Added permissions for attestion #197
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Daggy Build | |
| on: | |
| push: | |
| tags: | |
| - v* | |
| branches: | |
| - release/* | |
| pull_request: | |
| jobs: | |
| linux-gcc12_x64: | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| id-token: write | |
| contents: read | |
| attestations: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup environment | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libgl-dev \ | |
| libgl-dev \ | |
| libgl1-mesa-dev \ | |
| libx11-dev \ | |
| libx11-xcb-dev \ | |
| libfontenc-dev \ | |
| libice-dev \ | |
| libsm-dev \ | |
| libxau-dev \ | |
| libxaw7-dev \ | |
| libx11-xcb-dev \ | |
| libfontenc-dev \ | |
| libxcomposite-dev \ | |
| libxcursor-dev \ | |
| libxdamage-dev \ | |
| libxfixes-dev \ | |
| libxi-dev \ | |
| libxinerama-dev \ | |
| libxmu-dev \ | |
| libxmuu-dev \ | |
| libxpm-dev \ | |
| libxrandr-dev \ | |
| libxres-dev \ | |
| libxss-dev \ | |
| libxtst-dev \ | |
| libxv-dev \ | |
| libxxf86vm-dev \ | |
| libxcb-glx0-dev \ | |
| libxcb-render-util0-dev \ | |
| libxcb-xkb-dev \ | |
| libxcb-icccm4-dev \ | |
| libxcb-image0-dev \ | |
| libxcb-keysyms1-dev \ | |
| libxcb-randr0-dev \ | |
| libxcb-shape0-dev \ | |
| libxcb-sync-dev \ | |
| libxcb-xfixes0-dev \ | |
| libxcb-xinerama0-dev \ | |
| libxcb-dri3-dev \ | |
| libxcb-cursor-dev \ | |
| libxcb-dri2-0-dev \ | |
| libxcb-dri3-dev \ | |
| libxcb-present-dev \ | |
| libxcb-composite0-dev \ | |
| libxcb-ewmh-dev \ | |
| libxcb-res0-dev \ | |
| libxv-dev \ | |
| libxcb-util-dev \ | |
| libxcb-util0-dev | |
| shell: bash | |
| - name: Cache conan packages | |
| uses: actions/cache@v3 | |
| id: conan-data-gcc12 | |
| with: | |
| path: ~/.conan2/p | |
| key: conan-data-gcc12 | |
| - name: Set up Python 3.11 | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| cache: pip | |
| - run: pip install -r requirements.txt | |
| - run: conan --version | |
| - run: conan profile detect | |
| - name: Conan config | |
| run: conan config install CI/conan | |
| - name: Conan install | |
| run: conan install . --build=missing --profile:build=linux-gcc12_x64 --profile:host=linux-gcc12_x64 --output-folder=. | |
| - name: Conan cache clean | |
| run: conan cache clean "*" --source --build --temp --download | |
| - name: git add safe dir | |
| run: git config --global --add safe.directory $GITHUB_WORKSPACE | |
| - name: Conan build | |
| run: conan build . --profile:build=linux-gcc12_x64 --profile:host=linux-gcc12_x64 --build=missing --output-folder=. | |
| - name: Tests | |
| working-directory: build/Release | |
| run: ctest -C Release --output-on-failure --output-junit tests/local_tests.xml | |
| - name: Attest | |
| uses: actions/attest-build-provenance@v1 | |
| if: github.ref_type == 'tag' || startsWith(github.ref, 'refs/heads/release/') | |
| with: | |
| subject-path: build/Release/** | |
| - name: linux-gcc12_x64 Tests Report | |
| uses: mikepenz/action-junit-report@v4 | |
| with: | |
| report_paths: build/Release/tests/local_tests.xml | |
| summary: linux-gcc12_x64 Tests Report | |
| - name: Packaging | |
| working-directory: build/Release | |
| run: cpack | |
| - name: Archive production artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: daggy_linux_x64 | |
| path: | | |
| build/Release/*.deb | |
| build/Release/*.rpm | |
| build/Release/*.zip | |
| win: | |
| runs-on: windows-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| attestations: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Cache conan packages | |
| uses: actions/cache@v3 | |
| id: conan-data-msvc | |
| with: | |
| path: | | |
| ~/.conan2/p | |
| c:\.conan2\ | |
| key: conan-data-msvc | |
| - name: Set up Python 3.11 | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| cache: pip | |
| - run: pip install -r requirements.txt | |
| - run: conan --version | |
| - run: conan profile detect | |
| - name: Make build dir | |
| run: mkdir build | |
| - name: Conan config | |
| run: conan config install CI/conan | |
| - name: Conan install | |
| run: conan install . --build=missing -s compiler.cppstd=17 -of . | |
| - name: Conan cache clean | |
| working-directory: build | |
| run: conan cache clean "*" --source --build --temp --download | |
| - name: git add safe dir | |
| run: git config --global --add safe.directory %GITHUB_WORKSPACE% | |
| - name: Conan build | |
| run: conan build . --build=missing -s compiler.cppstd=17 -of . | |
| - name: Tests | |
| working-directory: build | |
| run: ctest -C Release --output-on-failure --output-junit tests/local_tests.xml | |
| - name: Attest | |
| uses: actions/attest-build-provenance@v1 | |
| if: github.ref_type == 'tag' || startsWith(github.ref, 'refs/heads/release/') | |
| with: | |
| subject-path: build/Release/** | |
| - name: win-msvc193_x64 Tests Report | |
| uses: mikepenz/action-junit-report@v4 | |
| with: | |
| report_paths: build/Release/tests/local_tests.xml | |
| summary: win-msvc193_x64 Tests Report | |
| - name: Packaging | |
| working-directory: build | |
| run: cpack | |
| - name: Archive production artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: daggy_win_x64 | |
| path: | | |
| build/*.zip | |
| macos: | |
| runs-on: macos-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| attestations: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Cache conan packages | |
| uses: actions/cache@v3 | |
| id: conan-data-clang | |
| with: | |
| path: ~/.conan2/p | |
| key: conan-data-clang | |
| - name: Set up Python 3.11 | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| cache: pip | |
| - run: pip install -r requirements.txt | |
| - run: conan --version | |
| - run: conan profile detect | |
| - name: Conan config | |
| run: conan config install CI/conan | |
| - name: Conan install | |
| run: conan install . --build=missing -s compiler.cppstd=17 -of . | |
| - name: Conan remove build folders | |
| run: conan cache clean "*" --source --build --temp --download | |
| - name: Conan build | |
| run: conan build . --build=missing -s compiler.cppstd=17 -of . | |
| - name: daggy version | |
| working-directory: build/Release | |
| run: bin/daggy --version | |
| - name: Tests | |
| working-directory: build/Release | |
| run: ctest -C Release --output-on-failure --output-junit tests/local_tests.xml | |
| - name: Attest | |
| uses: actions/attest-build-provenance@v1 | |
| if: github.ref_type == 'tag' || startsWith(github.ref, 'refs/heads/release/') | |
| with: | |
| subject-path: build/Release/** | |
| - name: macos-clang13_x64 Tests Report | |
| uses: mikepenz/action-junit-report@v4 | |
| with: | |
| report_paths: build/Release/tests/local_tests.xml | |
| summary: macos-clang13_x64 Tests Report | |
| - name: Packaging | |
| working-directory: build/Release | |
| run: cpack | |
| - name: Archive production artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: daggy_macos_x64 | |
| path: | |
| build/Release/*.zip |