Commit graph

3 commits

Author SHA1 Message Date
Viren Mohindra
cd3ec3ab8d
fix(ci): use sign-binaries: true in main-build.yml (#1094)
sign-binaries: false passes empty strings for TAURI_SIGNING_PRIVATE_KEY
and APPLE_CERTIFICATE, but Tauri treats a set-but-empty env var as a
signing attempt, causing all builds to fail. Use sign-binaries: true to
match pr-test-build.yml — secrets are already configured in the repo.
2026-03-19 15:16:34 +08:00
Viren Mohindra
c5ec92b310
fix(ci): grant contents: write so build.yml reusable workflow can start (#1092) 2026-03-19 14:43:38 +08:00
Viren Mohindra
e3c9f5814f
ci: run full build and quality checks on push to main (#1091)
* ci: add full build and quality checks on push to main

Adds a new main-build.yml workflow that runs the full 7-platform build
matrix on every push to main, uploading artifacts for 30 days. Also
adds push-to-main triggers to code-quality, test, and nix-check
workflows. The nix full build now always runs on main pushes (not just
when nix packaging files change), catching the expensive breakage that
currently requires manual verification before each release.

* ci: fix permissions and clarify nix full-build intent

- narrow contents: write to contents: read in main-build.yml — no
  release assets are uploaded here so write access is unnecessary
- update nix-check comment to reflect that the full build always runs
  on push to main (not just when nix files change), matching intent
2026-03-19 14:39:09 +08:00