github-ci.yml 3.28 KB
Newer Older
ransome1's avatar
ransome1 committed
1
name: Code scan, build & release
2
3
on: push
jobs:
ransome1's avatar
ransome1 committed
4
5
  macos:
    name: MacOS (Build & Release)
6
7
8
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
ransome1's avatar
ransome1 committed
9
        os: [macos-latest]
10
11
12
13
14
15
16
    steps:
      - name: Check out Git repository
        uses: actions/checkout@v1
      - name: Install Node.js, NPM and Yarn
        uses: actions/setup-node@v1
        with:
          node-version: 14
ransome1's avatar
ransome1 committed
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
      - name: Run Electron Builder
        uses: samuelmeuli/action-electron-builder@v1
        with:
          max_attempts: 3
          github_token: ${{ secrets.github_token }}
          release: ${{ startsWith(github.ref, 'refs/tags/v') }}
  windows:
    name: Windows (Build & Release)
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [windows-latest]
    steps:
      - name: Check out Git repository
        uses: actions/checkout@v1
      - name: Install Node.js, NPM and Yarn
        uses: actions/setup-node@v1
        with:
          node-version: 14
      - name: Run Electron Builder
37
38
39
        env:
          CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
          CSC_LINK: ${{ secrets.CSC_LINK }}
40
41
        uses: samuelmeuli/action-electron-builder@v1
        with:
ransome1's avatar
ransome1 committed
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
          max_attempts: 3
          github_token: ${{ secrets.github_token }}
          release: ${{ startsWith(github.ref, 'refs/tags/v') }}
  linux:
    name: Linux (Build & Release)
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [ubuntu-latest]
    steps:
      - name: Check out Git repository
        uses: actions/checkout@v1
      - name: Install Node.js, NPM and Yarn
        uses: actions/setup-node@v1
        with:
          node-version: 14
      - name: Run Electron Builder
        uses: samuelmeuli/action-electron-builder@v1
        with:
          max_attempts: 3
62
63
          github_token: ${{ secrets.github_token }}
          release: ${{ startsWith(github.ref, 'refs/tags/v') }}
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
  njsscan:
    name: njsscan
    runs-on: ubuntu-latest
    steps:
    - name: Checkout the code
      uses: actions/checkout@v2
    - name: nodejsscan scan
      id: njsscan
      uses: ajinabraham/njsscan-action@master
      with:
        args: '. --sarif --output results.sarif || true'
    - name: Upload njsscan report
      uses: github/codeql-action/upload-sarif@v1
      with:
        sarif_file: results.sarif
  codeql:
    needs: njsscan
    name: CodeQL
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        language: [ 'javascript' ]
    steps:
    - name: Checkout repository
      uses: actions/checkout@v2
    - name: Initialize CodeQL
      uses: github/codeql-action/init@v1
      with:
        languages: ${{ matrix.language }}
    - name: Autobuild
      uses: github/codeql-action/autobuild@v1
    - name: Perform CodeQL Analysis
      uses: github/codeql-action/analyze@v1
98
  mirror:
99
    name: Mirror code to opencode.net
100
    runs-on: ubuntu-latest
101
    needs: codeql
ransome1's avatar
ransome1 committed
102
    steps:                                              # <-- must use actions/checkout@v1 before mirroring!
103
    - uses: actions/checkout@v1
ransome1's avatar
ransome1 committed
104
    - uses: pixta-dev/repository-mirroring-action@v1
105
      with:
ransome1's avatar
ransome1 committed
106
107
108
109
        target_repo_url:
          git@www.opencode.net:ransome/sleek.git
        ssh_private_key:                                # <-- use 'secrets' to pass credential information.
          ${{ secrets.GITLAB_SSH_PRIVATE_KEY }}