Query builder signing and upload to nuget (#2)

rstratkovinfrag · turbobobbytraykov · web-flow · commit e72480aa5e87 · 2025-07-03T15:29:36.000+03:00
* Set up CI with Azure Pipelines

[skip ci]

* Add pipeline to build and sign

* Change signing certificate password

* Change to versionSpec parameter

* Add versionSpec to gitversion task

* Change git version to 5.x

* Change to windows-latest

* Do not use shallow depth fetch in git

* Edit .csproj file location

* Change to snk signing

* Fix secure file path

* Add pr related versioning

* Add pipeline run name

* Add signing of dlls

* Change order of operations

* WIP list dll files location

* WIP update debug step

* Update output directory

* Use powershell for build

* Edit signtool logic

* Modify dotnet build step

* Comment out debug step

* Use powershell to build

* Add build step

* Change pack task

* Fix debug dotnet build

* Update output directory

* remove breaking tick

* Change name of build task

* Publish signed DLLs as artifacts

* Fix signing logic

* WIP check if dlls are signed properly

* wip find signtool

* wip verify every single dll is signed

* Remove verification step

* Edit nuget service connection

* Sign the nuget package + some pipeline refactoring

* Fix path to the signing certificate

* try referencing the password correctly

* Refactor project building

* Try to wildcard the name of the nupkg files

* Tweak the csproj file with versioning &amp; NuGet authoting attributes

* Explicitly set the assembly version attributes at runtime

* tweak the dotnet build task

* Update azure-pipelines.yml for Azure Pipelines

* try to refactor the call to dotnet build again

* Changes related to the nuget package authoring

* Tweak nuget authoring &amp; licensing attributes

* fix build step

* debug git version step

* build targetting csproj

* Hard core sign tool location

* use dotnet task to build

* Tweak nuget authoring &amp; licensing attributes some more

* Add doc url to .csproj

* Add tags to the metadata

* Remove Livense.txt from the build

* Remove license txt

* Include package reference

* Revert adding package reference

* wip check nuget version

* revert nuget version check

* dotnet pack include documentation file

* revert include documentation file

* Add explicit MIT license

* Minor touch-ups

* Move pipeline to azure-pipelines location

* Delete old azure-pipelines.yml

* Edit package project url in csproj

* Add igniteui icon

* Add icon to csproj

* Use png instead of ico

* Delete IgniteUI.ico

* Add ingnite ui icon png

* Delete IgniteUI.png

* Add icon 128

* add package path parameter in csproj

* Add extra space

* Add automated documentation generation

* Fix indentation

* Fix trigger and intentation

* Update name

* Add publish step

* Delete License.txt

* Delete IgniteUI.png

* Upload ignite ui icon

* Stop using git version

* Publish nuget package

* quotes around releaseTag

* Use cleaner SourceBranchName

---------

Co-authored-by: Borislav Traykov &lt;borislav.traikov@gmail.com&gt;
Co-authored-by: Borislav Traykov &lt;btraykov@infragistics.com&gt;
diff --git a/IgniteUI.png b/IgniteUI.png
diff --git a/Infragistics.QueryBuilder.Executor.csproj b/Infragistics.QueryBuilder.Executor.csproj
@@ -4,12 +4,36 @@
     <TargetFramework>net9.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
+    <PackageId>Infragistics.QueryBuilder.Executor</PackageId>
+    <Authors>Infragistics Inc.</Authors>
+    <Owners>Infragistics Inc.</Owners>
+    <Company>Infragistics Inc.</Company>
+    <Description>A .NET 9 library for dynamic, strongly-typed query building and execution over Entity Framework Core data sources. Supports advanced filtering, projection, and SQL generation.</Description>
+    <Version>1.0.0.0</Version>
+    <!-->We want to generate the version attributes at runtime and we need this flag enabled for that<-->
+    <GenerateAssemblyInfo>true</GenerateAssemblyInfo>
+    <GenerateDocumentationFile>true</GenerateDocumentationFile>
+    <PackageRequireLicenseAcceptance>false</PackageRequireLicenseAcceptance>
+    <PackageLicenseExpression>MIT</PackageLicenseExpression>
+    <Copyright>Infragistics</Copyright>
+    <PackageReadmeFile>ReadMe.md</PackageReadmeFile>
+    <PackageProjectUrl>https://github.com/IgniteUI/Infragistics.QueryBuilder.Executor</PackageProjectUrl>
+    <RepositoryUrl>https://github.com/IgniteUI/Infragistics.QueryBuilder.Executor</RepositoryUrl>
+    <RepositoryType>git</RepositoryType>
+    <PackageDocumentationUrl>https://github.com/IgniteUI/Infragistics.QueryBuilder.Executor</PackageDocumentationUrl>
+    <PackageTags>Infragistics;App Builder;Ignite UI;Filtering;Query;Query Builder;Models</PackageTags>
+    <PackageIcon>IgniteUI.png</PackageIcon>
   </PropertyGroup>
 
   <ItemGroup>
     <PackageReference Include="AutoMapper" Version="14.0.0" />
     <PackageReference Include="Microsoft.EntityFrameworkCore" Version="9.0.4" />
     <PackageReference Include="Swashbuckle.AspNetCore.SwaggerGen" Version="8.1.1" />
+    <None Include="IgniteUI.png" Pack="true" PackagePath="" />
+        <None Include="ReadMe.md">
+            <Pack>True</Pack>
+            <PackagePath></PackagePath>
+        </None>
   </ItemGroup>
 
