mirrors/brew
1
0
Fork 0
mirror of https://github.com/Homebrew/brew.git synced 2025-07-14 16:09:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

Tweak GitHub Actions workflows

Browse Source 
- prepare to use `main` instead of `master`.
- use synced `actionlint.yml` to simplify Homebrew/.github sync logic.
- fix some broken workflow PR opening logic.
This commit is contained in:
Mike McQuaid 2025-06-11 16:15:40 +01:00
parent 8aeb93ec98
commit 7bd8642bfc
No known key found for this signature in database
10 changed files with 69 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
.github/workflows/actionlint.yml vendored
View File

@ -1,18 +1,19 @@
name: actionlint
# This file is synced from the `.github` repository, do not modify it directly.
name: Actionlint
on:
push:
branches:
- main
- master
paths:
- '.github/workflows/*.ya?ml'
- 'Formula/a/actionlint.rb'
- 'Formula/s/shellcheck.rb'
- 'Formula/z/zizmor.rb'
pull_request:
paths:
- '.github/workflows/*.ya?ml'
- '.github/actionlint.yaml'
env:
HOMEBREW_DEVELOPER: 1
HOMEBREW_NO_AUTO_UPDATE: 1
HOMEBREW_NO_ENV_HINTS: 1
defaults:
run:
@ -22,12 +23,19 @@ concurrency:
group: "actionlint-${{ github.ref }}"
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
env:
HOMEBREW_DEVELOPER: 1
HOMEBREW_NO_AUTO_UPDATE: 1
HOMEBREW_NO_ENV_HINTS: 1
permissions: {}
jobs:
workflow_syntax:
if: github.repository_owner == 'Homebrew'
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Set up Homebrew
id: setup-homebrew
@ -40,31 +48,34 @@ jobs:
- name: Install tools
run: brew install actionlint shellcheck zizmor
- name: Set up GITHUB_WORKSPACE
env:
HOMEBREW_REPOSITORY: ${{ steps.setup-homebrew.outputs.repository-path }}
run: |
# Annotations work only relative to GITHUB_WORKSPACE
(shopt -s dotglob; rm -rf "${GITHUB_WORKSPACE:?}"/*; mv "${HOMEBREW_REPOSITORY:?}"/* "$GITHUB_WORKSPACE")
rmdir "$HOMEBREW_REPOSITORY"
ln -vs "$GITHUB_WORKSPACE" "$HOMEBREW_REPOSITORY"
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
echo "::add-matcher::.github/actionlint-matcher.json"
- run: |
# NOTE: exit code intentionally suppressed here
zizmor --format sarif . > results.sarif || true
- run: zizmor --format sarif . > results.sarif
- name: Upload SARIF file
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
# We can't use the SARIF file when triggered by `merge_group` so we don't upload it.
if: always() && github.event_name != 'merge_group'
with:
name: results.sarif
path: results.sarif
- name: Set up actionlint
run: echo "::add-matcher::$(brew --repository)/.github/actionlint-matcher.json"
- run: actionlint
upload_sarif:
needs: workflow_syntax
# We want to always upload this even if `actionlint` failed.
# This is only available on public repositories.
if: >
always() &&
!contains(fromJSON('["cancelled", "skipped"]'), needs.workflow_syntax.result) &&
!github.event.repository.private &&
github.event_name != 'merge_group'
runs-on: ubuntu-latest
permissions:
contents: read

3
.github/workflows/codeql-analysis.yml vendored
View File

@ -3,10 +3,9 @@ name: "CodeQL"
on:
push:
branches:
- main
- master
pull_request:
branches:
- master
defaults:
run:

15
.github/workflows/docker.yml vendored
View File

@ -4,6 +4,7 @@ on:
pull_request:
push:
branches:
- main
- master
merge_group:
release:
@ -38,8 +39,8 @@ jobs:
fetch-depth: 0
persist-credentials: false
- name: Fetch origin/master from Git
run: git fetch origin master
- name: Fetch origin/HEAD from Git
run: git fetch origin HEAD
- name: Determine build attributes
id: attributes
@ -83,12 +84,16 @@ jobs:
)
fi
elif [[ "${GITHUB_EVENT_NAME}" == "push" &&
"${GITHUB_REF}" == "refs/heads/master" &&
("${GITHUB_REF}" == "refs/heads/master" || "${GITHUB_REF}" == "refs/heads/main") &&
"${version}" == "22.04" ]]; then
tags+=(
"ghcr.io/homebrew/brew:main"
"ghcr.io/homebrew/brew:master"
"ghcr.io/homebrew/ubuntu${version}:main"
"ghcr.io/homebrew/ubuntu${version}:master"
"homebrew/brew:main"
"homebrew/brew:master"
"homebrew/ubuntu${version}:main"
"homebrew/ubuntu${version}:master"
)
fi
@ -160,8 +165,8 @@ jobs:
fetch-depth: 0
persist-credentials: false
- name: Fetch origin/master from Git
run: git fetch origin master
- name: Fetch origin/HEAD from Git
run: git fetch origin HEAD
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0

1
.github/workflows/rubydoc.yml vendored
View File

@ -3,6 +3,7 @@ name: Ruby Documentation CI
on:
push:
branches:
- main
- master
pull_request:

10
.github/workflows/schemas.yml vendored
View File

@ -4,6 +4,7 @@ on:
paths:
- .github/workflows/schemas.yml
branches-ignore:
- main
- master
schedule:
- cron: "0 0 * * *"
@ -55,7 +56,7 @@ jobs:
git checkout "${BRANCH}"
git checkout "Library/Homebrew/data/schemas"
else
git checkout --no-track -B "${BRANCH}" origin/master
git checkout --no-track -B "${BRANCH}" origin/HEAD
fi
# Intentionally tracking 2.3.x to match what we output in sbom.rb. 3.0 also doesn't have a JSON Schema.
@ -67,9 +68,10 @@ jobs:
if ! git diff --exit-code Library/Homebrew/data/schemas
then
git add "Library/Homebrew/data/schemas"
git commit -m "data/schemas: update schema data." -m "Autogenerated by [a scheduled GitHub Action](https://github.com/Homebrew/brew/blob/master/.github/workflows/schemas.yml)."
git commit -m "data/schemas: update schema data." -m "Autogenerated by [a scheduled GitHub Action](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/schemas.yml)."
echo "committed=true" >> "$GITHUB_OUTPUT"
PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state")"
PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state" || true)"
if [[ "${PULL_REQUEST_STATE}" != "OPEN" ]]
then
echo "pull_request=true" >> "$GITHUB_OUTPUT"
@ -84,7 +86,7 @@ jobs:
directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
branch: ${{ steps.update.outputs.branch }}
force: true
origin_branch: "master"
origin_branch: "HEAD"
- name: Open a pull request
if: steps.update.outputs.pull_request == 'true'

11
.github/workflows/sorbet.yml vendored
View File

@ -10,6 +10,7 @@ on:
paths:
- .github/workflows/sorbet.yml
branches-ignore:
- main
- master
schedule:
- cron: "0 0 * * *"
@ -63,7 +64,7 @@ jobs:
git checkout "${BRANCH}"
git checkout "Library/Homebrew/sorbet"
else
git checkout --no-track -B "${BRANCH}" origin/master
git checkout --no-track -B "${BRANCH}" origin/HEAD
fi
fi
@ -80,17 +81,17 @@ jobs:
then
git add "Library/Homebrew/sorbet"
git commit -m "sorbet: Update RBI files." \
-m "Autogenerated by the [sorbet](https://github.com/Homebrew/brew/blob/master/.github/workflows/sorbet.yml) workflow."
-m "Autogenerated by the [sorbet](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/sorbet.yml) workflow."
if ! git diff --stat --exit-code "Library/Homebrew"
then
git add "Library/Homebrew/"
git commit -m "sorbet: Autobump sigils via Spoom" \
-m "Autogenerated by the [sorbet](https://github.com/Homebrew/brew/blob/master/.github/workflows/sorbet.yml) workflow."
-m "Autogenerated by the [sorbet](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/sorbet.yml) workflow."
fi
echo "committed=true" >> "$GITHUB_OUTPUT"
PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state")"
PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state" || true)"
if [[ "${PULL_REQUEST_STATE}" != "OPEN" ]]
then
echo "pull_request=true" >> "$GITHUB_OUTPUT"
@ -105,7 +106,7 @@ jobs:
directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
branch: ${{ steps.update.outputs.branch }}
force: true
origin_branch: "master"
origin_branch: "HEAD"
- name: Open a pull request
if: steps.commit.outputs.pull_request == 'true'

10
.github/workflows/spdx.yml vendored
View File

@ -4,6 +4,7 @@ on:
paths:
- .github/workflows/spdx.yml
branches-ignore:
- main
- master
schedule:
- cron: "0 0 * * *"
@ -55,15 +56,16 @@ jobs:
git checkout "${BRANCH}"
git checkout "Library/Homebrew/data/spdx"
else
git checkout --no-track -B "${BRANCH}" origin/master
git checkout --no-track -B "${BRANCH}" origin/HEAD
fi
if brew update-license-data
then
git add "Library/Homebrew/data/spdx"
git commit -m "spdx: update license data." -m "Autogenerated by [a scheduled GitHub Action](https://github.com/Homebrew/brew/blob/master/.github/workflows/spdx.yml)."
git commit -m "spdx: update license data." -m "Autogenerated by [a scheduled GitHub Action](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/spdx.yml)."
echo "committed=true" >> "$GITHUB_OUTPUT"
PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state")"
PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state" || true)"
if [[ "${PULL_REQUEST_STATE}" != "OPEN" ]]
then
echo "pull_request=true" >> "$GITHUB_OUTPUT"
@ -78,7 +80,7 @@ jobs:
directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
branch: ${{ steps.update.outputs.branch }}
force: true
origin_branch: "master"
origin_branch: "HEAD"
- name: Open a pull request
if: steps.update.outputs.pull_request == 'true'

7
.github/workflows/sponsors-maintainers-man-completions.yml vendored
View File

@ -3,6 +3,7 @@ name: Update sponsors, maintainers, manpage and completions
on:
push:
branches:
- main
- master
paths:
- .github/workflows/sponsors-maintainers-man-completions.yml
@ -60,7 +61,7 @@ jobs:
run: |
git fetch origin
if [[ -n "$GITHUB_REF_NAME" && "$GITHUB_REF_NAME" != "master" ]]
if [[ -n "$GITHUB_REF_NAME" && "$GITHUB_REF_NAME" != "master" && "$GITHUB_REF_NAME" != "main" ]]
then
BRANCH="$GITHUB_REF_NAME"
else
@ -76,7 +77,7 @@ jobs:
"manpages/brew.1" \
"completions"
else
git checkout --force --no-track -B "${BRANCH}" origin/master
git checkout --force --no-track -B "${BRANCH}" origin/HEAD
fi
if brew update-sponsors
@ -111,7 +112,7 @@ jobs:
if [[ -n "${COMMITTED-}" ]]
then
echo "committed=true" >> "$GITHUB_OUTPUT"
PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state")"
PULL_REQUEST_STATE="$(gh pr view --json=state | jq -r ".state" || true)"
if [[ "${PULL_REQUEST_STATE}" != "OPEN" ]]
then
echo "pull_request=true" >> "$GITHUB_OUTPUT"

3
.github/workflows/tests.yml vendored
View File

@ -3,6 +3,7 @@ name: CI
on:
push:
branches:
- main
- master
pull_request:
merge_group:
@ -135,6 +136,7 @@ jobs:
if: github.repository_owner == 'Homebrew' && github.event_name != 'push'
runs-on: ubuntu-latest
container:
# TODO: switch to main when we're pushing those images
image: ghcr.io/homebrew/brew:master
steps:
- name: Set up Homebrew
@ -355,6 +357,7 @@ jobs:
container: ghcr.io/homebrew/ubuntu24.04:latest
- name: test-bot (Linux x86_64)
runs-on: ubuntu-latest
# TODO: switch to main when we've migrated to it
container: ghcr.io/homebrew/ubuntu22.04:master
# Use Debian Old Stable for testing Homebrew's glibc support.
- name: test-bot (Linux Homebrew glibc)

1
.github/workflows/vendor-gems.yml vendored
View File

@ -9,6 +9,7 @@ on:
paths:
- .github/workflows/vendor-gems.yml
branches-ignore:
- main
- master
workflow_dispatch:
inputs: