Skip to content

Commit b96e178

Browse files
authored
Merge pull request #33 from kavinthangavel:workflow
fix: fixed workflow files
2 parents 0671e6c + a4e0ae7 commit b96e178

14 files changed

Lines changed: 46 additions & 1350 deletions

.github/workflows/build-verification.yml

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -7,9 +7,9 @@ on:
77
required: true
88
type: string
99

10-
permissions: # Default permissions for all jobs
10+
permissions:
1111
contents: read
12-
id-token: write # Required for Sigstore OIDC attestation
12+
id-token: write
1313

1414
jobs:
1515
generate-build-info:
@@ -77,9 +77,6 @@ jobs:
7777
cosign sign-blob --yes SHA256SUMS.txt --output-signature SHA256SUMS.txt.sig
7878
echo "Signed checksums file with Sigstore/cosign"
7979
80-
# The custom provenance step below is removed as GitHub's built-in
81-
# provenance via 'gh release create' is used in the create-release workflow.
82-
8380
- name: Upload verification artifacts
8481
uses: actions/upload-artifact@v4
8582
with:

.github/workflows/build.yml

Lines changed: 2 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ on:
1515

1616
permissions:
1717
contents: write
18-
id-token: write # Required for provenance and attestation
18+
id-token: write
1919

2020
jobs:
2121
prepare-release:
@@ -26,7 +26,7 @@ jobs:
2626
- name: Checkout repository
2727
uses: actions/checkout@v4
2828
with:
29-
fetch-depth: 0 # Fetch all history for changelog generation
29+
fetch-depth: 0
3030

3131
- name: Determine version
3232
id: get_version
@@ -47,7 +47,6 @@ jobs:
4747
uses: ./.github/workflows/build-verification.yml
4848
with:
4949
version: ${{ needs.prepare-release.outputs.version }}
50-
# Permissions are inherited from the calling workflow
5150

5251
publish-pypi:
5352
needs: prepare-release
@@ -68,26 +67,7 @@ jobs:
6867
SIMKL_CLIENT_ID: ${{ secrets.SIMKL_CLIENT_ID }}
6968
SIMKL_CLIENT_SECRET: ${{ secrets.SIMKL_CLIENT_SECRET }}
7069

71-
# build-macos:
72-
# needs: prepare-release
73-
# uses: ./.github/workflows/macos-build.yml
74-
# with:
75-
# version: ${{ needs.prepare-release.outputs.version }}
76-
# secrets:
77-
# SIMKL_CLIENT_ID: ${{ secrets.SIMKL_CLIENT_ID }}
78-
# SIMKL_CLIENT_SECRET: ${{ secrets.SIMKL_CLIENT_SECRET }}
79-
80-
# build-linux:
81-
# needs: prepare-release
82-
# uses: ./.github/workflows/linux-build.yml
83-
# with:
84-
# version: ${{ needs.prepare-release.outputs.version }}
85-
# secrets:
86-
# SIMKL_CLIENT_ID: ${{ secrets.SIMKL_CLIENT_ID }}
87-
# SIMKL_CLIENT_SECRET: ${{ secrets.SIMKL_CLIENT_SECRET }}
88-
8970
create-github-release:
90-
# needs: [prepare-release, publish-pypi, build-windows, build-macos, build-linux]
9171
needs: [prepare-release, publish-pypi, build-windows, build-verification]
9272
uses: ./.github/workflows/create-release.yml
9373
with:

.github/workflows/create-release.yml

Lines changed: 7 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -17,12 +17,12 @@ jobs:
1717
runs-on: ubuntu-latest
1818
permissions:
1919
contents: write
20-
id-token: write # Required for provenance
20+
id-token: write
2121
steps:
2222
- name: Checkout repository
2323
uses: actions/checkout@v4
2424
with:
25-
fetch-depth: 0 # Full history for tag verification
25+
fetch-depth: 0
2626

