From 1c809689b4ccf6a5f0cdb237ef8a00702e3e2af7 Mon Sep 17 00:00:00 2001 From: Jacob Heider Date: Sat, 25 Feb 2023 03:05:09 -0500 Subject: [PATCH] Fix bottle.yml (#403) * fix(bottle.yml) * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * use @main action definition --- .github/actions/bottle/action.yml | 19 +++++++++++++++---- .github/actions/setup-brewkit/action.yml | 4 ++-- .github/actions/upload/action.yml | 21 +++++++++++++-------- .github/actions/upload/upload.ts | 1 + .github/scripts/utils/gha.ts | 10 +++++++--- .github/workflows/bottle.yml | 22 +++++++++++++++------- .github/workflows/complain.yml | 3 +++ 7 files changed, 56 insertions(+), 24 deletions(-) diff --git a/.github/actions/bottle/action.yml b/.github/actions/bottle/action.yml index a405f3a6..e18aaf5f 100644 --- a/.github/actions/bottle/action.yml +++ b/.github/actions/bottle/action.yml @@ -3,22 +3,33 @@ description: internal tea.xyz specific at this time inputs: gpg-key-id: - description: '' + description: gpg key id required: true gpg-key-passphrase: - description: '' + description: gpg key passphrase required: true built: - description: '' + description: packages to bottle required: true compression: - description: '' + description: compression to use (gz or xz) required: true +outputs: + bottles: + description: bottle files + value: ${{ steps.bottle.outputs.bottles }} + checksums: + description: checksum files + value: ${{ steps.bottle.outputs.checksums }} + signatures: + description: signature files + value: ${{ steps.bottle.outputs.signatures }} runs: using: composite steps: - run: ${{ github.action_path }}/bottle.ts ${{ inputs.built }} + id: bottle shell: sh env: COMPRESSION: ${{ inputs.compression }} diff --git a/.github/actions/setup-brewkit/action.yml b/.github/actions/setup-brewkit/action.yml index a66571ab..a837af4c 100644 --- a/.github/actions/setup-brewkit/action.yml +++ b/.github/actions/setup-brewkit/action.yml @@ -33,7 +33,7 @@ runs: cache-name: setup - run: | - # if test -d "{{ github.workspace }}"/projects; then + if test -d "{{ github.workspace }}"/projects; then echo "TEA_PANTRY_PATH=${{ github.workspace }}" >> $GITHUB_ENV - # fi + fi shell: sh diff --git a/.github/actions/upload/action.yml b/.github/actions/upload/action.yml index 9022fbfe..fd776bf2 100644 --- a/.github/actions/upload/action.yml +++ b/.github/actions/upload/action.yml @@ -3,29 +3,33 @@ description: internal tea.xyz specific at this time inputs: pkgs: - description: '' + description: packages to upload required: true srcs: - description: '' + description: source tarballs required: true bottles: - description: '' + description: bottles required: true checksums: - description: '' + description: checksums required: true signatures: - description: '' + description: signature files required: true AWS_S3_BUCKET: - description: '' + description: AWS S3 bucket required: true AWS_ACCESS_KEY_ID: - description: '' + description: AWS access key ID required: true AWS_SECRET_ACCESS_KEY: - description: '' + description: AWS secret access key required: true +outputs: + cf-invalidation-paths: + description: CloudFront invalidation paths + value: ${{ steps.upload.outputs.cf-invalidation-paths }} runs: using: composite @@ -41,6 +45,7 @@ runs: --checksums ${{ inputs.checksums }} --signatures ${{ inputs.signatures }} shell: sh + id: upload env: AWS_S3_BUCKET: ${{ inputs.AWS_S3_BUCKET }} AWS_ACCESS_KEY_ID: ${{ inputs.AWS_ACCESS_KEY_ID }} diff --git a/.github/actions/upload/upload.ts b/.github/actions/upload/upload.ts index d5f586ec..05c1b5e6 100755 --- a/.github/actions/upload/upload.ts +++ b/.github/actions/upload/upload.ts @@ -7,6 +7,7 @@ args: - --allow-net - --allow-read - --allow-env + - --allow-write ---*/ import { S3, S3Bucket } from "s3" diff --git a/.github/scripts/utils/gha.ts b/.github/scripts/utils/gha.ts index e5b22c13..591e386b 100644 --- a/.github/scripts/utils/gha.ts +++ b/.github/scripts/utils/gha.ts @@ -1,10 +1,14 @@ const e = new TextEncoder() const encode = e.encode.bind(e) -export function set_output(name: string, arr: T[], separator = " ") { +export async function set_output(name: string, arr: T[], separator = " ") { const value = arr.map(escape).join(separator) - const txt = `::set-output name=${name}::${value}` - return Deno.stdout.write(encode(`${txt}\n`)) + const txt = `${name}=${value}` + const outfile = Deno.env.get("GITHUB_OUTPUT") + if (outfile) { + await Deno.writeTextFile(outfile, `${name}=${value}\n`, { append: true}) + } + return await Deno.stdout.write(encode(`${txt}\n`)) } //TODO HTML escapes probs diff --git a/.github/workflows/bottle.yml b/.github/workflows/bottle.yml index ea7e1401..950783b0 100644 --- a/.github/workflows/bottle.yml +++ b/.github/workflows/bottle.yml @@ -36,6 +36,7 @@ jobs: pr: ${{ env.PR }} steps: - uses: teaxyz/pantry.core/.github/actions/setup-brewkit@main + id: tea - uses: actions/download-artifact@v3 if: ${{ inputs.new-version }} @@ -50,19 +51,20 @@ jobs: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - - run: tar xzvf artifacts.tgz + - run: tar xzvf $GITHUB_WORKSPACE/artifacts.tgz + working-directory: ${{ steps.tea.outputs.prefix }} - run: | for file in built srcs; do echo "$file=$(cat $file)" >>$GITHUB_ENV done + working-directory: ${{ steps.tea.outputs.prefix }} - run: | - source <(tea --sync --magic=bash --silent) - gpg-agent --daemon || true + tea +gnupg.org gpg-agent --daemon || true echo $GPG_PRIVATE_KEY | \ base64 -d | \ - gpg --import --batch --yes + tea +gnupg.org gpg --import --batch --yes env: GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} @@ -70,7 +72,7 @@ jobs: id: bottle-xz with: built: ${{ env.built }} - compresson: xz + compression: xz gpg-key-id: ${{ secrets.GPG_KEY_ID }} gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }} @@ -78,7 +80,7 @@ jobs: id: bottle-gz with: built: ${{ env.built }} - compresson: gz + compression: gz gpg-key-id: ${{ secrets.GPG_KEY_ID }} gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }} @@ -89,11 +91,12 @@ jobs: SRCS=$(echo $srcs | tr -d '~') - tar cf artifacts.tar \ + tar cf $GITHUB_WORKSPACE/artifacts.tar \ $SRCS \ ${{ steps.bottle-gz.outputs.bottles }} \ ${{ steps.bottle-xz.outputs.bottles }} \ bottles checksums signatures + working-directory: ${{ steps.tea.outputs.prefix }} - name: upload artifacts uses: actions/upload-artifact@v3 @@ -106,6 +109,10 @@ jobs: needs: [bottle] runs-on: ubuntu-latest steps: + - uses: teaxyz/pantry.core/.github/actions/setup-brewkit@main + with: + prefix: ${{ github.workspace }} + - uses: actions/download-artifact@v3 with: name: ${{ inputs.platform }}-bottles @@ -118,6 +125,7 @@ jobs: done - uses: teaxyz/pantry.core/.github/actions/upload@main + id: upload with: pkgs: ${{ needs.bottle.outputs.built }} ${{ needs.bottle.outputs.built }} srcs: ${{ needs.bottle.outputs.srcs }} ${{ needs.bottle.outputs.srcs }} diff --git a/.github/workflows/complain.yml b/.github/workflows/complain.yml index 3caa57ae..ef9100c9 100644 --- a/.github/workflows/complain.yml +++ b/.github/workflows/complain.yml @@ -19,6 +19,7 @@ jobs: steps: - uses: martialonline/workflow-status@v3 id: status + - uses: rtCamp/action-slack-notify@v2 if: ${{ env.SLACK_WEBHOOK != '' }} env: @@ -26,8 +27,10 @@ jobs: SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} SLACK_MESSAGE: new-version:${{ inputs.projects }} (${{ inputs.platform }}) ${{ steps.status.outputs.status }} SLACK_COLOR: ${{ steps.status.outputs.status }} + - uses: actions/checkout@v3 if: github.ref_name == 'main' + - uses: JasonEtco/create-an-issue@v2 if: github.ref_name == 'main' with: