Skip to content

Updated the CI to use trusted publishing for NuGet#88

Merged
ByronMayne merged 1 commit into
masterfrom
feature/trusted-publisher
Jul 8, 2026
Merged

Updated the CI to use trusted publishing for NuGet#88
ByronMayne merged 1 commit into
masterfrom
feature/trusted-publisher

Conversation

@ByronMayne

Copy link
Copy Markdown
Owner

No description provided.

Copilot AI review requested due to automatic review settings July 8, 2026 02:30
@ByronMayne ByronMayne merged commit 015f38e into master Jul 8, 2026
3 checks passed

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the NuGet publishing workflow to use NuGet trusted publishing via OIDC by acquiring a short-lived API key during the run, rather than relying on a long-lived stored API key secret.

Changes:

  • Switch configuration input to reference env.Configuration (matching the workflow’s env key).
  • Add NuGet/login@v1 step to mint a temporary NuGet API key via OIDC.
  • Wire the publish step to use the minted key (steps.login.outputs.NUGET_API_KEY) instead of secrets.NUGET_API_KEY.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +33 to +36
# Get a short-lived NuGet API key
- name: NuGet login (OIDC → temp API key)
uses: NuGet/login@v1
id: login
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants