Add missing checkout #22

Workflow file for this run

	name: CI

	on:
	push:
	branches: ["main"]
	tags: ["v*"]
	pull_request:
	branches: ["main"]
	workflow_dispatch:

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	env:
	SCCACHE_GHA_ENABLED: "true"

	defaults:
	run:
	shell: bash

	jobs:
	build:
	strategy:
	matrix:
	os: [macos-latest, windows-latest]
	runs-on: ${{ matrix.os }}
	timeout-minutes: 10
	steps:
	- name: Import certificates (macOS)
	if: runner.os == 'macOS'
	env:
	APPLICATION_CERTIFICATE_BASE64: ${{ secrets.APPLICATION_CERTIFICATE_BASE64 }}
	INSTALLER_CERTIFICATE_BASE64: ${{ secrets.INSTALLER_CERTIFICATE_BASE64 }}
	P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
	KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
	run: \|
	APPLICATION_CERTIFICATE_PATH="${RUNNER_TEMP}/application_cert.p12"
	INSTALLER_CERTIFICATE_PATH="${RUNNER_TEMP}/installer_cert.p12"
	KEYCHAIN_PATH="${RUNNER_TEMP}/signing.keychain-db"

	echo "$APPLICATION_CERTIFICATE_BASE64" \| base64 --decode -o "$APPLICATION_CERTIFICATE_PATH"
	echo "$INSTALLER_CERTIFICATE_BASE64" \| base64 --decode -o "$INSTALLER_CERTIFICATE_PATH"
	security create-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
	security set-keychain-settings -lut 21600 "$KEYCHAIN_PATH"
	security unlock-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"

	security import "$APPLICATION_CERTIFICATE_PATH" -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k "$KEYCHAIN_PATH"
	security import "$INSTALLER_CERTIFICATE_PATH" -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k "$KEYCHAIN_PATH"
	security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
	security list-keychain -d user -s "$KEYCHAIN_PATH"

	- name: Set up MSVC (Windows)
	if: runner.os == 'Windows'
	uses: ilammy/msvc-dev-cmd@v1

	- name: Install Ninja
	run: \|
	if [[ "$RUNNER_OS" == "macOS" ]]; then
	brew install ninja
	elif [[ "$RUNNER_OS" == "Windows" ]]; then
	choco install ninja
	fi

	- uses: actions/checkout@v4
	with:
	submodules: true

	- name: Run sccache-cache
	uses: mozilla-actions/sccache-action@v0.0.7

	- name: Configure
	run: cmake --preset="ci-ninja-multi"

	- name: Build
	run: cmake --build --preset="ci-ninja-multi-release"

	- name: Test
	run: ctest --preset="ci-test-release"

	- name: Package
	run: cpack --preset="ci-package-release"

	- name: Load Environment Variables
	id: env-ci
	run: \|
	echo "::group::Show .env.ci"
	cat .env.ci
	echo "::endgroup::"
	cat .env.ci >> "$GITHUB_OUTPUT"

	- name: Notarization (macOS)
	if: runner.os == 'macOS'
	env:
	DEVELOPER_APPLE_ID: ${{ secrets.DEVELOPER_APPLE_ID }}
	DEVELOPER_APPLE_PASSWORD: ${{ secrets.DEVELOPER_APPLE_PASSWORD }}
	DEVELOPER_TEAM_ID: ${{ secrets.DEVELOPER_TEAM_ID }}
	PACKAGE_FILE_PATH: ${{ steps.env-ci.outputs.PACKAGE_FILE_PATH }}
	run: xcrun notarytool submit --apple-id "$DEVELOPER_APPLE_ID" --password "$DEVELOPER_APPLE_PASSWORD" --team-id "$DEVELOPER_TEAM_ID" --wait "$PACKAGE_FILE_PATH"

	- name: Azure Trusted Signing (Windows)
	if: runner.os == 'Windows'
	uses: azure/trusted-signing-action@v0.5.0
	with:
	azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
	azure-client-id: ${{ secrets.AZURE_CLIENT_ID }}
	azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }}
	endpoint: ${{ secrets.AZURE_ENDPOINT }}
	trusted-signing-account-name: ${{ secrets.AZURE_TRUSTED_SIGNING_ACCOUNT_NAME }}
	certificate-profile-name: ${{ secrets.AZURE_CERTIFICATE_PROFILE_NAME }}
	files: ${{ steps.env-ci.outputs.PACKAGE_FILE_PATH }}

	- name: "Upload Artifact"
	uses: actions/upload-artifact@v4
	with:
	name: ${{ steps.env-ci.outputs.PACKAGE_FILE_NAME }}
	path: ${{ steps.env-ci.outputs.PACKAGE_FILE_PATH }}
	if-no-files-found: error

	release:
	if: startsWith(github.ref, 'refs/tags/v')
	runs-on: ubuntu-latest
	needs: build
	env:
	VERSION: ${{ github.ref_name }}
	permissions:
	contents: write

	steps:
	- uses: actions/checkout@v4

	- name: Download Artifacts
	id: download
	uses: actions/download-artifact@v4
	with:
	merge-multiple: true

	- name: Create Release
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	DOWNLOAD_PATH: ${{ steps.download.outputs.download-path }}
	run: \|
	gh release create "$VERSION" --title "$VERSION" --generate-notes
	gh release upload "$VERSION" "${DOWNLOAD_PATH}/*"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add missing checkout #22

Workflow file

Add missing checkout #22

Jobs

Run details

Workflow file for this run