From ffaec5507a5d3c805b8992c9e245668c55b3afae Mon Sep 17 00:00:00 2001
From: Jarred Wilson <jarred.wilson12@gmail.com>
Date: Thu, 6 Feb 2025 13:01:21 -0600
Subject: [PATCH] Add build and release workflow

---
 .github/workflows/build.yaml   | 43 ++++++++++++++++++++++++++++++++++
 .github/workflows/release.yaml | 41 ++++++++++++++++++++++++++++++++
 2 files changed, 84 insertions(+)
 create mode 100644 .github/workflows/build.yaml
 create mode 100644 .github/workflows/release.yaml

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
new file mode 100644
index 00000000..f53a47dd
--- /dev/null
+++ b/.github/workflows/build.yaml
@@ -0,0 +1,43 @@
+name: Build
+
+on:
+  pull_request:
+  workflow_call:
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    container:
+      image: ghcr.io/vanilla-os/pico:main
+      volumes:
+        - /proc:/proc
+        - /:/run/host
+      options: --privileged -it
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Install needed packages
+      run: |
+        DEBIAN_FRONTEND=noninteractive apt update
+        DEBIAN_FRONTEND=noninteractive apt install -y \
+          dpkg-dev \
+          build-essential \
+          debhelper-compat \
+          devscripts \
+          wget \
+          git
+        apt-get build-dep -y .
+  
+    - name: Build debian package
+      id: build-deb
+      run: |
+        dpkg-buildpackage -b -rfakeroot -us -uc
+        sha256sum /__w/${{ github.event.repository.name }}/hplip_$(dpkg-parsechangelog -S version)_$(dpkg-architecture -qDEB_BUILD_ARCH).deb >> checksums.txt
+
+    - uses: actions/upload-artifact@v4
+      with:
+        name: ${{ github.event.repository.name }}
+        path: |
+            "../*.deb"
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
new file mode 100644
index 00000000..d903605b
--- /dev/null
+++ b/.github/workflows/release.yaml
@@ -0,0 +1,41 @@
+name: Release
+
+on:
+  workflow_dispatch:
+  push:
+    tags:
+      - '*'
+
+jobs:
+  build-deb:
+    uses: ./.github/workflows/build.yaml
+
+  release:
+    runs-on: ubuntu-latest
+    needs: build-deb
+    permissions:
+      contents: write # to create and upload assets to releases
+      attestations: write # to upload assets attestation for build provenance
+      id-token: write # grant additional permission to attestation action to mint the OIDC token permission
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Download Artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ github.event.repository.name }}
+
+      # - name: Create Release
+      #   env:
+      #       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      #   run: gh release create "${{ github.ref_name }}" --generate-notes *.deb
+      
+      # - name: Attest Release Files
+      #   id: attest
+      #   uses: actions/attest-build-provenance@v1
+      #   with:
+      #     subject-path: '*.tar.xz, gnome-control-center/*.txt'
\ No newline at end of file