Skip to content

Bump github/codeql-action from 3.25.11 to 3.27.1 #384

Bump github/codeql-action from 3.25.11 to 3.27.1

Bump github/codeql-action from 3.25.11 to 3.27.1 #384

Workflow file for this run

name: Build
on: [push, workflow_dispatch]
permissions: read-all
jobs:
delete-old-artifacts:
permissions:
actions: write
if: github.actor == 'calendulish'
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- uses: calendulish/purge-artifacts-action@2e8a85a677ea67a31edfe3e348d9379ad7e26988 # v1.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
expire-in: 0
linux-build:
if: ${{ always() }}
needs: delete-old-artifacts
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ['3.9', '3.10', '3.11', '3.12']
name: Python ${{ matrix.python-version }} linux build
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: ${{ matrix.python-version }}
- run: sudo apt-fast -y install gettext
- run: python -m pip install -r requirements.txt
- run: python -m build
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: linux_${{ matrix.python-version }}
path: |
build/*.zip
dist/
if-no-files-found: error
retention-days: 90
if: github.actor == 'calendulish'
rpi-build:
if: ${{ always() }}
needs: delete-old-artifacts
runs-on: ubuntu-latest
name: Build ${{ matrix.arch }} ${{ matrix.python-version }}
strategy:
matrix:
include:
- arch: 'armv7'
distro: 'archarm_latest'
- arch: 'aarch64'
distro: 'archarm_latest'
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: uraimo/run-on-arch-action@b0ffb25eb00af00468375982384441f063da1741 # v2.7.2
id: build
with:
arch: ${{ matrix.arch }}
distro: ${{ matrix.distro }}
setup: mkdir -p "${PWD}/artifacts"
dockerRunArgs: --volume "${PWD}/artifacts:/artifacts"
env: |
release_name: "steam-tools-ng-RPI-${{ matrix.arch }}"
shell: /bin/sh
run: |
pacman -Syu --noconfirm
pacman -S --noconfirm python python-build tar
python -m build
cp -rfv dist/ /artifacts/
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: rpi_${{ matrix.arch }}
path: |
artifacts/dist/
if-no-files-found: error
retention-days: 90
if: github.actor == 'calendulish'
windows-build:
if: ${{ always() }}
needs: delete-old-artifacts
runs-on: windows-2022
strategy:
matrix:
python-version: ['3.10', '3.11', '3.12']
defaults:
run:
shell: cmd
working-directory: .\\tools\Windows
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: ${{ matrix.python-version }}
- run: python -m pip install -r .\\..\..\requirements.txt
- run: dist_script_native.cmd
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: windows_${{ matrix.python-version }}
path: |
build/*.zip
installer/build/*.exe
if-no-files-found: error
retention-days: 90
if: github.actor == 'calendulish'
deploy:
permissions:
contents: write
if: startsWith(github.ref, 'refs/tags/')
needs: [linux-build, windows-build, rpi-build]
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
- uses: softprops/action-gh-release@e7a8f85e1c67a31e6ed99a94b41bd0b71bbee6b8 # v2.0.9
with:
draft: true
files: |
linux_3.12/dist/*
windows_3.12/installer/build/*.exe
windows_3.10/build/*.zip
windows_3.11/build/*.zip
windows_3.12/build/*.zip
rpi_aarch64/dist/*.whl
rpi_armv7/dist/*.whl
pypi-upload:
if: startsWith(github.ref, 'refs/tags/')
needs: [deploy]
runs-on: ubuntu-latest
strategy:
matrix:
python-version: [ '3.12' ]
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
- uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # release/v1
with:
password: ${{ secrets.PYPI_API_TOKEN }}
packages_dir: linux_${{ matrix.python-version }}/dist/
verbose: true
print_hash: true
generate-badges:
permissions:
contents: write
if: ${{ always() && github.actor == 'calendulish' }}
needs: [linux-build, windows-build, rpi-build]
runs-on: ubuntu-latest
env:
linux-badge-color: ${{ needs.linux-build.result == 'success' && 'green' || 'red' }}
windows-badge-color: ${{ needs.windows-build.result == 'success' && 'green' || 'red' }}
rpi-badge-color: ${{ needs.rpi-build.result == 'success' && 'green' || 'red' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- uses: RubbaBoy/BYOB@24f464284c1fd32028524b59607d417a2e36fee7 # v1.3.0
with:
NAME: steam-tools-ng-linux-build
LABEL: 'Linux build'
STATUS: ${{ needs.linux-build.result }}
COLOR: ${{ env.linux-badge-color }}
GITHUB_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
REPOSITORY: calendulish/.github
ACTOR: calendulish
- uses: RubbaBoy/BYOB@24f464284c1fd32028524b59607d417a2e36fee7 # v1.3.0
with:
NAME: steam-tools-ng-windows-build
LABEL: 'Windows build'
STATUS: ${{ needs.windows-build.result }}
COLOR: ${{ env.windows-badge-color }}
GITHUB_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
REPOSITORY: calendulish/.github
ACTOR: calendulish
- uses: RubbaBoy/BYOB@24f464284c1fd32028524b59607d417a2e36fee7 # v1.3.0
with:
NAME: steam-tools-ng-rpi-build
LABEL: 'RPI build'
STATUS: ${{ needs.rpi-build.result }}
COLOR: ${{ env.rpi-badge-color }}
GITHUB_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
REPOSITORY: calendulish/.github
ACTOR: calendulish