Add an "IgnoreThis" project.

Facilitates changes to CI/Release that can be tested end-to-end.

Author: damianh

.github/workflows/ignore-this-ci.yml

@@ -0,0 +1,90 @@
+name: access-token-management\ci
+
+permissions:
+  contents: read
+  checks: write
+  packages: write
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+    - main
+    tags:
+    - access-token-management-v*
+    paths:
+    - .github/workflows/access-token-management-ci.yml
+    - access-token-management/*
+  pull_request:
+    paths:
+    - .github/workflows/access-token-management-ci.yml
+    - access-token-management/*
+
+env:
+  DOTNET_NOLOGO: true
+
+defaults:
+  run:
+    working-directory: access-token-management
+    shell: pwsh
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: |
+          8.0.x
+
+    - name: Build
+      run: ./build.ps1
+
+    - name: Test report
+      id: test-report
+      uses: dorny/test-reporter@v1
+      if: success() || failure()    # run this step even if previous step failed
+      with:
+        name: Test results
+        path: access-token-management/test/AccessTokenManagement.Tests/TestResults/Test.trx
+        reporter: dotnet-trx
+        fail-on-error: true
+        fail-on-empty: true
+
+    - name: Install Sectigo CodeSiging CA certificates
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y ca-certificates
+        sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
+        sudo update-ca-certificates
+
+    - name: Sign
+      if: (github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags/'))
+      env:
+        SignClientSecret: ${{ secrets.SignClientSecret }}
+      run: ./build.ps1 sign
+
+    - name: Push packages to MyGet
+      if: (github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags/'))
+      run: dotnet nuget push artifacts\*.nupkg -s https://www.myget.org/F/duende_identityserver/api/v2/package -k ${{ secrets.MYGET }}
+
+    - name: Push NuGet package to GitHub Packages
+      run: dotnet nuget push artifacts\*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }}
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Upload artifacts
+      uses: actions/upload-artifact@v4
+      if: (github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags/'))
+      with:
+        path: access-token-management/artifacts/*.nupkg
+        compression-level: 0
+        overwrite: true
+        retention-days: 15

.github/workflows/ignore-this-codeql.yml

@@ -0,0 +1,41 @@
+name: acces-token-management\codeql
+
+on:
+  push:
+    branches: 
+    - main
+    paths:
+    - .github/workflows/ignore-this-codeql.yml
+    - ignore-this/*
+  pull_request:
+    paths:
+    - .github/workflows/ignore-this-codeql.yml
+    - ignore-this/*
+  schedule:
+    - cron: '38 15 * * 0'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Initialize CodeQL
+      uses:  github/codeql-action/init@v3
+      with:
+        languages: csharp
+        
+    - name: Auto build
+      uses: github/codeql-action/autobuild@v3
+
+    - name: Perform CodeQL analysis
+      uses: github/codeql-action/analyze@v3
+      with:
+        category: "/language:csharp"

.github/workflows/ignore-this-release.yml

@@ -0,0 +1,93 @@
+name: access-token-management\release
+
+on:
+  workflow_dispatch:
+   inputs:
+      version:
+        type: string
+        description: "Version in format X.Y.Z or X.Y.Z-preview.N"
+        required: true
+        default: '0.0.0'
+
+env:
+  DOTNET_NOLOGO: true
+
+defaults:
+  run:
+    working-directory: access-token-management
+    shell: pwsh
+
+jobs:
+  tag:
+    name: Tag and Pack
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      packages: write
+    
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: |
+          8.0.x
+
+    - name: Tag
+      run: |
+        git config --global user.email "github-bot@duendesoftware.com"
+        git config --global user.name "Duende Software GitHub Bot"
+        git tag -a it-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
+        git push origin it-${{ github.event.inputs.version }}
+
+    - name: Pack
+      run: ./build.ps1 pack
+
+    - name: Install Sectigo CodeSiging CA certificates
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y ca-certificates
+        sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
+        sudo update-ca-certificates
+
+    - name: Sign
+      env:
+        SignClientSecret: ${{ secrets.SignClientSecret }}
+      run: ./build.ps1 sign
+
+    - name: Push packages to MyGet
+      run: dotnet nuget push artifacts\*.nupkg -s https://www.myget.org/F/duende_identityserver/api/v2/package -k ${{ secrets.MYGET }}
+
+    - name: Push packages to GitHub
+      run: dotnet nuget push artifacts\*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }}
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Upload artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        path: access-token-management/artifacts/*.nupkg
+        compression-level: 0
+        overwrite: true
+        retention-days: 15
+
+  publish:
+    name: Publish to NuGet
+    runs-on: ubuntu-latest
+    environment: nuget.org
+    needs: tag
+
+    steps:
+    - uses: actions/download-artifact@v4
+
+    - uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: |
+          8.0.x
+
+    - name: Release
+      #run: dotnet nuget push artifacts\*.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGETORG_TOKEN }}
+      run: Write-Host "Release.."

ignore-this/.config/dotnet-tools.json

@@ -0,0 +1,12 @@
+{
+  "version": 1,
+  "isRoot": true,
+  "tools": {
+    "NuGetKeyVaultSignTool": {
+      "version": "3.2.3",
+      "commands": [
+        "NuGetKeyVaultSignTool"
+      ]
+    }
+  }
+}