mirrors/brew
1
0
Fork 0
mirror of https://github.com/Homebrew/brew.git synced 2025-07-14 16:09:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

Tweak GitHub Actions workflows

Browse Source 
- prepare to use `main` instead of `master`.
- use synced `actionlint.yml` to simplify Homebrew/.github sync logic.
- fix some broken workflow PR opening logic.
This commit is contained in:
Mike McQuaid 2025-06-11 16:15:40 +01:00
parent 8aeb93ec98
commit 7bd8642bfc
No known key found for this signature in database
10 changed files with 69 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
.github/workflows/actionlint.yml vendored
View File

@ -1,18 +1,19 @@
name: actionlint # This file is synced from the `.github` repository, do not modify it directly.
name: Actionlint
on: on:
push: push:
branches: branches:
- main
- master - master
paths:
- '.github/workflows/*.ya?ml'
- 'Formula/a/actionlint.rb'
- 'Formula/s/shellcheck.rb'
- 'Formula/z/zizmor.rb'
pull_request: pull_request:
paths: paths:
- '.github/workflows/*.ya?ml' - '.github/workflows/*.ya?ml'
- '.github/actionlint.yaml'
env:
HOMEBREW_DEVELOPER: 1
HOMEBREW_NO_AUTO_UPDATE: 1
HOMEBREW_NO_ENV_HINTS: 1
defaults: defaults:
run: run:
@ -22,12 +23,19 @@ concurrency:
group: "actionlint-${{ github.ref }}" group: "actionlint-${{ github.ref }}"
cancel-in-progress: ${{ github.event_name == 'pull_request' }} cancel-in-progress: ${{ github.event_name == 'pull_request' }}
env:
HOMEBREW_DEVELOPER: 1
HOMEBREW_NO_AUTO_UPDATE: 1
HOMEBREW_NO_ENV_HINTS: 1
permissions: {} permissions: {}
jobs: jobs:
workflow_syntax: workflow_syntax:
if: github.repository_owner == 'Homebrew' if: github.repository_owner == 'Homebrew'
runs-on: ubuntu-latest runs-on: ubuntu-latest
permissions:
contents: read
steps: steps:
- name: Set up Homebrew - name: Set up Homebrew
id: setup-homebrew id: setup-homebrew
@ -40,31 +48,34 @@ jobs:
- name: Install tools - name: Install tools
run: brew install actionlint shellcheck zizmor run: brew install actionlint shellcheck zizmor
- name: Set up GITHUB_WORKSPACE - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
env: with:
HOMEBREW_REPOSITORY: ${{ steps.setup-homebrew.outputs.repository-path }} persist-credentials: false
run: |
# Annotations work only relative to GITHUB_WORKSPACE
(shopt -s dotglob; rm -rf "${GITHUB_WORKSPACE:?}"/*; mv "${HOMEBREW_REPOSITORY:?}"/* "$GITHUB_WORKSPACE")
rmdir "$HOMEBREW_REPOSITORY"
ln -vs "$GITHUB_WORKSPACE" "$HOMEBREW_REPOSITORY"
echo "::add-matcher::.github/actionlint-matcher.json" - run: zizmor --format sarif . > results.sarif
- run: |
# NOTE: exit code intentionally suppressed here
zizmor --format sarif . > results.sarif || true
- name: Upload SARIF file - name: Upload SARIF file
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
# We can't use the SARIF file when triggered by `merge_group` so we don't upload it.
if: always() && github.event_name != 'merge_group'
with: with:
name: results.sarif name: results.sarif
path: results.sarif path: results.sarif
- name: Set up actionlint
run: echo "::add-matcher::$(brew --repository)/.github/actionlint-matcher.json"
- run: actionlint - run: actionlint
upload_sarif: upload_sarif:
needs: workflow_syntax needs: workflow_syntax
# We want to always upload this even if `actionlint` failed.
# This is only available on public repositories.
if: >
always() &&
!contains(fromJSON('["cancelled", "skipped"]'), needs.workflow_syntax.result) &&
!github.event.repository.private &&
github.event_name != 'merge_group'
runs-on: ubuntu-latest runs-on: ubuntu-latest
permissions: permissions:
contents: read contents: read

3
.github/workflows/codeql-analysis.yml vendored
View File

@ -3,10 +3,9 @@ name: "CodeQL"
on: on:
push: push:
branches: branches:
- main
- master - master
pull_request: pull_request:
branches:
- master
defaults: defaults:
run: run:

