17 @@ jobs:
         git tag -a it-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
         git push origin it-${{ github.event.inputs.version }}
     - name: Install Sectigo CodeSiging CA certificates
-      if: github.ref == 'refs/heads/main'
       run: |-
         sudo apt-get update
         sudo apt-get install -y ca-certificates
-        sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
+        sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
         sudo update-ca-certificates
+      working-directory: github/workflows
     - name: Pack AccessTokenManagement
-      if: github.ref == 'refs/heads/main'
       run: dotnet pack -c Release access-token-management/src/AccessTokenManagement --no-build -o artifacts
     - name: Pack AccessTokenManagement.OpenIdConnect
-      if: github.ref == 'refs/heads/main'
       run: dotnet pack -c Release access-token-management/src/AccessTokenManagement.OpenIdConnect --no-build -o artifacts
     - name: Sign packages
-      if: github.ref == 'refs/heads/main'
       run: |-
         for file in artifacts/*.nupkg; do
            dotnet NuGetKeyVaultSignTool sign \"$file\" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning
 
@@ -33,8 +33,7 @@ jobs:
         dotnet-version: 8.0.x
     - name: Test
       run: dotnet test -c Release test/IdentityModel.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage"
-    - id: test-report
-      name: Test report
+    - name: Test report - identity-model
       if: success() || failure()
       uses: dorny/test-reporter@v1
       with:
@@ -44,20 +43,17 @@ jobs:
         fail-on-error: true
         fail-on-empty: true
     - name: Install Sectigo CodeSiging CA certificates
-      if: github.ref == 'refs/heads/main'
       run: |-
         sudo apt-get update
         sudo apt-get install -y ca-certificates
-        sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
+        sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
         sudo update-ca-certificates
+      working-directory: github/workflows
     - name: Tool restore
-      if: github.ref == 'refs/heads/main'
       run: dotnet tool restore
     - name: Pack IdentityModel
-      if: github.ref == 'refs/heads/main'
       run: dotnet pack -c Release identity-model/src/IdentityModel --no-build -o artifacts
     - name: Sign packages
-      if: github.ref == 'refs/heads/main'
       run: |-
         for file in artifacts/*.nupkg; do
            dotnet NuGetKeyVaultSignTool sign \"$file\" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning
 
@@ -33,8 +33,7 @@ jobs:
         dotnet-version: 8.0.x
     - name: Test
       run: dotnet test -c Release test/IdentityModel.OidcClient.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage"
-    - id: test-report
-      name: Test report
+    - name: Test report - identity-model-oidc-client
       if: success() || failure()
       uses: dorny/test-reporter@v1
       with:
@@ -45,8 +44,7 @@ jobs:
         fail-on-empty: true
     - name: Test
       run: dotnet test -c Release test/IdentityModel.OidcClient.DPoP.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage"
-    - id: test-report
-      name: Test report
+    - name: Test report - identity-model-oidc-client
       if: success() || failure()
       uses: dorny/test-reporter@v1
       with:
@@ -57,8 +55,7 @@ jobs:
         fail-on-empty: true
     - name: Test
       run: dotnet test -c Release test/IdentityModel.OidcClient.IdentityTokenValidator.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage"
-    - id: test-report
-      name: Test report
+    - name: Test report - identity-model-oidc-client
       if: success() || failure()
       uses: dorny/test-reporter@v1
       with:
@@ -68,26 +65,21 @@ jobs:
         fail-on-error: true
         fail-on-empty: true
     - name: Install Sectigo CodeSiging CA certificates
-      if: github.ref == 'refs/heads/main'
       run: |-
         sudo apt-get update
         sudo apt-get install -y ca-certificates
-        sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
+        sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
         sudo update-ca-certificates
+      working-directory: github/workflows
     - name: Tool restore
-      if: github.ref == 'refs/heads/main'
       run: dotnet tool restore
     - name: Pack IdentityModel.OidcClient
-      if: github.ref == 'refs/heads/main'
       run: dotnet pack -c Release identity-model-oidc-client/src/IdentityModel.OidcClient --no-build -o artifacts
     - name: Pack IdentityModel.OidcClient.DPoP
-      if: github.ref == 'refs/heads/main'
       run: dotnet pack -c Release identity-model-oidc-client/src/IdentityModel.OidcClient.DPoP --no-build -o artifacts
     - name: Pack IdentityModel.OidcClient.IdentityTokenValidator
-      if: github.ref == 'refs/heads/main'
       run: dotnet pack -c Release identity-model-oidc-client/src/IdentityModel.OidcClient.IdentityTokenValidator --no-build -o artifacts
     - name: Sign packages
-      if: github.ref == 'refs/heads/main'
       run: |-
         for file in artifacts/*.nupkg; do
            dotnet NuGetKeyVaultSignTool sign \"$file\" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning
 
@@ -39,23 +39,19 @@ jobs:
         git tag -a it-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
         git push origin it-${{ github.event.inputs.version }}
     - name: Install Sectigo CodeSiging CA certificates
-      if: github.ref == 'refs/heads/main'
       run: |-
         sudo apt-get update
         sudo apt-get install -y ca-certificates
-        sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
+        sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
         sudo update-ca-certificates
+      working-directory: github/workflows
     - name: Pack IdentityModel.OidcClient
-      if: github.ref == 'refs/heads/main'
       run: dotnet pack -c Release identity-model-oidc-client/src/IdentityModel.OidcClient --no-build -o artifacts
     - name: Pack IdentityModel.OidcClient.DPoP
-      if: github.ref == 'refs/heads/main'
       run: dotnet pack -c Release identity-model-oidc-client/src/IdentityModel.OidcClient.DPoP --no-build -o artifacts
     - name: Pack IdentityModel.OidcClient.IdentityTokenValidator
-      if: github.ref == 'refs/heads/main'
       run: dotnet pack -c Release identity-model-oidc-client/src/IdentityModel.OidcClient.IdentityTokenValidator --no-build -o artifacts
     - name: Sign packages
-      if: github.ref == 'refs/heads/main'
       run: |-
         for file in artifacts/*.nupkg; do
            dotnet NuGetKeyVaultSignTool sign \"$file\" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning
 
@@ -39,17 +39,15 @@ jobs:
         git tag -a it-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
         git push origin it-${{ github.event.inputs.version }}
     - name: Install Sectigo CodeSiging CA certificates
-      if: github.ref == 'refs/heads/main'
       run: |-
         sudo apt-get update
         sudo apt-get install -y ca-certificates
-        sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
+        sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
         sudo update-ca-certificates
+      working-directory: github/workflows
     - name: Pack IdentityModel
-      if: github.ref == 'refs/heads/main'
       run: dotnet pack -c Release identity-model/src/IdentityModel --no-build -o artifacts
     - name: Sign packages
-      if: github.ref == 'refs/heads/main'
       run: |-
         for file in artifacts/*.nupkg; do
            dotnet NuGetKeyVaultSignTool sign \"$file\" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning
 
@@ -33,8 +33,7 @@ jobs:
         dotnet-version: 8.0.x
     - name: Test
       run: dotnet test -c Release test/IgnoreThis.Tests --logger "console;verbosity=normal" --logger "trx;LogFileName=Tests.trx" --collect:"XPlat Code Coverage"
-    - id: test-report
-      name: Test report
+    - name: Test report - ignore-this
       if: success() || failure()
       uses: dorny/test-reporter@v1
       with:
@@ -44,20 +43,17 @@ jobs:
         fail-on-error: true
         fail-on-empty: true
     - name: Install Sectigo CodeSiging CA certificates
-      if: github.ref == 'refs/heads/main'
       run: |-
         sudo apt-get update
         sudo apt-get install -y ca-certificates
-        sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
+        sudo cp SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
         sudo update-ca-certificates
+      working-directory: github/workflows
     - name: Tool restore
-      if: github.ref == 'refs/heads/main'
       run: dotnet tool restore
     - name: Pack IgnoreThis
-      if: github.ref == 'refs/heads/main'
       run: dotnet pack -c Release ignore-this/src/IgnoreThis --no-build -o artifacts
     - name: Sign packages
-      if: github.ref == 'refs/heads/main'
       run: |-
         for file in artifacts/*.nupkg; do
            dotnet NuGetKeyVaultSignTool sign \"$file\" --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --azure-key-vault-url https://duendecodesigning.vault.azure.net/ --azure-key-vault-client-id 18e3de68-2556-4345-8076-a46fad79e474 --azure-key-vault-tenant-id ed3089f0-5401-4758-90eb-066124e2d907 --azure-key-vault-client-secret ${{ secrets.SignClientSecret }} --azure-key-vault-certificate CodeSigning