From e7fc4053203a8a5ef11134e227b3a71a5f8dd8dc Mon Sep 17 00:00:00 2001 From: Jarred Wilson Date: Thu, 6 Feb 2025 13:01:21 -0600 Subject: [PATCH] Add build and release workflow --- .github/workflows/build.yaml | 59 ++++++++++++++ .github/workflows/release.yaml | 140 +++++++++++++++++++++++++++++++++ 2 files changed, 199 insertions(+) create mode 100644 .github/workflows/build.yaml create mode 100644 .github/workflows/release.yaml diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml new file mode 100644 index 00000000..c1cc31e6 --- /dev/null +++ b/.github/workflows/build.yaml @@ -0,0 +1,59 @@ +name: Build + +on: + push: + branches: [ "debian/main" ] + tags: + pull_request: + workflow_call: + workflow_dispatch: + +jobs: + build: + runs-on: ubuntu-latest + container: + image: ghcr.io/vanilla-os/pico:main + volumes: + - /proc:/proc + - /:/run/host + options: --privileged -it + + steps: + - uses: actions/checkout@v4 + + - name: Install needed packages + run: | + DEBIAN_FRONTEND=noninteractive apt update + DEBIAN_FRONTEND=noninteractive apt install -y \ + dpkg-dev \ + build-essential \ + debhelper-compat \ + devscripts \ + wget \ + git + sudo apt-get build-dep . + + - name: Build debian package + run: dpkg-buildpackage -us -uc + + - name: Calculate and Save Checksums + run: | + sha256sum /__w/gnome-control-center/gnome-control-center.tar.xz >> checksums.txt + + - uses: actions/upload-artifact@v4 + with: + name: gnome-control-center + path: | + checksums.txt + /__w/gnome-control-center/gnome-control-center.tar.xz + + # - uses: softprops/action-gh-release@v2 + # if: github.ref == 'refs/heads/main' + # with: + # token: "${{ secrets.GITHUB_TOKEN }}" + # tag_name: "continuous" + # prerelease: true + # name: "Continuous Build" + # files: | + # /__w/gnome-control-center/gnome-control-center.tar.xz + # checksums.txt \ No newline at end of file diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 00000000..22657cce --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,140 @@ +name: Release + +on: + push: + tags: + - '*' + +jobs: + build-artifacts: + runs-on: ubuntu-latest + container: + image: ghcr.io/vanilla-os/pico:main + volumes: + - /proc:/proc + - /:/run/host + options: --privileged -it + permissions: + contents: read + + steps: + - uses: actions/checkout@v4 + + - name: De-bloat stock image + run: | + rm -r /run/host/usr/share/dotnet + rm -r /run/host${{ runner.tool_cache }} + + - name: Install needed packages + run: | + DEBIAN_FRONTEND=noninteractive apt update + DEBIAN_FRONTEND=noninteractive apt install -y \ + dpkg-dev \ + build-essential \ + debhelper-compat \ + desktop-file-utils \ + dh-sequence-gnome \ + gnome-settings-daemon-dev \ + gsettings-desktop-schemas-dev \ + gtk-doc-tools \ + libaccountsservice-dev \ + libadwaita-1-dev \ + libcolord-dev \ + libcolord-gtk4-dev \ + libcups2-dev \ + libgcr-4-dev \ + libgdk-pixbuf-2.0-dev \ + libgirepository1.0-dev \ + libglib2.0-dev \ + libgnome-bg-4-dev \ + libgnome-bluetooth-ui-3.0-dev \ + libgnome-desktop-4-dev \ + libgnome-rr-4-dev \ + libgnutls28-dev \ + libgoa-1.0-dev \ + libgoa-backend-1.0-dev \ + libgsound-dev \ + libgtk-4-dev \ + libgtop2-dev \ + libgudev-1.0-dev \ + libhandy-1-dev \ + libibus-1.0-dev \ + libjson-glib-dev \ + libkrb5-dev \ + libmalcontent-0-dev \ + libmm-glib-dev \ + libnm-dev \ + libnma-gtk4-dev \ + libpolkit-gobject-1-dev \ + libpulse-dev \ + libpwquality-dev \ + libsecret-1-dev \ + libsmbclient-dev \ + libsoup-3.0-dev \ + libudisks2-dev \ + libupower-glib-dev \ + libwacom-dev \ + libx11-dev \ + libxft-dev \ + libxi-dev \ + libxklavier-dev \ + libxml2-dev \ + libxml2-utils \ + locales \ + meson \ + polkitd \ + python3-dbusmock \ + shared-mime-info \ + tecla \ + tzdata \ + xvfb \ + wget \ + git + + - name: Build debian package + run: | + wget https://github.com/vanilla-os/gnome-control-center/tarball/main + mv main ../gnome-control-center_47.1.1~99-orchid-stable.orig.tar.gz + dpkg-buildpackage -b -uc -us + tar cvf ../gnome-control-center.tar.xz ../*.deb + + - name: Calculate and Save Checksums + run: | + sha256sum /__w/gnome-control-center/gnome-control-center.tar.xz >> checksums.txt + + - uses: actions/upload-artifact@v4 + with: + name: gnome-control-center + path: | + checksums.txt + /__w/gnome-control-center/gnome-control-center.tar.xz + + release: + runs-on: ubuntu-latest + needs: build-artifacts + permissions: + contents: write # to create and upload assets to releases + attestations: write # to upload assets attestation for build provenance + id-token: write # grant additional permission to attestation action to mint the OIDC token permission + + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Download Artifact + uses: actions/download-artifact@v4 + with: + name: gnome-control-center + + - name: Create Release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: gh release create "${{ github.ref_name }}" --generate-notes *.tar.xz gnome-control-center/checksums.txt + + - name: Attest Release Files + id: attest + uses: actions/attest-build-provenance@v1 + with: + subject-path: '*.tar.xz, gnome-control-center/*.txt' \ No newline at end of file