15
.github/workflows/docker.yml vendored
View File

@ -4,6 +4,7 @@ on:
pull_request: pull_request:
push: push:
branches: branches:
- main
- master - master
merge_group: merge_group:
release: release:
@ -38,8 +39,8 @@ jobs:
fetch-depth: 0 fetch-depth: 0
persist-credentials: false persist-credentials: false
- name: Fetch origin/master from Git - name: Fetch origin/HEAD from Git
run: git fetch origin master run: git fetch origin HEAD
- name: Determine build attributes - name: Determine build attributes
id: attributes id: attributes
@ -83,12 +84,16 @@ jobs:
) )
fi fi
elif [[ "${GITHUB_EVENT_NAME}" == "push" && elif [[ "${GITHUB_EVENT_NAME}" == "push" &&
"${GITHUB_REF}" == "refs/heads/master" && ("${GITHUB_REF}" == "refs/heads/master" || "${GITHUB_REF}" == "refs/heads/main") &&
"${version}" == "22.04" ]]; then "${version}" == "22.04" ]]; then
tags+=( tags+=(
"ghcr.io/homebrew/brew:main"
"ghcr.io/homebrew/brew:master" "ghcr.io/homebrew/brew:master"
"ghcr.io/homebrew/ubuntu${version}:main"
"ghcr.io/homebrew/ubuntu${version}:master" "ghcr.io/homebrew/ubuntu${version}:master"
"homebrew/brew:main"
"homebrew/brew:master" "homebrew/brew:master"
"homebrew/ubuntu${version}:main"
"homebrew/ubuntu${version}:master" "homebrew/ubuntu${version}:master"
) )
fi fi
@ -160,8 +165,8 @@ jobs:
fetch-depth: 0 fetch-depth: 0
persist-credentials: false persist-credentials: false
- name: Fetch origin/master from Git - name: Fetch origin/HEAD from Git
run: git fetch origin master run: git fetch origin HEAD
- name: Set up Docker Buildx - name: Set up Docker Buildx
uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0 uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0

1
.github/workflows/rubydoc.yml vendored
View File

@ -3,6 +3,7 @@ name: Ruby Documentation CI
on: on:
push: push:
branches: branches:
- main
- master - master
pull_request: pull_request:

10
.github/workflows/schemas.yml vendored
View File

@ -4,6 +4,7 @@ on:
paths: paths:
- .github/workflows/schemas.yml - .github/workflows/schemas.yml
branches-ignore: branches-ignore:
- main
- master - master
schedule: schedule:
- cron: "0 0 * * *" - cron: "0 0 * * *"
@ -55,7 +56,7 @@ jobs:
git checkout "${BRANCH}" git checkout "${BRANCH}"
git checkout "Library/Homebrew/data/schemas" git checkout "Library/Homebrew/data/schemas"
else else
git checkout --no-track -B "${BRANCH}" origin/master git checkout --no-track -B "${BRANCH}" origin/HEAD
fi fi
# Intentionally tracking 2.3.x to match what we output in sbom.rb. 3.0 also doesn't have a JSON Schema. # Intentionally tracking 2.3.x to match what we output in sbom.rb. 3.0 also doesn't have a JSON Schema.
@ -67,9 +68,10 @@ jobs:
if ! git diff --exit-code Library/Homebrew/data/schemas if ! git diff --exit-code Library/Homebrew/data/schemas
then then
git add "Library/Homebrew/data/schemas" git add "Library/Homebrew/data/schemas"
git commit -m "data/schemas: update schema data." -m "Autogenerated by [a scheduled GitHub Action](https://github.com/Homebrew/brew/blob/master/.github/workflows/schemas.yml)." git commit -m "data/schemas: update schema data." -m "Autogenerated by [a scheduled GitHub Action](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/schemas.yml)."
echo "committed=true" >> "$GITHUB_OUTPUT" echo "committed=true" >> "$GITHUB_OUTPUT"
PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state")" PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state" || true)"
if [[ "${PULL_REQUEST_STATE}" != "OPEN" ]] if [[ "${PULL_REQUEST_STATE}" != "OPEN" ]]
then then
echo "pull_request=true" >> "$GITHUB_OUTPUT" echo "pull_request=true" >> "$GITHUB_OUTPUT"
@ -84,7 +86,7 @@ jobs:
directory: ${{ steps.set-up-homebrew.outputs.repository-path }} directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
branch: ${{ steps.update.outputs.branch }} branch: ${{ steps.update.outputs.branch }}
force: true force: true
origin_branch: "master" origin_branch: "HEAD"
- name: Open a pull request - name: Open a pull request
if: steps.update.outputs.pull_request == 'true' if: steps.update.outputs.pull_request == 'true'

11
.github/workflows/sorbet.yml vendored
View File

@ -10,6 +10,7 @@ on:
paths: paths:
- .github/workflows/sorbet.yml - .github/workflows/sorbet.yml
branches-ignore: branches-ignore:
- main
- master - master
schedule: schedule:
- cron: "0 0 * * *" - cron: "0 0 * * *"
@ -63,7 +64,7 @@ jobs:
git checkout "${BRANCH}" git checkout "${BRANCH}"
git checkout "Library/Homebrew/sorbet" git checkout "Library/Homebrew/sorbet"
else else
git checkout --no-track -B "${BRANCH}" origin/master git checkout --no-track -B "${BRANCH}" origin/HEAD
fi fi
fi fi
@ -80,17 +81,17 @@ jobs:
then then
git add "Library/Homebrew/sorbet" git add "Library/Homebrew/sorbet"
git commit -m "sorbet: Update RBI files." \ git commit -m "sorbet: Update RBI files." \
-m "Autogenerated by the [sorbet](https://github.com/Homebrew/brew/blob/master/.github/workflows/sorbet.yml) workflow." -m "Autogenerated by the [sorbet](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/sorbet.yml) workflow."
if ! git diff --stat --exit-code "Library/Homebrew" if ! git diff --stat --exit-code "Library/Homebrew"
then then
git add "Library/Homebrew/" git add "Library/Homebrew/"
git commit -m "sorbet: Autobump sigils via Spoom" \ git commit -m "sorbet: Autobump sigils via Spoom" \
-m "Autogenerated by the [sorbet](https://github.com/Homebrew/brew/blob/master/.github/workflows/sorbet.yml) workflow." -m "Autogenerated by the [sorbet](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/sorbet.yml) workflow."
fi fi
echo "committed=true" >> "$GITHUB_OUTPUT" echo "committed=true" >> "$GITHUB_OUTPUT"
PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state")" PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state" || true)"
if [[ "${PULL_REQUEST_STATE}" != "OPEN" ]] if [[ "${PULL_REQUEST_STATE}" != "OPEN" ]]
then then
echo "pull_request=true" >> "$GITHUB_OUTPUT" echo "pull_request=true" >> "$GITHUB_OUTPUT"
@ -105,7 +106,7 @@ jobs:
directory: ${{ steps.set-up-homebrew.outputs.repository-path }} directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
branch: ${{ steps.update.outputs.branch }} branch: ${{ steps.update.outputs.branch }}
force: true force: true
origin_branch: "master" origin_branch: "HEAD"
- name: Open a pull request - name: Open a pull request
if: steps.commit.outputs.pull_request == 'true' if: steps.commit.outputs.pull_request == 'true'

10
.github/workflows/spdx.yml vendored
View File

@ -4,6 +4,7 @@ on:
paths: paths:
- .github/workflows/spdx.yml - .github/workflows/spdx.yml
branches-ignore: branches-ignore:
- main
- master - master
schedule: schedule:
- cron: "0 0 * * *" - cron: "0 0 * * *"
@ -55,15 +56,16 @@ jobs:
git checkout "${BRANCH}" git checkout "${BRANCH}"
git checkout "Library/Homebrew/data/spdx" git checkout "Library/Homebrew/data/spdx"
else else
git checkout --no-track -B "${BRANCH}" origin/master git checkout --no-track -B "${BRANCH}" origin/HEAD
fi fi
if brew update-license-data if brew update-license-data
then then
git add "Library/Homebrew/data/spdx" git add "Library/Homebrew/data/spdx"
git commit -m "spdx: update license data." -m "Autogenerated by [a scheduled GitHub Action](https://github.com/Homebrew/brew/blob/master/.github/workflows/spdx.yml)." git commit -m "spdx: update license data." -m "Autogenerated by [a scheduled GitHub Action](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/spdx.yml)."
echo "committed=true" >> "$GITHUB_OUTPUT" echo "committed=true" >> "$GITHUB_OUTPUT"
PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state")" PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state" || true)"
if [[ "${PULL_REQUEST_STATE}" != "OPEN" ]] if [[ "${PULL_REQUEST_STATE}" != "OPEN" ]]
then then
echo "pull_request=true" >> "$GITHUB_OUTPUT" echo "pull_request=true" >> "$GITHUB_OUTPUT"
@ -78,7 +80,7 @@ jobs:
directory: ${{ steps.set-up-homebrew.outputs.repository-path }} directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
branch: ${{ steps.update.outputs.branch }} branch: ${{ steps.update.outputs.branch }}
force: true force: true
origin_branch: "master" origin_branch: "HEAD"
- name: Open a pull request - name: Open a pull request
if: steps.update.outputs.pull_request == 'true' if: steps.update.outputs.pull_request == 'true'

7
.github/workflows/sponsors-maintainers-man-completions.yml vendored
View File

@ -3,6 +3,7 @@ name: Update sponsors, maintainers, manpage and completions
on: on:
push: push:
branches: branches:
- main
- master - master
paths: paths:
- .github/workflows/sponsors-maintainers-man-completions.yml - .github/workflows/sponsors-maintainers-man-completions.yml
@ -60,7 +61,7 @@ jobs:
run: | run: |
git fetch origin git fetch origin
if [[ -n "$GITHUB_REF_NAME" && "$GITHUB_REF_NAME" != "master" ]] if [[ -n "$GITHUB_REF_NAME" && "$GITHUB_REF_NAME" != "master" && "$GITHUB_REF_NAME" != "main" ]]
then then
BRANCH="$GITHUB_REF_NAME" BRANCH="$GITHUB_REF_NAME"
else else
@ -76,7 +77,7 @@ jobs:
"manpages/brew.1" \ "manpages/brew.1" \
"completions" "completions"
else else
git checkout --force --no-track -B "${BRANCH}" origin/master git checkout --force --no-track -B "${BRANCH}" origin/HEAD
fi fi
if brew update-sponsors if brew update-sponsors
@ -111,7 +112,7 @@ jobs:
if [[ -n "${COMMITTED-}" ]] if [[ -n "${COMMITTED-}" ]]
then then
echo "committed=true" >> "$GITHUB_OUTPUT" echo "committed=true" >> "$GITHUB_OUTPUT"
PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state")" PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state" || true)"
if [[ "${PULL_REQUEST_STATE}" != "OPEN" ]] if [[ "${PULL_REQUEST_STATE}" != "OPEN" ]]
then then
echo "pull_request=true" >> "$GITHUB_OUTPUT" echo "pull_request=true" >> "$GITHUB_OUTPUT"

3
.github/workflows/tests.yml vendored
View File

@ -3,6 +3,7 @@ name: CI
on: on:
push: push:
branches: branches:
- main
- master - master
pull_request: pull_request:
merge_group: merge_group:
@ -135,6 +136,7 @@ jobs:
if: github.repository_owner == 'Homebrew' && github.event_name != 'push' if: github.repository_owner == 'Homebrew' && github.event_name != 'push'
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
# TODO: switch to main when we're pushing those images
image: ghcr.io/homebrew/brew:master image: ghcr.io/homebrew/brew:master
steps: steps:
- name: Set up Homebrew - name: Set up Homebrew
@ -355,6 +357,7 @@ jobs:
container: ghcr.io/homebrew/ubuntu24.04:latest container: ghcr.io/homebrew/ubuntu24.04:latest
- name: test-bot (Linux x86_64) - name: test-bot (Linux x86_64)
runs-on: ubuntu-latest runs-on: ubuntu-latest
# TODO: switch to main when we've migrated to it
container: ghcr.io/homebrew/ubuntu22.04:master container: ghcr.io/homebrew/ubuntu22.04:master
# Use Debian Old Stable for testing Homebrew's glibc support. # Use Debian Old Stable for testing Homebrew's glibc support.
- name: test-bot (Linux Homebrew glibc) - name: test-bot (Linux Homebrew glibc)

1
.github/workflows/vendor-gems.yml vendored
View File

@ -9,6 +9,7 @@ on:
paths: paths:
- .github/workflows/vendor-gems.yml - .github/workflows/vendor-gems.yml
branches-ignore: branches-ignore:
- main
- master - master
workflow_dispatch: workflow_dispatch:
inputs: inputs: