particle-os-modules/.github/workflows/build-unified.yml

name: build-unified
on:
  push:
    paths-ignore: # don't rebuild if only documentation has changed
      - "**.md"
  pull_request:
  merge_group:
  workflow_dispatch:

jobs:
  build-unified:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - uses: hustcer/setup-nu@9859855d6c1dfcd6d53ee7480b8e86c8c45298cb # v3.19
        with:
          version: v0.93

      - uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0

      - name: Login to GitHub Container Registry
        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      
      - uses: sigstore/cosign-installer@3454372f43399081ed03b604cb2d021dabca52bb # v3.8.2

      - name: Run build and push script
        run: nu ./build-unified.nu
        env:
          REGISTRY: ghcr.io/${{ github.repository_owner }}
          COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }}
          GH_EVENT_NAME: ${{ github.event_name }}
          GH_PR_NUMBER: ${{ github.event.number }}
          GH_BRANCH: ${{ github.ref_name }}