Implement signed builds using Azure Artifacts Signing#25
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b4c52f0e55
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
|
||
| - name: publish | ||
| working-directory: '${{ github.workspace}}/dist' | ||
| if: ${{ github.event.inputs.dry_run != 'true' }} |
There was a problem hiding this comment.
Restrict manual publishes to tag refs
When this workflow is run via workflow_dispatch from a branch, dry_run defaults to false, and this condition is the only gate before pushing to NuGet. That means approving the environments for a manual branch run will publish a package built from branch HEAD, while the GitHub release step is still tag-gated and will not create a matching release. The previous workflow only published on v*.*.* tag pushes, so the publish step should also require a tag ref or manual dispatch should default to a non-publishing dry run.
Useful? React with 👍 / 👎.
No description provided.