Add an "IgnoreThis" project.

Facilitates changes to CI/Release that can be tested end-to-end.

Author: damianh

.github/workflows/access-token-management-ci.yml

@@ -10,8 +10,6 @@ on:
   push:
     branches:
     - main
-    tags:
-    - access-token-management-v*
     paths:
     - .github/workflows/access-token-management-ci.yml
     - access-token-management/*
@@ -23,15 +21,14 @@ on:
 env:
   DOTNET_NOLOGO: true
 
-defaults:
-  run:
-    working-directory: access-token-management
-    shell: pwsh
-
 jobs:
   build:
     name: Build
     runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: access-token-management
+        shell: pwsh
 
     steps:
     - uses: actions/checkout@v4
@@ -65,24 +62,25 @@ jobs:
         sudo update-ca-certificates
 
     - name: Sign
-      if: (github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags/'))
+      if: (github.ref == 'refs/heads/main')
       env:
         SignClientSecret: ${{ secrets.SignClientSecret }}
       run: ./build.ps1 sign
 
     - name: Push packages to MyGet
-      if: (github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags/'))
+      if: (github.ref == 'refs/heads/main')
       run: dotnet nuget push artifacts\*.nupkg -s https://www.myget.org/F/duende_identityserver/api/v2/package -k ${{ secrets.MYGET }}
 
     - name: Push NuGet package to GitHub Packages
+      if: (github.ref == 'refs/heads/main')
       run: dotnet nuget push artifacts\*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }}
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     - name: Upload artifacts
       uses: actions/upload-artifact@v4
-      if: (github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags/'))
+      if: (github.ref == 'refs/heads/main')
       with:
         path: access-token-management/artifacts/*.nupkg
         compression-level: 0

.github/workflows/access-token-management-release.yml

@@ -11,6 +11,7 @@ on:
 
 env:
   DOTNET_NOLOGO: true
+  DOTNET_CLI_TELEMETRY_OPTOUT: true
 
 defaults:
   run:

.github/workflows/ignore-this-ci.yml

@@ -0,0 +1,88 @@
+name: ignore-this\ci
+
+permissions:
+  contents: read
+  checks: write
+  packages: write
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+    - main
+    paths:
+    - .github/workflows/aignore-this-ci.yml
+    - ignore-this/*
+  pull_request:
+    paths:
+    - .github/workflows/ignore-this-ci.yml
+    - ignore-this/*
+
+env:
+  DOTNET_NOLOGO: true
+  DOTNET_CLI_TELEMETRY_OPTOUT: true
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ignore-this
+        shell: pwsh
+    
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: |
+          8.0.x
+
+    - name: Build
+      run: build.ps1
+
+    - name: Test report
+      id: test-report
+      uses: dorny/test-reporter@v1
+      if: success() || failure()    # run this step even if previous step failed
+      with:
+        name: Test results
+        path: ignore-this/test/IgnoreThis.Tests/TestResults/Test.trx
+        reporter: dotnet-trx
+        fail-on-error: true
+        fail-on-empty: true
+
+    - name: Install Sectigo CodeSiging CA certificates
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y ca-certificates
+        sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
+        sudo update-ca-certificates
+
+    - name: Sign
+      if: (github.ref == 'refs/heads/main')
+      env:
+        SignClientSecret: ${{ secrets.SignClientSecret }}
+      run: build.ps1 sign
+
+    - name: Push packages to MyGet
+      if: (github.ref == 'refs/heads/main')
+      run: dotnet nuget push artifacts\*.nupkg -s https://www.myget.org/F/duende_identityserver/api/v2/package -k ${{ secrets.MYGET }} --skip-duplicate
+
+    - name: Push NuGet package to GitHub Packages
+      run: dotnet nuget push artifacts\*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Upload artifacts
+      uses: actions/upload-artifact@v4
+      if: (github.ref == 'refs/heads/main')
+      with:
+        path: ignore-this/artifacts/*.nupkg
+        compression-level: 0
+        overwrite: true
+        retention-days: 15

.github/workflows/ignore-this-codeql.yml

@@ -0,0 +1,41 @@
+name: ignore-this\codeql
+
+on:
+  push:
+    branches: 
+    - main
+    paths:
+    - .github/workflows/ignore-this-codeql.yml
+    - ignore-this/*
+  pull_request:
+    paths:
+    - .github/workflows/ignore-this-codeql.yml
+    - ignore-this/*
+  schedule:
+    - cron: '38 15 * * 0'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Initialize CodeQL
+      uses:  github/codeql-action/init@v3
+      with:
+        languages: csharp
+        
+    - name: Auto build
+      uses: github/codeql-action/autobuild@v3
+
+    - name: Perform CodeQL analysis
+      uses: github/codeql-action/analyze@v3
+      with:
+        category: "/language:csharp"

.github/workflows/ignore-this-release.yml

@@ -0,0 +1,101 @@
+name: ignore-this\release
+
+on:
+  workflow_dispatch:
+   inputs:
+      version:
+        type: string
+        description: "Version in format X.Y.Z or X.Y.Z-preview.N"
+        required: true
+        default: '0.0.0'
+
+env:
+  DOTNET_NOLOGO: true
+  DOTNET_CLI_TELEMETRY_OPTOUT: true
+
+defaults:
+  run:
+    shell: pwsh
+
+jobs:
+  tag:
+    name: Tag and Pack
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      packages: write
+    defaults:
+      run:
+        working-directory: ignore-this
+    
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: |
+          8.0.x
+
+    - name: Tag
+      run: |
+        git config --global user.email "github-bot@duendesoftware.com"
+        git config --global user.name "Duende Software GitHub Bot"
+        git tag -a it-${{ github.event.inputs.version }} -m "Release v${{ github.event.inputs.version }}"
+        git push origin it-${{ github.event.inputs.version }}
+
+    - name: Pack
+      run: build.ps1 pack
+
+    - name: Install Sectigo CodeSiging CA certificates
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y ca-certificates
+        sudo cp build/SectigoPublicCodeSigningRootCrossAAA.crt /usr/local/share/ca-certificates/
+        sudo update-ca-certificates
+
+    - name: Sign
+      env:
+        SignClientSecret: ${{ secrets.SignClientSecret }}
+      run: build.ps1 sign
+
+    - name: Push packages to MyGet
+      run: dotnet nuget push artifacts\*.nupkg -s https://www.myget.org/F/duende_identityserver/api/v2/package -k ${{ secrets.MYGET }} --skip-duplicate
+
+    - name: Push packages to GitHub
+      run: dotnet nuget push artifacts\*.nupkg --source https://nuget.pkg.github.com/DuendeSoftware/index.json --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Upload artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        path: ignore-this/artifacts/*.nupkg
+        compression-level: 0
+        overwrite: true
+        retention-days: 15
+
+  publish:
+    name: Publish to NuGet
+    runs-on: ubuntu-latest
+    environment: nuget.org
+    needs: tag
+
+    steps:
+    - uses: actions/download-artifact@v4
+      with:
+        path: artifacts
+
+    - uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: |
+          8.0.x
+    
+    - name: List files
+      shell: bash
+      run: tree
+
+    - name: Push to nuget.org
+      run: dotnet nuget push artifacts/*.nupkg --source https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET_ORG_API_KEY }} --skip-duplicate

ignore-this/.config/dotnet-tools.json

@@ -0,0 +1,12 @@
+{
+  "version": 1,
+  "isRoot": true,
+  "tools": {
+    "NuGetKeyVaultSignTool": {
+      "version": "3.2.3",
+      "commands": [
+        "NuGetKeyVaultSignTool"
+      ]
+    }
+  }
+}