Add GitHub Actions workflow for packaging and release automation

[snovak7]

Closes #5

Summary by Sourcery

Introduce a GitHub Actions workflow to automate .NET build, test, packaging, and release steps on pull requests, pushes, and release tags

CI:

• Configure workflow triggers for pull_request events, pushes to main, release publications, and manual dispatch
• Set up .NET SDK installation, package caching, restore, build, and test steps with environment variables
• Upload test results and generated NuGet packages as workflow artifacts
• Pack and push .NET packages to GitHub Packages and NuGet.org on tagged releases

Summary by CodeRabbit

• Chores
  • Added an automated workflow to build, test, package, and publish the .NET solution.
  • Workflow runs on PRs, pushes to main, releases, and manual triggers; includes caching and conditional steps.
  • Versioning derived from release tags; packaging/publishing gated to release-tag events.
  • Packages published to GitHub Packages and NuGet.org; packaged artifacts and test results uploaded with limited retention.

[sourcery-ai]

Reviewer's Guide

This PR adds a comprehensive GitHub Actions workflow to automate .NET-based packaging and releases, configuring event triggers, environment setup, build/test execution, artifact packaging, and publishing to GitHub Packages and NuGet.org.

Flow diagram for the packaging and release automation steps

flowchart TD
    Checkout[Checkout Code]
    SetupDotnet[Setup .NET Core SDK]
    SetTag[Set TAG Variable]
    SetVersion[Set VERSION Variable]
    Restore[Restore .NET Packages]
    Build[Build .NET Solution]
    Test[Test .NET Solution]
    UploadTestResults[Upload Test Results]
    Pack[Pack .NET Solution]
    PublishGitHub[Publish to GitHub Packages]
    StoreNuget[Store NuGet Package]
    PublishNuget[Publish to NuGet.org]

    Checkout --> SetupDotnet --> SetTag --> SetVersion --> Restore --> Build --> Test --> UploadTestResults
    UploadTestResults --> Pack
    Pack --> PublishGitHub
    Pack --> StoreNuget
    Pack --> PublishNuget

Loading

File-Level Changes

Change	Details	Files
Setup CI triggers and environment variables	Defined workflow triggers for pull_request, push to main, release events, and manual dispatch Configured DOTNET_SKIP_FIRST_TIME_EXPERIENCE and DOTNET_NOLOGO environment variables Extracted TAG and VERSION from release tag or defaulted to v0.0.0	.github/workflows/package.yml
Install .NET SDK and run build/test steps	Checked out the repository with full history (fetch-depth: 0) Used actions/setup-dotnet@v4 with global.json and package lock caching Restored packages, built solution with Release configuration and version property Executed tests filtering UnitTest and IntegrationTest categories and uploaded TRX artifacts	.github/workflows/package.yml
Package and publish .NET artifacts	Packed solution into NuGet packages when a tag-based release is detected Pushed packages to GitHub Packages using GITHUB_TOKEN Uploaded .nupkg artifacts for retention Attempted publishing to NuGet.org when NUGET_ORG_KEY is set	.github/workflows/package.yml

Assessment against linked issues

Issue	Objective	Addressed	Explanation
#5	Produce NuGet artifact on release.	✅
#5	Publish NuGet artifact internally (e.g., to GitHub Packages).	✅
#5	Publish NuGet artifact to NuGet.org.	✅

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey there - I've reviewed your changes - here's some feedback:

• Consider moving all packaging and publishing steps into a separate release job with a single if: github.event_name == 'release' to avoid repeating complex conditional logic on each step.
• The mixed use of && and || in your step-level if expressions can lead to unintended evaluations—either wrap them in parentheses or simplify the logic into clearer separate conditions.
• Instead of echo-ing TAG and VERSION into the environment in multiple steps, you could define and pass them as job outputs for cleaner variable management between steps.

Prompt for AI Agents

Please address the comments from this code review:
## Overall Comments
- Consider moving all packaging and publishing steps into a separate release job with a single `if: github.event_name == 'release'` to avoid repeating complex conditional logic on each step.
- The mixed use of `&&` and `||` in your step-level `if` expressions can lead to unintended evaluations—either wrap them in parentheses or simplify the logic into clearer separate conditions.
- Instead of echo-ing TAG and VERSION into the environment in multiple steps, you could define and pass them as job outputs for cleaner variable management between steps.

## Individual Comments

### Comment 1
<location> `.github/workflows/package.yml:42` </location>
<code_context>
+
+      - name: Set TAG variable from tag
+        run: echo "TAG=${{ github.event.release.tag_name }}" >> $GITHUB_ENV
+        if: ${{ github.event_name == 'release'  && github.ref_type == 'tag' || github.event.release.tag_name }}
+
+      - name: Set VERSION variable
</code_context>

<issue_to_address>
The conditional logic for release/tag detection may not behave as intended due to operator precedence.

