55 branches :
66 - main
77 - rc
8+ paths :
9+ - .bazeliskrc
10+ - .bazelrc
11+ - .github/workflows/deploy.core.yaml
12+ - alamos/go/**
13+ - alamos/ts/**
14+ - aspen/**
15+ - cesium/**
16+ - client/cpp/**
17+ - client/ts/**
18+ - configs/ts/**
19+ - configs/vite/**
20+ - console/**
21+ - core/**
22+ - drift/**
23+ - driver/**
24+ - Earthfile
25+ - freighter/cpp/**
26+ - freighter/go/**
27+ - freighter/ts/**
28+ - go.work
29+ - go.work.sum
30+ - MODULE.bazel
31+ - MODULE.bazel.lock
32+ - package.json
33+ - pnpm-lock.yaml
34+ - pnpm-workspace.yaml
35+ - pluto/**
36+ - relic.conf
37+ - turbo.json
38+ - vendor/mbedtls/**
39+ - vendor/open62541/**
40+ - x/cpp/**
41+ - x/go/**
42+ - x/ts/**
843 pull_request :
944 branches :
1045 - main
1146 - rc
47+ paths :
48+ - .bazeliskrc
49+ - .bazelrc
50+ - .github/workflows/deploy.core.yaml
51+ - alamos/go/**
52+ - alamos/ts/**
53+ - aspen/**
54+ - cesium/**
55+ - client/cpp/**
56+ - client/ts/**
57+ - configs/ts/**
58+ - configs/vite/**
59+ - console/**
60+ - core/**
61+ - drift/**
62+ - driver/**
63+ - Earthfile
64+ - freighter/cpp/**
65+ - freighter/go/**
66+ - freighter/ts/**
67+ - go.work
68+ - go.work.sum
69+ - MODULE.bazel
70+ - MODULE.bazel.lock
71+ - package.json
72+ - pnpm-lock.yaml
73+ - pnpm-workspace.yaml
74+ - pluto/**
75+ - relic.conf
76+ - turbo.json
77+ - vendor/mbedtls/**
78+ - vendor/open62541/**
79+ - x/cpp/**
80+ - x/go/**
81+ - x/ts/**
1282 workflow_dispatch :
1383
14- permissions :
15- contents : write
16- packages : write
17-
1884env :
1985 CACHE_SCOPE : deploy-synnax
2086
2389 runs-on : ubuntu-latest
2490 outputs :
2591 VERSION : ${{ steps.version.outputs.VERSION }}
26- changed : ${{ steps.filter.outputs.changed }}
2792 steps :
2893 - name : Checkout Repository
29- uses : actions/checkout@v4
94+ uses : actions/checkout@v5
3095
3196 - name : Get Version
3297 id : version
@@ -38,29 +103,12 @@ jobs:
38103 echo "VERSION=$(cat pkg/version/VERSION)-rc" >> $GITHUB_OUTPUT
39104 fi
40105
41- name : Diff Changes
42- uses : dorny/paths-filter@v3
43- id : filter
44- with :
45- base : ${{ github.ref }}
46- filters : |
47- changed:
48- - .github/workflows/deploy.core.yaml
49- - alamos/go/**
50- - aspen/**
51- - cesium/**
52- - client/cpp/**
53- - core/**
54- - driver/**
55- - freighter/go/**
56- - x/cpp/**
57- - x/go/**
58- - WORKSPACE
59-
60106create-release :
61107 runs-on : ubuntu-latest
62108 needs : setup
63- if : github.event_name == 'push' && needs.setup.outputs.changed == 'true'
109+ if : github.event_name == 'push'
110+ permissions :
111+ contents : write
64112 steps :
65113 - name : Create Release
66114 uses : actions/github-script@v7
@@ -82,9 +130,11 @@ jobs:
82130 });
83131
84132build :
85- needs : setup
133+ needs : [ setup, create-release]
86134 name : Build (${{ matrix.os }})
87- if : needs.setup.outputs.changed == 'true'
135+ permissions :
136+ contents : write
137+ packages : write
88138 env :
89139 GH_TOKEN : ${{ github.token }}
90140 NODE_OPTIONS : " --max_old_space_size=4096"
@@ -95,12 +145,7 @@ jobs:
95145 runs-on : ${{ matrix.os }}
96146 steps :
97147 - name : Checkout Repository
98- uses : actions/checkout@v4
99-
100- - uses : GuillaumeFalourd/setup-windows10-sdk-action@v2
101- if : matrix.os == 'windows-latest'
102- with :
103- sdk-version : 22000
148+ uses : actions/checkout@v5
104149
105150 - name : Update Submodules
106151 run : git submodule update --init --recursive
@@ -181,6 +226,8 @@ jobs:
181226 security create-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
182227 security default-keychain -s build.keychain
183228 security unlock-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
229+ # Prevent the keychain from getting locked during the build process
230+ security set-keychain-settings -t 3600 -u build.keychain
184231 security import certificate.p12 -k build.keychain -P "$APPLE_CERTIFICATE_PASSWORD" -T /usr/bin/codesign
185232 security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" build.keychain
186233
0 commit comments