build: package the build in a flake and test with propogated timing #244
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json | |
| name: Package this version | |
| on: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - "v*" | |
| pull_request: | |
| permissions: | |
| contents: write | |
| jobs: | |
| version: | |
| name: Collect the version | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.tag.outputs.version }} | |
| steps: | |
| - name: Checkout the repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Collect the current version | |
| id: tag | |
| run: | | |
| echo "$(git describe --dirty --always --tags)" | |
| echo "version=$(git describe --dirty --always --tags)" >> "$GITHUB_ENV" | |
| echo "version=$(git describe --dirty --always --tags)" >> "$GITHUB_OUTPUT" | |
| snapshot: | |
| name: Save a snapshot | |
| needs: version | |
| if: ${{ ! startsWith(github.ref, 'refs/tags/') }} | |
| runs-on: ubuntu-latest | |
| env: | |
| version: ${{ needs.version.outputs.version }} | |
| steps: | |
| - name: Checkout the repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Install a flaked Nix | |
| uses: DeterminateSystems/nix-installer-action@v16 | |
| - name: Create snapshots | |
| run: nix develop -c goreleaser release --clean --snapshot --skip=publish --config .goreleaser.staging.yml | |
| - name: Mark logged changes | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: etime_${{ env.version }}_CHANGELOG.md | |
| path: ./CHANGELOG.md | |
| if-no-files-found: error | |
| - name: Upload the checksums | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: etime_${{ env.version }}_checksums.txt | |
| path: ./dist/etime_${{ env.version }}_checksums.txt | |
| if-no-files-found: error | |
| - name: Enscribe legal letter | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: etime_${{ env.version }}_LICENSE | |
| path: ./LICENSE | |
| if-no-files-found: error | |
| - name: Read the manual pages | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: etime_${{ env.version }}_man.1 | |
| path: ./etime.1 | |
| if-no-files-found: error | |
| - name: Write welcoming markdown | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: etime_${{ env.version }}_README.md | |
| path: ./README.md | |
| if-no-files-found: error | |
| - name: Cache the moments | |
| uses: actions/cache/save@v4 | |
| if: always() | |
| with: | |
| path: ./dist | |
| key: snapshots-${{ github.sha }} | |
| artifacts: | |
| name: Share the artifacts | |
| needs: | |
| - snapshot | |
| - version | |
| runs-on: ubuntu-latest | |
| env: | |
| version: ${{ needs.version.outputs.version }} | |
| strategy: | |
| matrix: | |
| target: | |
| - darwin_arm64.tar.gz | |
| - darwin_x86_64.tar.gz | |
| - linux_arm64.tar.gz | |
| - linux_i386.tar.gz | |
| - linux_x86_64.tar.gz | |
| - windows_arm64.zip | |
| - windows_i386.zip | |
| - windows_x86_64.zip | |
| steps: | |
| - name: Checkout the repo | |
| uses: actions/checkout@v4 | |
| - name: Restore cached snapshots | |
| uses: actions/cache/restore@v4 | |
| with: | |
| path: ./dist | |
| key: snapshots-${{ github.sha }} | |
| - name: Upload a snapshot | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: etime_${{ env.version }}_${{ matrix.target }} | |
| path: ./dist/etime_${{ env.version }}_${{ matrix.target }} | |
| if-no-files-found: error | |
| notify: | |
| name: Post a notification | |
| needs: artifacts | |
| if: github.event_name == 'pull_request' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Leave a comment | |
| run: | | |
| PR_COMMENT="Latest builds: https://github.com/$GH_REPO/actions/runs/$GH_RUN_ID" | |
| PR_REF="${{ github.ref_name }}" | |
| if [[ $PR_REF == *"/merge" ]]; then | |
| PR_REF="${PR_REF%%/merge}" | |
| fi | |
| if ! gh pr comment "$PR_REF" --repo "$GH_REPO" --edit-last --body "$PR_COMMENT"; then | |
| gh pr comment "$PR_REF" --repo "$GH_REPO" --body "$PR_COMMENT" | |
| fi | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| GH_REPO: ${{ github.repository }} | |
| GH_RUN_ID: ${{ github.run_id }} | |
| release: | |
| name: Distribute a release | |
| needs: version | |
| if: ${{ startsWith(github.ref, 'refs/tags/') }} | |
| runs-on: macos-latest | |
| env: | |
| version: ${{ needs.version.outputs.version }} | |
| steps: | |
| - name: Checkout the repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Secure the keychain | |
| run: | | |
| echo $CERTIFICATE_P12 | base64 --decode > certificate.p12 | |
| security create-keychain -p $KEYCHAIN_PASSWORD build.keychain | |
| security default-keychain -s build.keychain | |
| security unlock-keychain -p $KEYCHAIN_PASSWORD build.keychain | |
| security import certificate.p12 -k build.keychain -P $CERTIFICATE_PASSWORD -T /usr/bin/codesign | |
| security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $KEYCHAIN_PASSWORD build.keychain | |
| env: | |
| CERTIFICATE_P12: ${{ secrets.CERTIFICATE_P12 }} | |
| CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }} | |
| KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
| - name: Install a flaked Nix | |
| uses: DeterminateSystems/nix-installer-action@v16 | |
| - name: Create releases | |
| run: nix develop .#gon -c goreleaser release --clean --config .goreleaser.release.yml | |
| env: | |
| AC_USERNAME: ${{ secrets.AC_USERNAME }} | |
| AC_PASSWORD: ${{ secrets.AC_PASSWORD }} | |
| AC_PROVIDER: ${{ secrets.AC_PROVIDER }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Include documentation | |
| run: | | |
| gh release upload ${{ env.version }} CHANGELOG.md#etime_${{ env.version }}_CHANGELOG.md | |
| gh release upload ${{ env.version }} LICENSE#etime_${{ env.version }}_LICENSE | |
| gh release upload ${{ env.version }} etime.1#etime_${{ env.version }}_man.1 | |
| gh release upload ${{ env.version }} README.md#etime_${{ env.version }}_README.md | |
| env: | |
| GH_TOKEN: ${{ github.token }} |