nixify (#169) #499
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and lint | |
on: | |
push: | |
branches: | |
- main | |
tags-ignore: | |
- v* | |
pull_request: | |
branches: | |
- main | |
jobs: | |
build: | |
name: Static checks | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: pnpm/action-setup@v2 | |
with: | |
version: 8.5.1 | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 20.10.x | |
cache: pnpm | |
- name: Install | |
run: pnpm install | |
- name: Build and lint | |
run: pnpm run ci | |
changes: | |
name: Check changed files | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
pull-requests: read | |
outputs: | |
config: ${{ steps.filter.outputs.config }} | |
steps: | |
- uses: actions/checkout@v3 | |
if: ${{ github.event_name == 'push' }} | |
- uses: dorny/paths-filter@v2 | |
id: filter | |
with: | |
filters: | | |
config: | |
- package.json | |
- tsconfig.json | |
- forge.config.js | |
- .github/workflows/** | |
make: | |
name: Make (${{ matrix.os }} - ${{ matrix.arch }}) | |
if: ${{ needs.changes.outputs.config == 'true' }} | |
needs: changes | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
os: [ macOS-latest, macOS-12, ubuntu-latest, windows-latest ] | |
arch: [ x64, arm64 ] | |
# Publishing artifacts for multiple Windows architectures has | |
# a bug which can cause the wrong architecture to be downloaded | |
# for an update, so until that is fixed, only build Windows x64 | |
exclude: | |
- os: windows-latest | |
arch: arm64 | |
# Only build arm64 builds on M1 and x86 builds on Intel Mac | |
- os: macOS-latest | |
arch: x64 | |
- os: macOS-12 | |
arch: arm64 | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: pnpm/action-setup@v2 | |
with: | |
version: 8.5.1 | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 20.10.x | |
cache: pnpm | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.11' | |
- name: Install npm packages | |
run: pnpm install | |
- name: Generate Windows code signing certificate | |
if: matrix.os == 'windows-latest' | |
id: write_file | |
uses: timheuer/[email protected] | |
with: | |
fileName: 'windows-certificate.pfx' | |
encodedString: ${{ secrets.WINDOWS_CODESIGN_CERTIFICATE }} | |
- name: Generate MacOS code signing certificate | |
if: matrix.os == 'macOS-latest' || matrix.os == 'macOS-12' | |
run: ./scripts/add-macos-cert.sh | |
env: | |
MACOS_CERT_P12: ${{ secrets.MACOS_CERT_P12 }} | |
MACOS_CERT_PASSWORD: ${{ secrets.MACOS_CERT_PASSWORD }} | |
- name: Make | |
run: pnpm run make --arch=${{ matrix.arch }} | |
env: | |
APPLE_ID: ${{ secrets.APPLE_ID }} | |
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
WINDOWS_CERTIFICATE_FILE: ${{ steps.write_file.outputs.filePath }} | |
WINDOWS_CERTIFICATE_PASSWORD: ${{ secrets.WINDOWS_CODESIGN_PASSWORD }} | |
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} |