From 8d3bd41b488c19046130863575116455b1d563c5 Mon Sep 17 00:00:00 2001 From: James Sturtevant Date: Fri, 12 Jun 2026 14:00:58 -0700 Subject: [PATCH] Add NuGet trusted publishing --- .github/workflows/publish.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index eebf43d7..5f14ff70 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -8,6 +8,10 @@ on: tags: - 'v*' +permissions: + contents: read + id-token: write + jobs: publish: name: "Publish NuGet Package" @@ -24,7 +28,12 @@ jobs: run: | cd src dotnet pack -c Release /p:Packing=true + - name: NuGet login + uses: NuGet/login@8d196754b4036150537f80ac539e15c2f1028841 + id: login + with: + user: jsturtevant - name: Publish NuGet Package run: | cd src/bin/Release - dotnet nuget push Wasmtime.${GITHUB_REF_NAME:1}.nupkg -k ${{ secrets.NUGET_API_KEY }} -s https://api.nuget.org/v3/index.json + dotnet nuget push Wasmtime.${GITHUB_REF_NAME:1}.nupkg -k ${{ steps.login.outputs.NUGET_API_KEY }} -s https://api.nuget.org/v3/index.json