 </Project>
diff --git a/azure-pipelines/build-and-publish.yml b/azure-pipelines/build-and-publish.yml
@@ -0,0 +1,124 @@
+trigger:
+  tags:
+    include:
+    - '*'
+# This pipeline is meant to build & deploy upon tagging. It's not meant to be a part of PR validation.
+pr: none
+
+name: $(Build.SourceBranchName)_$(Year:yyyy).$(Month).$(DayOfMonth)$(Rev:.r)
+
+variables:
+- group: Code_Signing_Certificate_2023_2026
+- name: prId
+  value: $[coalesce(variables['System.PullRequest.PullRequestId'], '000')]
+- name: prIteration
+  value: $[counter(variables['prId'], 1)]
+- name: buildConfiguration
+  value: Release
+- name: releaseTag
+  value: $(Build.SourceBranchName)
+
+stages:
+- stage: BuildAndPublish
+  condition: succeeded()
+  jobs: 
+  - job: BuildAndSign
+    pool:
+      vmImage: 'windows-latest'
+
+    steps:
+    - checkout: self
+      fetchDepth: 0
+
+    - task: UseDotNet@2
+      inputs:
+        packageType: 'sdk'
+        version: '9.x'
+
+    - task: DownloadSecureFile@1
+      name: cert
+      inputs:
+        secureFile: 'code-signing-certificate-2023-2026.pfx'
+
+    - task: DotNetCoreCLI@2
+      displayName: 'Build Project'
+      inputs:
+        command: 'build'
+        projects: 'Infragistics.QueryBuilder.Executor.csproj'
+        arguments: >
+          -c $(buildConfiguration)
+          /p:Version=$(releaseTag)
+
+    - powershell: |
+        $outputDir = "$(Build.SourcesDirectory)\bin\$(buildConfiguration)\net9.0"
+        Write-Host "Listing contents of: $outputDir"
+        if (-Not (Test-Path $outputDir)) {
+          Write-Error "Output folder not found: $outputDir"
+          exit 1
+        }
+        Get-ChildItem $outputDir -Recurse | ForEach-Object {
+          Write-Host $_.FullName
+        }
+      displayName: 'Debug: List build output contents'
+
+    - powershell: |
+        $dllFolder = "$(Build.SourcesDirectory)\bin\$(buildConfiguration)\net9.0"
+        Write-Host "Signing DLLs in folder: $dllFolder"
+
+        $signtoolPath = "C:\Program Files (x86)\Windows Kits\10\bin\10.0.17763.0\x64\signtool.exe"
+        Write-Host "Using signtool at: $signtoolPath"
+
+        $dllFiles = Get-ChildItem -Path $dllFolder -Filter *.dll -Recurse
+        foreach ($dll in $dllFiles) {
+          Write-Host "Signing $($dll.FullName)..."
+          & $signtoolPath sign /f $(cert.secureFilePath) /p $env:CERT_PASS /tr $(SigningCertificateTimestampUrl) /td sha256 /fd sha256 $dll.FullName
+
+          if ($LASTEXITCODE -ne 0) {
+            Write-Error "Signing failed for $($dll.FullName)"
+            exit 1
+          }
+        }
+      displayName: 'Sign all DLL files with PFX certificate'
+      env:
+        CERT_PASS: $(SigningCertificatePassword)
+
+    - powershell: |
+        $packageOutputDir = "$(Build.ArtifactStagingDirectory)\nuget"
+        $packageVersion = "$(releaseTag)"
+
+        Write-Host "Packing project from existing build output..."
+        dotnet pack ./Infragistics.QueryBuilder.Executor.csproj `
+          --no-build `
+          --configuration $(buildConfiguration) `
+          -p:PackageVersion=$packageVersion `
+          -o $packageOutputDir
+
+        if ($LASTEXITCODE -ne 0) {
+          Write-Error "dotnet pack failed"
+          exit 1
+        } 
+      displayName: 'Pack NuGet Package using PowerShell'
+
+    - task: PowerShell@2 
+      displayName: 'Sign NuGet package'
+      env:
+        CERT_PASS: $(SigningCertificatePassword)
+      inputs:
+        targetType: 'inline'
+        script: |
+          nuget.exe sign $(Build.ArtifactStagingDirectory)\nuget\*.nupkg -CertificatePath $(cert.secureFilePath) -CertificatePassword $env:CERT_PASS -Timestamper $(SigningCertificateTimestampUrl)
+
+    - task: PublishBuildArtifacts@1
+      inputs:
+        PathtoPublish: '$(Build.ArtifactStagingDirectory)/nuget'
+        ArtifactName: 'NuGetPackage'
+        publishLocation: 'Container'
+      displayName: 'Publish NuGet Package as Build Artifact'
+
+    - task: NuGetCommand@2
+      inputs:
+        command: 'push'
+        packagesToPush: '$(Build.ArtifactStagingDirectory)/nuget/*.nupkg'
+        nuGetFeedType: 'external'
+        publishFeedCredentials: 'NuGet.Org'
+      displayName: 'Publish to NuGet.org'