Parentheses should be added to the conditional to ensure correct evaluation and avoid unintended behavior.
</issue_to_address>

### Comment 2
<location> `.github/workflows/package.yml:57` </location>
<code_context>
+        run: dotnet build --configuration Release --no-restore /p:Version=${VERSION}
+
+      - name: Test .NET Solution
+        run: dotnet test --configuration Release --no-build --filter="Category=UnitTest|Category=IntegrationTest" --logger "trx;LogFilePrefix=test-results"
+
+      - uses: actions/upload-artifact@v4
</code_context>

<issue_to_address>
Test filter uses '|' for categories, which may not work as expected in dotnet test.

The '|' operator may not work as an OR in dotnet test filters. Use a comma or run tests for each category separately to ensure both are included.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

Adds a new GitHub Actions workflow (.github/workflows/package.yml) that builds, tests, derives VERSION from tags, and conditionally packs and publishes a .NET solution to GitHub Packages and NuGet.org on release events; uploads test TRX and nupkg artifacts.

Changes

Cohort / File(s)

Summary of Changes

CI Workflow: Build, Test, Package, Publish .github/workflows/package.yml

New "Package" workflow: triggers on PRs, push to main, release published, and manual dispatch; checks out code (fetch-depth: 0); sets up .NET SDK with caching; derives TAG/VERSION from release tag; runs dotnet restore, dotnet build (Version=${VERSION}), and dotnet test (TRX output); uploads test-results artifact; on release publishes dotnet pack to pack/, publishes nupkg to GitHub Packages (via GITHUB_TOKEN) and NuGet.org (via NUGET_ORG_KEY) with conditional gating and artifacts retention.

Sequence Diagram(s)

sequenceDiagram
  actor Dev as Developer/Release
  participant GH as GitHub Events
  participant WF as Package Workflow
  participant Dotnet as .NET SDK
  participant GHP as GitHub Packages
  participant NuGet as NuGet.org
  participant Art as Artifacts

  Dev->>GH: PR / push to main / release.published / workflow_dispatch
  GH->>WF: Trigger workflow
  WF->>WF: Compute TAG and VERSION
  WF->>Dotnet: dotnet restore
  WF->>Dotnet: dotnet build (Version=VERSION)
  WF->>Dotnet: dotnet test (collect TRX)
  WF->>Art: Upload test TRX artifact

  alt Release published
    WF->>Dotnet: dotnet pack -> pack/
    WF->>GHP: Publish nupkg (GITHUB_TOKEN)
    WF->>NuGet: Publish nupkg (NUGET_ORG_KEY) [conditional]
    WF->>Art: Upload nupkg artifact (7d retention)
  end

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Assessment against linked issues

Objective	Addressed	Explanation
Produce NuGet artifact and publish internally and on NuGet.org on releases (#5)	✅

I twitch my whiskers at the tag's bright light,
A version hops from dark to flight,
Tests thump softly, builds agree,
Pouch filled with nupkg, set free—
To GitHub burrow and NuGet sky, I spring with delight. 🥕✨

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch 5-add-nuget-artifact-on-releases

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 5

🔭 Outside diff range comments (1)

.github/workflows/package.yml (1)

83-89: NuGet.org publish: fix source URL, gating, and env usage.

• The source should be the v3 index URL; --source nuget may not exist.
• if references env.apikey defined in the same step; that env is not reliably available to the if expression. Check secrets instead.
• Add --skip-duplicate for idempotency.

Apply this diff:

       - name: Publish .NET Solution to NuGet.org
         continue-on-error: true
-        env:
-          apikey: ${{ secrets.NUGET_ORG_KEY }}
-        run: dotnet nuget push pack/*.nupkg --api-key ${{ secrets.NUGET_ORG_KEY }} --source nuget
-        if: ${{ env.apikey != '' && github.event_name == 'release'  && github.ref_type == 'tag' || github.event.release.tag_name }}
+        run: dotnet nuget push pack/*.nupkg --api-key ${{ secrets.NUGET_ORG_KEY }} --source https://api.nuget.org/v3/index.json --skip-duplicate
+        if: ${{ secrets.NUGET_ORG_KEY != '' && github.event_name == 'release' && github.event.action == 'published' }}

🧹 Nitpick comments (2)

.github/workflows/package.yml (2)

30-36: Nit: name the step “Setup .NET SDK” and consider cache lock-file availability.

• Rename for accuracy (.NET Core SDK is legacy wording).
• If you don’t commit packages.lock.json, the cache won’t be used. That’s fine, but intentional?

