name: Publish Docker Images on: push: branches: - main - develop tags: - 'v*.*.*' pull_request: types: [opened, synchronize, reopened] jobs: coverage-and-sonar: runs-on: ubuntu-latest permissions: contents: read pull-requests: read steps: - name: Checkout repository uses: actions/checkout@v4 with: fetch-depth: 0 - name: Install Nix uses: cachix/install-nix-action@v31 with: nix_path: nixpkgs=channel:nixos-unstable - name: Format Check run: | nix develop --no-pure-eval --accept-flake-config --command just format-check - name: Audit run: | nix develop --no-pure-eval --accept-flake-config --command just audit - name: Build run: | nix develop --no-pure-eval --accept-flake-config --command just build-release - name: Lint run: | nix develop --no-pure-eval --accept-flake-config --command just lint-report - name: Coverage run: | nix develop --no-pure-eval --accept-flake-config --command just coverage-ci - name: Sonar analysis uses: SonarSource/sonarqube-scan-action@v6 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} - name: Build Linux release binary run: nix build --no-pure-eval --accept-flake-config - name: Package Linux binary run: mv result/bin/jj-cz && zip jj-cz-linux-x86_64.zip jj-cz LICENSE.GPL.md LICENSE.MIT.md - name: Upload Linux artifact uses: actions/upload-artifact@v3 with: name: jj-cz-linux-x86_64 path: jj-cz-linux-x86_64.zip - name: Build Windows release binary run: nix build .#windows --no-pure-eval --accept-flake-config - name: Package Windows binary run: zip jj-cz-windows-x86_64.zip result/bin/jj-cz.exe LICENSE.GPL.md LICENSE.MIT.md - name: Upload Windows artifact uses: actions/upload-artifact@v3 with: name: jj-cz-windows-x86_64 path: jj-cz-windows-x86_64.zip