2727
- name: Verify signed tag
2828
env:
@@ -99,7 +99,7 @@ jobs:
9999
echo "Warning: No Windows installer found!"
100100
fi
101101
102-
- name: Find Windows Installer # Corrected indentation
102+
- name: Find Windows Installer
103103
id: find_installer
104104
run: |
105105
INSTALLER_PATH=$(find release-artifacts -name "MPSS_Setup_*.exe" -o -name "*.exe" | grep -i "setup" | head -1)
@@ -114,11 +114,10 @@ jobs:
114114
find release-artifacts -name "*.exe" || echo "No .exe files found"
115115
exit 1
116116
fi
117-
# Removed incorrect sigstore/gh-action-sigstore step
118-
- name: Install cosign # Corrected indentation
119-
uses: sigstore/cosign-installer@v3.4.0 # Use the same version as in build-verification.yml
117+
- name: Install cosign
118+
uses: sigstore/cosign-installer@v3.4.0
120119

121-
- name: Sign Windows Installer with Cosign # Corrected indentation
120+
- name: Sign Windows Installer with Cosign
122121
id: sign_installer
123122
run: |
124123
INSTALLER_PATH="${{ steps.find_installer.outputs.path }}"
@@ -127,7 +126,7 @@ jobs:
127126
echo "Signature created at ${INSTALLER_PATH}.sig"
128127
echo "signature_path=${INSTALLER_PATH}.sig" >> $GITHUB_OUTPUT
129128
130-
- name: Prepare verification information # Corrected indentation
129+
- name: Prepare verification information
131130
run: |
132131
# Ensure verification-artifacts directory exists
133132
mkdir -p verification-info
@@ -221,28 +220,6 @@ jobs:
221220
echo "::warning:: Installer signature file not found at $INSTALLER_SIG_PATH"
222221
fi
223222
echo "Verification artifacts uploaded."
224-
225-
# The Windows installer is now attached during 'gh release create',
226-
# so the separate upload step below is removed.
227-
228-
# Upload other installers if we have them (commented out for now)
229-
# MACOS_DMG=$(find release-artifacts/macos-installers -name "*.dmg" | head -1)
230-
# MACOS_PKG=$(find release-artifacts/macos-installers -name "*.pkg" | head -1)
231-
# LINUX_APPIMAGE=$(find release-artifacts/linux-installers -name "*.AppImage" | head -1)
232-
# LINUX_DEB=$(find release-artifacts/linux-installers -name "*.deb" | head -1)
233-
234-
# if [ -n "$MACOS_DMG" ]; then
235-
# gh release upload "v$VERSION" "$MACOS_DMG" --clobber
236-
# fi
237-
# if [ -n "$MACOS_PKG" ]; then
238-
# gh release upload "v$VERSION" "$MACOS_PKG" --clobber
239-
# fi
240-
# if [ -n "$LINUX_APPIMAGE" ]; then
241-
# gh release upload "v$VERSION" "$LINUX_APPIMAGE" --clobber
242-
# fi
243-
# if [ -n "$LINUX_DEB" ]; then
244-
# gh release upload "v$VERSION" "$LINUX_DEB" --clobber
245-
# fi
246223
247224
- name: Delete all workflow artifacts after release
248225
uses: geekyeggo/delete-artifact@v5

.github/workflows/dependencies.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ name: Dependency Management
22

33
on:
44
schedule:
5-
- cron: '0 0 * * 1' # Run weekly on Monday at midnight
5+
- cron: '0 0 * * 1'
66
workflow_dispatch:
77
pull_request:
88
paths:

.github/workflows/docs.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,12 +22,12 @@ jobs:
2222
deploy:
2323
runs-on: ubuntu-latest
2424
permissions:
25-
contents: write # Needed for gh-pages deployment
25+
contents: write
2626
steps:
2727
- name: Checkout repository
2828
uses: actions/checkout@v4
2929
with:
30-
fetch-depth: 0 # Needed for mkdocs-git-revision-date-localized-plugin
30+
fetch-depth: 0
3131

3232
- name: Set up Python
3333
uses: actions/setup-python@v5

0 commit comments

Comments
 (0)