fix ci/cd

This commit is contained in:
Max Howell 2023-02-11 09:59:00 -05:00
parent 42b5d93576
commit 4528fa0d7d
No known key found for this signature in database
GPG key ID: 741BB84EF5BB9EEC
16 changed files with 47 additions and 52 deletions

View file

@ -38,9 +38,6 @@ jobs:
bottle:
needs: [get-platform]
runs-on: ${{ fromJson(needs.get-platform.outputs.os) }}
defaults:
run:
working-directory: tea.xyz/var/pantry
outputs:
srcs: ${{ env.srcs }}
built: ${{ env.built }}
@ -49,12 +46,13 @@ jobs:
- uses: teaxyz/setup@v0
id: tea
with:
srcroot: tea.xyz/var/pantry
srcroot: null
prefix: ${{ github.workspace }}
- uses: actions/cache@v3
with:
path: ${{ needs.get-platform.outputs.cache-set }}
key: ${{ runner.os }}-deno-bottle-${{ hashFiles('.tea/tea.xyz/var/pantry/deno.jsonc')}}
key: ${{ runner.os }}-deno-bottle-${{ hashFiles('tea.xyz/var/pantry/deno.jsonc')}}
- name: configure scripts PATH
run: echo "$TEA_PREFIX/tea.xyz/var/pantry/scripts" >> $GITHUB_PATH
@ -63,7 +61,6 @@ jobs:
if: ${{ inputs.new-version }}
with:
name: ${{ inputs.platform }}
path: tea.xyz/var/pantry
- run: fetch-pr-artifacts.ts ${{ github.repository }} ${{ github.sha }} ${{ inputs.platform }} >>$GITHUB_ENV
if: ${{ !inputs.new-version }}
@ -73,13 +70,12 @@ jobs:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- run: tar xzf artifacts.tgz -C ${{ steps.tea.outputs.prefix }}
- run: tar xzvf artifacts.tgz
- run: |
for file in built relative-paths srcs; do
echo "$file=$(cat $file)" >>$GITHUB_ENV
done
working-directory: ${{ steps.tea.outputs.prefix }}
# the next three steps bless our code for Apple. It might be the case they should be
# encapulated separately.
@ -102,7 +98,6 @@ jobs:
xargs -0 codesign -s "Developer ID Application: Tea Inc. (7WV56FL599)" --force -v --deep --timestamp --preserve-metadata=entitlements -o runtime || true
codesign -s "Developer ID Application: Tea Inc. (7WV56FL599)" -v --force --deep --timestamp --preserve-metadata=entitlements -o runtime /opt/$PKG/bin/* || true
done
working-directory: ${{ steps.tea.outputs.prefix }}
# This isn't very informative, but even a no-op is safer than none
- name: Check codesigning
@ -113,7 +108,6 @@ jobs:
codesign -vvv --deep --strict "$SIG"
done
done
working-directory: ${{ steps.tea.outputs.prefix }}
# Needed for self-hosted runner, since it doesn't destroy itself automatically.
- name: Delete keychain
@ -149,14 +143,12 @@ jobs:
SRCS=$(echo $srcs | tr -d '~')
tar cf $GITHUB_WORKSPACE/artifacts.tar \
tar cf artifacts.tar \
$SRCS \
${{ steps.bottle-gz.outputs.bottles }} \
${{ steps.bottle-xz.outputs.bottles }} \
bottles checksums signatures
working-directory: ${{ steps.tea.outputs.prefix }}
- name: upload artifacts
uses: actions/upload-artifact@v3
with:
@ -167,35 +159,31 @@ jobs:
upload:
needs: [bottle]
runs-on: ubuntu-latest
defaults:
run:
working-directory: tea.xyz/var/pantry
steps:
- uses: teaxyz/setup@v0
id: tea
with:
srcroot: tea.xyz/var/pantry
prefix: ${{ github.workspace }}
srcroot: null
prefix: ${{ github.workspace }}
- name: configure scripts PATH
run: echo "${{ steps.tea.outputs.prefix }}/tea.xyz/var/pantry/scripts" >> $GITHUB_PATH
- uses: actions/cache@v3
with:
path: $HOME/.cache/deno
key: ${{ runner.os }}-deno-bottle-${{ hashFiles('.tea/tea.xyz/var/pantry/deno.jsonc')}}
key: ${{ runner.os }}-deno-bottle-${{ hashFiles('tea.xyz/var/pantry/deno.jsonc')}}
- uses: actions/download-artifact@v3
with:
name: ${{ inputs.platform }}-bottles
- run: |
tar xvf $GITHUB_WORKSPACE/artifacts.tar
tar xvf artifacts.tar
for file in bottles checksums signatures; do
echo "$file=$(cat $file)" >>$GITHUB_ENV
done
working-directory: ${{ steps.tea.outputs.prefix }}
- name: configure scripts PATH
run: echo "$TEA_PREFIX/tea.xyz/var/pantry/scripts" >> $GITHUB_PATH
- name: upload bottles
id: upload

View file

@ -48,9 +48,11 @@ jobs:
with:
path: ${{ needs.get-platform.outputs.cache-set }}
key: ${{ runner.os }}-deno-build-${{ hashFiles('deno.jsonc')}}
- uses: teaxyz/setup@v0
id: tea
with:
srcroot: null
prefix: /opt
- name: sanitize macOS runners
@ -68,10 +70,6 @@ jobs:
GITHUB_TOKEN: ${{ github.token }}
FORCE_UNSAFE_CONFIGURE: 1 # some configure scripts refuse to run as root
- name: delete `.la` files
run: find . -name '*.la' -delete
working-directory: ${{ steps.tea.outputs.prefix }}
# cache data we'll need in the bottling job
- name: assemble artifact metadata
run: |
@ -84,7 +82,7 @@ jobs:
# /ref https://github.com/actions/upload-artifact/issues/38
- name: create artifacts.tgz
run:
tar czf $GITHUB_WORKSPACE/artifacts.tgz
tar czvf $GITHUB_WORKSPACE/artifacts.tgz
${{ steps.build.outputs.relative-paths }}
${{ steps.build.outputs.srcs-relative-paths }}
built relative-paths srcs

View file

@ -1,11 +1,11 @@
name: cd
on:
push:
branches:
- main
branches: [main]
jobs:
cd:
cd: # job is named poorly, all I can tell you about it is: its *not* CD
runs-on: ubuntu-latest
outputs:
HAS_ARTIFACTS: ${{ env.HAS_ARTIFACTS }}
@ -16,11 +16,11 @@ jobs:
path: $HOME/.cache/deno
key: ${{ runner.os }}-deno-cd-${{ hashFiles('deno.jsonc')}}
- uses: teaxyz/setup@v0
- run: ./scripts/map-projects-to-githubs.ts
- run: scripts/map-projects-to-githubs.ts
env:
WATCHER_URL: ${{ secrets.WATCHER_URL }}
TEA_API_TOKEN: ${{ secrets.TEA_API_TOKEN }}
- run: ./scripts/has-artifacts.ts ${{ github.repository }} ${{ github.sha }} >>$GITHUB_ENV
- run: scripts/has-artifacts.ts ${{ github.repository }} ${{ github.sha }} >>$GITHUB_ENV
env:
GITHUB_TOKEN: ${{github.token}}
AWS_S3_CACHE: ${{ secrets.AWS_S3_CACHE }}
@ -42,6 +42,7 @@ jobs:
with:
platform: ${{ matrix.platform }}
secrets: inherit
cleanup:
needs: [bottle-pr]
runs-on: ubuntu-latest
@ -67,6 +68,7 @@ jobs:
env:
AWS_S3_CACHE: ${{ secrets.AWS_S3_CACHE }}
PR: ${{ needs.bottle.outputs.pr }}
bottle-standalone:
runs-on: ubuntu-latest
needs: [cd]
@ -74,9 +76,13 @@ jobs:
steps:
- uses: actions/checkout@v3
- uses: technote-space/get-diff-action@v6
id: diff
id: get-diff
with:
PATTERNS: projects/**/package.yml
- id: diff
run: |
RESULT=$(echo ${{ steps.get-diff.outputs.diff }} | sed 's#projects/\(.*\)/.*#\1#')
echo "diff=$RESULT" >> $GITHUB_OUTPUT
- run: gh workflow run new-version.yml -R teaxyz/pantry.core -f "projects=$PROJECTS"
if: ${{ steps.diff.outputs.diff != '' }}
env:

View file

@ -1,4 +1,4 @@
name: ci-scripts
name: ci·scripts
on:
pull_request:

View file

@ -1,4 +1,5 @@
name: ci
on: pull_request
jobs:

View file

@ -25,5 +25,5 @@
"TEA_PREFIX": "{{srcroot}}/tea.out"
}
},
"importMap": "https://raw.githubusercontent.com/teaxyz/cli/v0.22/import-map.json"
"importMap": "https://raw.githubusercontent.com/teaxyz/cli/v0.23/import-map.json"
}

View file

@ -12,9 +12,13 @@ dependencies:
build: |
mkdir -p {{prefix}}
rm -rf {{prefix}}/* # because our build infra uses this pkg to build itself
mv bin libexec share deno.* {{prefix}}
test:
test zlib.net
# we would like to test builds but we need a `GITHUB_TOKEN` and
# currently that is not possible
dependencies:
zlib.net: '*'
script:
test zlib.net
# we would like to test builds but we need a `GITHUB_TOKEN` and
# (currently) we cant figure out how to set that up in CI/CD

View file

@ -1,9 +1,7 @@
distributable:
url: https://github.com/teaxyz/cli/releases/download/v{{ version }}/tea-{{ version }}.tar.xz
strip-components: 2
#FIXME I have no idea why we must strip TWO components
# when I manually extract the tarball it only has one but if we specify 1
# both here and manually it has that same component *still*
strip-components: 1
# NOTE for pre v0.23 is strip-components: 2
versions:
github: teaxyz/cli

View file

@ -1,4 +1,4 @@
#!/usr/bin/env -S tea -E
#!/usr/bin/env tea
/* ---
dependencies:

View file

@ -1,4 +1,4 @@
#!/usr/bin/env -S tea -E
#!/usr/bin/env tea
/*---
args:

View file

@ -1,4 +1,4 @@
#!/usr/bin/env -S tea -E
#!/usr/bin/env tea
/*---
args:

View file

@ -1,4 +1,4 @@
#!/usr/bin/env -S tea -E
#!/usr/bin/env tea
/*---
args:

View file

@ -1,4 +1,4 @@
#!/usr/bin/env -S tea -E
#!/usr/bin/env tea
/*---
args:

View file

@ -1,4 +1,4 @@
#!/usr/bin/env -S tea -E
#!/usr/bin/env tea
/*---
args:

View file

@ -1,4 +1,4 @@
#!/usr/bin/env -S tea -E
#!/usr/bin/env tea
/*---
args:

View file

@ -1,4 +1,4 @@
#!/usr/bin/env -S tea -E
#!/usr/bin/env tea
/*---
args: