chore: switch to an XcodeGen project file

Change-Id: I753a7652cdc730157ae7f8bc036338bae5e6b54b
Signed-off-by: Thomas Kosiewski <[email protected]>

Author: ThomasK33

.github/actions/nix-devshell/action.yaml

@@ -0,0 +1,13 @@
+name: "Setup Nix devshell"
+description: "This action sets up a nix devshell environment"
+runs:
+  using: "composite"
+  steps:
+    - name: Setup Nix
+      uses: DeterminateSystems/nix-installer-action@e50d5f73bfe71c2dd0aa4218de8f4afa59f8f81d # v16
+
+    - name: Setup GHA Nix cache
+      uses: DeterminateSystems/magic-nix-cache-action@6221693898146dc97e38ad0e013488a16477a4c4 # v9
+
+    - name: Enter devshell
+      uses: nicknovitski/nix-develop@9be7cfb4b10451d3390a75dc18ad0465bed4932a # v1.2.1

.github/workflows/ci.yml

@@ -10,45 +10,79 @@ on:
     paths-ignore:
       - "README.md"
 
-
 permissions:
   contents: read
 
 jobs:
   test:
     name: test
-    runs-on: ${{ github.repository_owner == 'coder' && 'depot-macos-latest' || 'macos-latest'}}
+    # runs-on: ${{ github.repository_owner == 'coder' && 'depot-macos-latest' || 'macos-latest'}}
+    runs-on: macos-latest
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           fetch-depth: 1
+
       - name: Switch XCode Version
-        uses: maxim-lobanov/setup-xcode@v1
+        uses: maxim-lobanov/setup-xcode@60606e260d2fc5762a71e64e74b2174e8ea3c8bd # v1.6.0
         with:
-          xcode-version: '16.0.0'
-      - run: |
-          make test
+          xcode-version: "16.1.0"
+
+      - name: Setup Nix
+        uses: ./.github/actions/nix-devshell
+
+      - run: make
+
+      - run: make test
+
   format:
     name: fmt
-    runs-on: ${{ github.repository_owner == 'coder' && 'depot-macos-latest' || 'macos-latest'}}
+    # depot.dev does not yet support Xcode 16.1 GA or 16.2, thus we're stuck with GitHub hosted runners for now
+    #
+    # runs-on: ${{ github.repository_owner == 'coder' && 'depot-macos-latest' || 'macos-latest'}}
+    runs-on: macos-latest
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           fetch-depth: 1
-      - run: |
-          make fmt
+
+      - name: Switch XCode Version
+        uses: maxim-lobanov/setup-xcode@60606e260d2fc5762a71e64e74b2174e8ea3c8bd # v1.6.0
+        with:
+          xcode-version: "16.1.0"
+
+      - name: Setup Nix
+        uses: ./.github/actions/nix-devshell
+
+      - run: make fmt
   lint:
     name: lint
-    runs-on: ${{ github.repository_owner == 'coder' && 'depot-macos-latest' || 'macos-latest'}}
+    # runs-on: ${{ github.repository_owner == 'coder' && 'depot-macos-latest' || 'macos-latest'}}
+    runs-on: macos-latest
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           fetch-depth: 1
-      - name: Install Swiftlint
-        run: |
-          brew install swiftlint
-      - run: |
-          make lint
+
+      - name: Setup Nix
+        uses: ./.github/actions/nix-devshell
+
+      - run: make lint