build.yml

name: Build and Release SecVault

on:
  push:
    branches:
      - master  # Trigger only on pushes to the master branch

jobs:
  build_and_release:
    runs-on: ubuntu-latest
    permissions:
      contents: write

    steps:
      # Step 1: Checkout the repository
      - name: Checkout repository
        uses: actions/checkout@v3

      # Step 2: Download and set up JetBrains Runtime (JBR)
      - name: Download JetBrains Runtime
        run: |
          JBR_URL="https://cache-redirector.jetbrains.com/intellij-jbr/jbrsdk-17.0.10-linux-x64-b1207.1.tar.gz"
          wget $JBR_URL -O jbr.tar.gz
          mkdir jbr
          tar -xzf jbr.tar.gz -C jbr --strip-components=1

      - name: Set up JetBrains Runtime
        run: echo "JAVA_HOME=${{ github.workspace }}/jbr" >> $GITHUB_ENV

      # Step 3: Grant execution permissions for Gradle wrapper
      - name: Grant execution permissions for gradlew
        run: chmod +x ./gradlew

      # Step 4: Build the .deb package
      - name: Build the app and force the DEB task to run
        run: ./gradlew packageDeb --rerun-tasks --warning-mode all

      # Step 5: Verify output and debug (optional)
      - name: List output directories
        run: ls -R build  # Confirm the .deb file location

      # Step 6: Compress the artifact for release
      - name: Compress artifact
        run: tar -czf release.tar.gz -C build/compose/binaries/main/deb .

      # Step 7: Create a release and upload the artifact
      - name: Create GitHub Release
        uses: ncipollo/release-action@v1
        with:
          artifacts: "release.tar.gz"
          token: ${{ secrets.GITHUB_TOKEN }}  # GitHub token is automatically provided for workflows
          tag: ${{ github.run_id }}  # Use the unique run ID as the tag for the release
          name: Release Build ${{ github.run_id }}
          body: |
            This release contains the latest `.deb` package for SecVault.
            - Built using JetBrains Runtime
            - Compatible with Linux