Fatorin commented on code in PR #7903:
URL: https://github.com/apache/opendal/pull/7903#discussion_r3566780682


##########
.github/workflows/release_dotnet.yml:
##########
@@ -197,26 +197,9 @@ jobs:
 
       - name: NuGet login
         id: login
-        shell: bash
-        env:
-          NUGET_USERNAME: Apache.OpenDAL
-        run: |
-          oidc_token="$(curl -fsSL \
-            -H "Authorization: Bearer ${ACTIONS_ID_TOKEN_REQUEST_TOKEN}" \
-            
"${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=https%3A%2F%2Fwww.nuget.org" \
-            | python3 -c 'import json, sys; 
print(json.load(sys.stdin)["value"])')"
-          echo "::add-mask::${oidc_token}"
-
-          request_body="$(python3 -c 'import json, os; 
print(json.dumps({"username": os.environ["NUGET_USERNAME"], "tokenType": 
"ApiKey"}))')"
-          api_key="$(curl -fsSL \
-            -X POST https://www.nuget.org/api/v2/token \
-            -H "Content-Type: application/json" \
-            -H "Authorization: Bearer ${oidc_token}" \
-            -H "User-Agent: apache-opendal-release" \
-            --data "${request_body}" \
-            | python3 -c 'import json, sys; 
print(json.load(sys.stdin)["apiKey"])')"
-          echo "::add-mask::${api_key}"
-          echo "NUGET_API_KEY=${api_key}" >> "${GITHUB_OUTPUT}"
+        uses: NuGet/login@8d196754b4036150537f80ac539e15c2f1028841

Review Comment:
   I tried using NuGet/[email protected], but it failed the ASF Allowlist Check.
   I pinned it to the commit SHA and added the # v1.2.0 version comment in the 
latest commit.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to