Suggested rename:

-      - name: Setup .NET Core SDK
+      - name: Setup .NET SDK

---

50-58: Optional: include code coverage or test result path broadening.

If you want richer insights, add coverage collection or capture default TestResults files in addition to the custom prefix.

Example tweaks:

• Add coverage: --collect:"XPlat Code Coverage"
• Expand artifact path to cover default folder:

-          path: "**/test-results*.trx"
+          path: |
+            **/test-results*.trx
+            **/TestResults/*.trx

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between f9fcbc7 and 8b225a5.

📒 Files selected for processing (1)

• .github/workflows/package.yml (1 hunks)

🔇 Additional comments (1)

.github/workflows/package.yml (1)

26-29: Double-check checkout version (v5 may not exist).

At the time of writing, actions/checkout@v4 is the stable major. If v5 isn’t yet available, this will fail early.

Apply this diff if needed:

-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4

[coderabbitai]

Actionable comments posted: 0

🔭 Outside diff range comments (1)

.github/workflows/package.yml (1)

87-93: NuGet.org push: fix source and conditional check (likely skip due to step-level env in if)

• The step’s if references a step-scoped env var (env.apikey). Step-level env isn’t reliably available at if-evaluation time, so this can prevent the step from ever running. Prefer checking secrets directly in the if.
• Use the official NuGet v3 endpoint as the source; the friendly name "nuget" is not guaranteed to exist on runners.

Apply this diff:

       - name: Publish .NET Solution to NuGet.org
-        continue-on-error: true
-        env:
-          apikey: ${{ secrets.NUGET_ORG_KEY }}
-        run: dotnet nuget push pack/*.nupkg --api-key ${{ secrets.NUGET_ORG_KEY }} --source nuget
-        if: ${{ env.apikey != '' && github.event_name == 'release' && github.event.action == 'published' }}
+        continue-on-error: true
+        run: dotnet nuget push pack/*.nupkg --api-key ${{ secrets.NUGET_ORG_KEY }} --source https://api.nuget.org/v3/index.json
+        if: ${{ secrets.NUGET_ORG_KEY != '' && github.event_name == 'release' && github.event.action == 'published' }}

🧹 Nitpick comments (2)

.github/workflows/package.yml (2)

63-65: Use always() for artifact upload condition

Functionally equivalent and clearer than success() || failure().

-        if: success() || failure()
+        if: always()

---

73-77: Consider failing the run on GitHub Packages publish errors

Currently continue-on-error: true will mask real publishing failures. If you want releases to be green only when publishing succeeds, remove it or set to false.

-        continue-on-error: true
+        continue-on-error: false

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between ff82304 and a486c88.

📒 Files selected for processing (1)

• .github/workflows/package.yml (1 hunks)

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-08-18T20:39:17.594Z

Learnt from: snovak7
PR: escendit/extensions-workflows#6
File: .github/workflows/package.yml:0-0
Timestamp: 2025-08-18T20:39:17.594Z
Learning: For the escendit/extensions-workflows repository, the user snovak7 indicated that --skip-duplicate flag is not needed for NuGet package publishing when following their established rules, suggesting they have processes in place to prevent duplicate package pushes.

Applied to files:

• .github/workflows/package.yml

🔇 Additional comments (5)

.github/workflows/package.yml (5)

44-46: Release gating is correct and robust now

Good fix. The step is now safely scoped to published releases and won’t access undefined contexts on non-release events.

---

69-71: Packing with explicit PackageVersion is spot on

Passing /p:PackageVersion=${VERSION} ensures the .nupkg version aligns with your release tag. Nice.

---

21-23: Minimal permissions set correctly for package publishing

contents: read and packages: write is the right balance for GitHub Packages pushes. Good hardening.

---

30-33: actions/checkout@v5 is up-to-date

Confirmed that the latest stable release of actions/checkout is v5.0.0 (Aug 11 2025), so using actions/checkout@v5 is correct and no changes are needed.

---

61-61: Confirm test filter aligns with your project’s test traits
I ran automated checks but didn’t detect any C# test framework references or attribute usages (e.g. [TestCategory], [Category], [Trait]) in your .csproj or .cs files. Before merging, please manually verify which test framework(s) you’re using (MSTest, NUnit, xUnit, etc.) and ensure your --filter keys match the trait names emitted by that adapter (e.g. TestCategory for MSTest, Category/Trait for NUnit/xUnit).

If you’re using MSTest attributes, you’d adjust the step to:

run: dotnet test --configuration Release --no-build \
  --filter "TestCategory=UnitTest|TestCategory=IntegrationTest" \
  --logger "trx;LogFilePrefix=test-results"

Otherwise, keep Category/Trait for NUnit/xUnit.