diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..6313b56 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +* text=auto eol=lf diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 369848a..2e822dd 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,12 +1,13 @@ -name: build +name: Build on: push: branches: [ "main" ] + pull_request: jobs: build: - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest container: image: ghcr.io/vanilla-os/pico:main volumes: @@ -33,11 +34,24 @@ jobs: dpkg-buildpackage --no-sign mv ../*.deb ../vanilla-backgrounds.deb - - uses: softprops/action-gh-release@v1 + - name: Calculate and Save Checksums + run: | + sha256sum /__w/vanilla-backgrounds/vanilla-backgrounds.deb >> checksums.txt + + - uses: actions/upload-artifact@v4 + with: + name: vanilla-backgrounds + path: | + checksums.txt + /__w/vanilla-backgrounds/vanilla-backgrounds.deb + + - uses: softprops/action-gh-release@v2 + if: github.ref == 'refs/heads/main' with: token: "${{ secrets.GITHUB_TOKEN }}" tag_name: "continuous" prerelease: true name: "Continuous Build" files: | - /__w/vanilla-backgrounds/vanilla-backgrounds.deb \ No newline at end of file + /__w/vanilla-backgrounds/vanilla-backgrounds.deb + checksums.txt diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..801e068 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,78 @@ +name: Release + +on: + push: + tags: + - '*' + +jobs: + build-artifacts: + runs-on: ubuntu-latest + container: + image: ghcr.io/vanilla-os/pico:main + volumes: + - /proc:/proc + - /:/run/host + options: --privileged -it + permissions: + contents: read + + steps: + - uses: actions/checkout@v4 + + - name: De-bloat stock image + run: | + rm -r /run/host/usr/share/dotnet + rm -r /run/host${{ runner.tool_cache }} + + - name: Install needed packages + run: | + export DEBIAN_FRONTEND=noninteractive + apt update + apt install -y build-essential debhelper-compat dh-sequence-gnome libglib2.0-dev meson + + - name: Build debian package + run: | + dpkg-buildpackage --no-sign + mv ../*.deb ../vanilla-backgrounds.deb + + - name: Calculate and Save Checksums + run: | + sha256sum /__w/vanilla-backgrounds/vanilla-backgrounds.deb >> checksums.txt + + - uses: actions/upload-artifact@v4 + with: + name: vanilla-backgrounds + path: | + checksums.txt + /__w/vanilla-backgrounds/vanilla-backgrounds.deb + + release: + runs-on: ubuntu-latest + needs: build-artifacts + permissions: + contents: write # to create and upload assets to releases + attestations: write # to upload assets attestation for build provenance + id-token: write # grant additional permission to attestation action to mint the OIDC token permission + + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Download Artifact + uses: actions/download-artifact@v4 + with: + name: vanilla-backgrounds + + - name: Create Release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: gh release create "${{ github.ref_name }}" --generate-notes *.deb checksums.txt + + - name: Attest Release Files + id: attest + uses: actions/attest-build-provenance@v1 + with: + subject-path: '*.deb, *.txt' diff --git a/.gitignore b/.gitignore index 20799c9..9ab2ac3 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,4 @@ /debian/.debhelper /debian/vanilla-backgrounds /debian/debhelper-build-stamp -/debian/vanilla-backgrounds.substvars \ No newline at end of file +/debian/vanilla-backgrounds.substvars diff --git a/VERSION b/VERSION index 21e8796..ee90284 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.0.3 +1.0.4