Rebuild bottles of ca-certificates #636
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Dispatch rebottle (for all currently bottled OS versions) | |
run-name: Rebuild bottles of ${{ inputs.formula }} | |
on: | |
workflow_dispatch: | |
inputs: | |
formula: | |
description: Formula name | |
required: true | |
timeout: | |
description: "Build timeout (in minutes, default: 60 minutes)" | |
default: "60" | |
required: false | |
issue: | |
description: Issue number, where comment on failure would be posted | |
required: false | |
upload: | |
description: "Upload built bottles? (default: false)" | |
type: boolean | |
default: false | |
required: false | |
fail-fast: | |
description: "Fail immediately on a single OS version failure? (default: true)" | |
type: boolean | |
default: true | |
required: false | |
# Intentionally the same as dispatch-build-bottle | |
concurrency: bottle-${{ github.event.inputs.formula }} | |
permissions: | |
contents: read | |
env: | |
HOMEBREW_DEVELOPER: 1 | |
HOMEBREW_GITHUB_ACTIONS: 1 | |
HOMEBREW_NO_AUTO_UPDATE: 1 | |
HOMEBREW_NO_INSTALL_FROM_API: 1 | |
RUN_URL: ${{github.event.repository.html_url}}/actions/runs/${{github.run_id}} | |
jobs: | |
setup: | |
runs-on: ubuntu-22.04 | |
container: | |
image: ghcr.io/homebrew/ubuntu22.04:master | |
outputs: | |
runners: ${{steps.determine-runners.outputs.runners}} | |
steps: | |
- name: Set up Homebrew | |
id: set-up-homebrew | |
uses: Homebrew/actions/setup-homebrew@master | |
with: | |
core: true | |
cask: false | |
test-bot: false | |
- name: Determine runners | |
id: determine-runners | |
run: brew determine-rebottle-runners "${{inputs.formula}}" "${{inputs.timeout}}" | |
bottle: | |
permissions: | |
contents: read | |
needs: setup | |
strategy: | |
matrix: | |
include: ${{fromJson(needs.setup.outputs.runners)}} | |
fail-fast: ${{inputs.fail-fast}} | |
runs-on: ${{matrix.runner}} | |
container: ${{matrix.container}} | |
timeout-minutes: ${{fromJson(inputs.timeout)}} | |
defaults: | |
run: | |
shell: /bin/bash -e {0} | |
working-directory: ${{matrix.workdir || github.workspace}} | |
env: | |
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
BOTTLES_DIR: ${{ matrix.workdir || github.workspace }}/bottles | |
steps: | |
- name: ${{inputs.formula}} | |
id: print_details | |
run: | | |
echo sender='${{github.event.sender.login}}' | |
echo formula='${{inputs.formula}}' | |
echo timeout='${{inputs.timeout}}' | |
echo issue='${{inputs.issue}}' | |
echo upload='${{inputs.upload}}' | |
- name: Pre-test steps | |
uses: Homebrew/actions/pre-build@master | |
with: | |
bottles-directory: ${{ env.BOTTLES_DIR }} | |
- run: brew test-bot --only-formulae --only-json-tab --skip-online-checks --skip-dependents '${{inputs.formula}}' | |
working-directory: ${{ env.BOTTLES_DIR }} | |
env: | |
HOMEBREW_GITHUB_API_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
- name: Post-build steps | |
if: always() | |
uses: Homebrew/actions/post-build@master | |
with: | |
runner: ${{ matrix.runner }} | |
bottles-directory: ${{ env.BOTTLES_DIR }} | |
logs-directory: ${{ env.BOTTLES_DIR }}/logs | |
upload: | |
permissions: | |
issues: write # for Homebrew/actions/post-comment | |
contents: write # for Homebrew/actions/git-try-push | |
packages: write # for brew pr-upload | |
pull-requests: write # for gh pr | |
runs-on: ubuntu-22.04 | |
needs: bottle | |
if: inputs.upload | |
container: | |
image: ghcr.io/homebrew/ubuntu22.04:master | |
defaults: | |
run: | |
shell: bash | |
env: | |
HOMEBREW_SIMULATE_MACOS_ON_LINUX: 1 | |
GH_REPO: ${{github.repository}} | |
GH_NO_UPDATE_NOTIFIER: 1 | |
GH_PROMPT_DISABLED: 1 | |
BOTTLE_BRANCH: ${{github.actor}}/dispatch/${{inputs.formula}}/${{github.run_id}} | |
steps: | |
- name: Set up Homebrew | |
id: set-up-homebrew | |
uses: Homebrew/actions/setup-homebrew@master | |
with: | |
core: true | |
cask: false | |
test-bot: false | |
- name: Download bottles from GitHub Actions | |
uses: actions/download-artifact@main | |
with: | |
name: bottles | |
path: ~/bottles/ | |
- name: Setup git | |
id: git-user-config | |
uses: Homebrew/actions/git-user-config@master | |
with: | |
username: ${{ (github.actor != 'github-actions[bot]' && github.actor) || 'BrewTestBot' }} | |
- name: Set up commit signing | |
uses: Homebrew/actions/setup-commit-signing@master | |
with: | |
signing_key: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY }} | |
- name: Checkout branch for bottle commit | |
working-directory: ${{steps.set-up-homebrew.outputs.repository-path}} | |
run: git checkout -b "$BOTTLE_BRANCH" origin/master | |
- name: Upload bottles to GitHub Packages | |
env: | |
HOMEBREW_GITHUB_PACKAGES_USER: brewtestbot | |
HOMEBREW_GITHUB_PACKAGES_TOKEN: ${{secrets.HOMEBREW_CORE_GITHUB_PACKAGES_TOKEN}} | |
HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} | |
BREWTESTBOT_NAME_EMAIL: "BrewTestBot <[email protected]>" | |
run: | | |
cd ~/bottles | |
brew pr-upload --verbose --committer="$BREWTESTBOT_NAME_EMAIL" --root-url="https://ghcr.io/v2/homebrew/core" --debug | |
- name: Push commits | |
uses: Homebrew/actions/git-try-push@master | |
with: | |
token: ${{secrets.GITHUB_TOKEN}} | |
directory: ${{steps.set-up-homebrew.outputs.repository-path}} | |
branch: ${{env.BOTTLE_BRANCH}} | |
env: | |
GIT_COMMITTER_NAME: BrewTestBot | |
GIT_COMMITTER_EMAIL: [email protected] | |
HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} | |
- name: Open PR with bottle commit | |
id: create-pr | |
working-directory: ${{steps.set-up-homebrew.outputs.repository-path}} | |
env: | |
GH_TOKEN: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} | |
run: | | |
gh pr create \ | |
--base "$GITHUB_REF" \ | |
--body "Created by [\`dispatch-rebottle.yml\`]($RUN_URL)" \ | |
--title "$(git log -1 --format='%s' "$BOTTLE_BRANCH")" \ | |
--head "$BOTTLE_BRANCH" \ | |
--reviewer '${{github.actor}}' | |
pull_number="$(gh pr list --head "$BOTTLE_BRANCH" --limit 1 --json number --jq '.[].number')" | |
echo "pull_number=$pull_number" >> "$GITHUB_OUTPUT" | |
echo "head_sha=$(git rev-parse HEAD)" >> "$GITHUB_OUTPUT" | |
# There is a GitHub bug where labels are not properly recognised by workflows | |
# when added by `gh pr create`. We use the CI-published-bottle-commits label in | |
# the `formulae_detect` step in `tests.yml`, so let's add the label separately | |
# to avoid the bug. | |
- name: Label PR | |
env: | |
GH_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
PR: ${{steps.create-pr.outputs.pull_number}} | |
run: gh pr edit --add-label CI-published-bottle-commits "$PR" | |
- name: Enable automerge | |
run: gh pr merge --auto --merge --delete-branch --match-head-commit "$SHA" "$PR" | |
env: | |
GH_TOKEN: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} | |
PR: ${{steps.create-pr.outputs.pull_number}} | |
SHA: ${{steps.create-pr.outputs.head_sha}} | |
- name: Approve PR | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
PR: ${{ steps.create-pr.outputs.pull_number }} | |
run: gh pr review --approve "$PR" | |
comment: | |
permissions: | |
issues: write # for Homebrew/actions/post-comment | |
pull-requests: write # for Homebrew/actions/post-comment | |
needs: [bottle, upload] | |
if: failure() && inputs.issue > 0 | |
runs-on: ubuntu-latest | |
steps: | |
- name: Post comment on failure | |
uses: Homebrew/actions/post-comment@master | |
with: | |
token: ${{secrets.GITHUB_TOKEN}} | |
issue: ${{inputs.issue}} | |
body: ":x: @${{github.actor}} bottle request for ${{inputs.formula}} [failed](${{env.RUN_URL}})." | |
bot_body: ":x: Bottle request for ${{inputs.formula}} [failed](${{env.RUN_URL}})." | |
bot: BrewTestBot |