name: Publish Docker Images on: push: branches: - main - develop tags: - 'v*.*.*' pull_request: types: [opened, synchronize, reopened] jobs: coverage-and-sonar: runs-on: ubuntu-latest permissions: contents: read pull-requests: read steps: - name: Checkout repository uses: actions/checkout@v4 with: fetch-depth: 0 - name: Install Nix uses: cachix/install-nix-action@v31 with: nix_path: nixpkgs=channel:nixos-unstable - name: Format Check run: | nix develop --no-pure-eval --accept-flake-config --command just format-check - name: Audit run: | nix develop --no-pure-eval --accept-flake-config --command just audit - name: Lint run: | nix develop --no-pure-eval --accept-flake-config --command just lint-report - name: Build Linux release binary run: nix build --no-pure-eval --accept-flake-config - name: Build Windows release binary run: nix build .#windows --no-pure-eval --accept-flake-config - name: Coverage run: | nix develop --no-pure-eval --accept-flake-config --command just coverage-ci - name: Sonar analysis uses: SonarSource/sonarqube-scan-action@v6 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} - name: Prepare Linux binary run: | mkdir dist-linux cp result/bin/jj-cz dist-linux/ cp LICENSE.*.md dist-linux/ - name: Upload Linux artifact uses: actions/upload-artifact@v3 with: name: jj-cz-linux-x86_64 path: dist-linux/* - name: Prepare Windows binary run: | mkdir -p dist-windows cp result/bin/jj-cz.exe dist-windows/ cp LICENSE.*.md dist-windows/ - name: Upload Windows artifact uses: actions/upload-artifact@v3 with: name: jj-cz-windows-x86_64 path: dist-windows/*