[pull] main from sourcegraph:main #4246
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: universal-ctags | |
on: | |
push: | |
paths: | |
- 'dev/nix/ctags.nix' | |
branches: | |
- 'main' | |
pull_request: | |
paths: | |
- 'dev/nix/ctags.nix' | |
workflow_dispatch: | |
permissions: | |
contents: 'read' | |
id-token: 'write' | |
jobs: | |
x86_64-darwin: | |
name: Build ctags x86_64-darwin | |
runs-on: macos-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: DeterminateSystems/nix-installer-action@07b8bcba1b22d847db7ee507180c33e115499665 # SECURITY: pin third-party action hashes # SECURITY: pin third-party action hashes | |
- uses: DeterminateSystems/magic-nix-cache-action@main | |
- name: '🔓 Authenticate to Google Cloud' | |
uses: 'google-github-actions/auth@v1' | |
with: | |
credentials_json: ${{ secrets.CTAGS_GCP_SERVICE_ACCOUNT }} | |
- name: Run `nix build` | |
run: | | |
nix build .#universal-ctags | |
- name: Sign the binary | |
# signing in ./result/bin will cause a cache miss on next invocation | |
run: | | |
mkdir -p dist | |
cp -L ./result/bin/universal-ctags* ./dist/ | |
sudo codesign --force -s - ./dist/universal-ctags* | |
- name: Rename an prepare for upload | |
run: | | |
cd dist/ && ls | xargs -I{} mv {} "{}.$(git rev-parse --short HEAD)" | |
- name: Show hash of ctags | |
run: | | |
shasum -a 256 ./dist/universal-ctags-* | |
- uses: 'google-github-actions/upload-cloud-storage@v1' | |
# github.head_ref is only available for pull requests | |
# if the event type is not pull_requet we have to use github.ref_name | |
if: ${{ github.ref_name == 'main' }} | |
with: | |
path: './dist/' | |
destination: 'universal_ctags/x86_64-darwin/' | |
glob: 'universal-ctags-*' | |
aarch64-darwin: | |
name: Build ctags aarch64-darwin | |
runs-on: macos-latest-xlarge | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: DeterminateSystems/nix-installer-action@07b8bcba1b22d847db7ee507180c33e115499665 # SECURITY: pin third-party action hashes # SECURITY: pin third-party action hashes | |
- uses: DeterminateSystems/magic-nix-cache-action@main | |
- name: '🔓 Authenticate to Google Cloud' | |
uses: 'google-github-actions/auth@v1' | |
with: | |
credentials_json: ${{ secrets.CTAGS_GCP_SERVICE_ACCOUNT }} | |
- name: Run `nix build` | |
run: | | |
nix build .#universal-ctags | |
- name: Sign the binary | |
# signing in ./result/bin will cause a cache miss on next invocation | |
run: | | |
mkdir -p dist | |
cp -L ./result/bin/universal-ctags* ./dist/ | |
sudo codesign --force -s - ./dist/universal-ctags* | |
- name: Rename an prepare for upload | |
run: | | |
cd dist/ && ls | xargs -I{} mv {} "{}.$(git rev-parse --short HEAD)" | |
- name: Show hash of ctags | |
run: | | |
shasum -a 256 ./dist/universal-ctags-* | |
- uses: 'google-github-actions/upload-cloud-storage@v1' | |
# github.head_ref is only available for pull requests | |
# if the event type is not pull_requet we have to use github.ref_name | |
if: ${{ github.ref_name == 'main' }} | |
with: | |
path: './dist/' | |
destination: 'universal_ctags/aarch64-darwin' | |
glob: 'universal-ctags-*' | |
x86_64-linux: | |
name: Build ctags x86_64-linux | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: DeterminateSystems/nix-installer-action@07b8bcba1b22d847db7ee507180c33e115499665 # SECURITY: pin third-party action hashes # SECURITY: pin third-party action hashes | |
- uses: DeterminateSystems/magic-nix-cache-action@main | |
- name: '🔓 Authenticate to Google Cloud' | |
uses: 'google-github-actions/auth@v1' | |
with: | |
credentials_json: ${{ secrets.CTAGS_GCP_SERVICE_ACCOUNT }} | |
- name: Run `nix build` | |
run: | | |
nix build .#ctags | |
- name: Rename an prepare for upload | |
run: | | |
mkdir -p dist | |
cp -R -L ./result/bin/universal-ctags-* dist/ | |
cd dist/ && ls | xargs -I{} mv {} "{}.$(git rev-parse --short HEAD)" | |
- name: Show hash of ctags | |
run: | | |
shasum -a 256 ./dist/universal-ctags-* | |
- uses: 'google-github-actions/upload-cloud-storage@v1' | |
# github.head_ref is only available for pull requests | |
# if the event type is not pull_requet we have to use github.ref_name | |
if: ${{ github.ref_name == 'main' }} | |
with: | |
path: './dist/' | |
destination: 'universal_ctags/x86_64-linux' | |
glob: 'universal-ctags-*' | |
report_failure: | |
needs: [aarch64-darwin, x86_64-darwin, x86_64-linux] | |
if: ${{ failure() }} | |
uses: sourcegraph/sourcegraph/.github/workflows/report-job-failure.yml@main | |
secrets: inherit |