Skip to content
Back to pull request #16633

Improved the GitHub link that is generated when the required scope of the token has mismatched with the present scope #14264

Sign in to view logs

Improved the GitHub link that is generated when the required scope of the token has mismatched with the present scope

Improved the GitHub link that is generated when the required scope of the token has mismatched with the present scope #14264

Workflow file for this run

.github/workflows/vendor-gems.yml at 94afce5
name: Vendor Gems
on:
pull_request:
paths:
- Library/Homebrew/dev-cmd/vendor-gems.rb
- Library/Homebrew/Gemfile*
push:
paths:
- .github/workflows/vendor-gems.yml
branches-ignore:
- master
pull_request_target:
workflow_dispatch:
inputs:
pull_request:
description: Pull request number
required: true
permissions:
contents: read
pull-requests: read
jobs:
vendor-gems:
if: >
github.repository_owner == 'Homebrew' && (
github.event_name == 'workflow_dispatch' ||
github.event_name == 'pull_request' ||
github.event_name == 'push' || (
github.event.pull_request.user.login == 'dependabot[bot]' &&
contains(github.event.pull_request.title, '/Library/Homebrew')
)
)
runs-on: macos-14
steps:
- name: Set up Homebrew
id: set-up-homebrew
uses: Homebrew/actions/setup-homebrew@master
with:
core: false
cask: false
test-bot: false
- name: Configure Git user
if: github.event_name == 'pull_request_target' || github.event_name == 'workflow_dispatch'
uses: Homebrew/actions/git-user-config@master
with:
username: BrewTestBot
- name: Set up commit signing
if: github.event_name == 'pull_request_target' || github.event_name == 'workflow_dispatch'
uses: Homebrew/actions/setup-commit-signing@master
with:
signing_key: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY }}
- name: Check out pull request
id: checkout
if: github.event_name == 'pull_request_target' || github.event_name == 'workflow_dispatch'
run: |
gh pr checkout '${{ github.event.pull_request.number || github.event.inputs.pull_request }}'
branch="$(git branch --show-current)"
echo "branch=${branch}" >> "$GITHUB_OUTPUT"
gem_name="$(echo "${branch}" | sed -E 's|.*/||;s|(.*)-.*$|\1|')"
echo "gem_name=${gem_name}" >> "$GITHUB_OUTPUT"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
- name: Vendor Gems
env:
HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }}
run: |
if [[ "${GITHUB_EVENT_NAME}" == "pull_request_target" || "${GITHUB_EVENT_NAME}" == "workflow_dispatch" ]]
then
brew vendor-gems --non-bundler-gems
else
brew vendor-gems --non-bundler-gems --no-commit
fi
- name: Update RBI files
run: brew typecheck --update
- name: Commit RBI changes
if: github.event_name == 'pull_request_target' || github.event_name == 'workflow_dispatch'
env:
GEM_NAME: ${{ steps.checkout.outputs.gem_name }}
HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }}
working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
run: |
if ! git diff --stat --exit-code "Library/Homebrew/sorbet"
then
git add "Library/Homebrew/sorbet"
git commit -m "Update RBI files for ${GEM_NAME}." \
-m "Autogenerated by the [vendor-gems](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/vendor-gems.yml) workflow."
fi
- name: Generate push token
uses: actions/create-github-app-token@v1
id: app-token
if: github.event_name == 'pull_request_target' || github.event_name == 'workflow_dispatch'
with:
app-id: ${{ vars.BREW_COMMIT_APP_ID }}
private-key: ${{ secrets.BREW_COMMIT_APP_KEY }}
- name: Push to pull request
if: github.event_name == 'pull_request_target' || github.event_name == 'workflow_dispatch'
uses: Homebrew/actions/git-try-push@master
with:
token: ${{ steps.app-token.outputs.token }}
directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
branch: ${{ steps.checkout.outputs.branch }}
force: true