fix ci/cd

.github/workflows/bottle.yml

@@ -38,9 +38,6 @@ jobs:
   bottle:
     needs: [get-platform]
     runs-on: ${{ fromJson(needs.get-platform.outputs.os) }}
-    defaults:
-      run:
-        working-directory: tea.xyz/var/pantry
     outputs:
       srcs: ${{ env.srcs }}
       built: ${{ env.built }}
@@ -49,12 +46,13 @@ jobs:
       - uses: teaxyz/setup@v0
         id: tea
         with:
-          srcroot: tea.xyz/var/pantry
+          srcroot: null
           prefix: ${{ github.workspace }}
+
       - uses: actions/cache@v3
         with:
           path: ${{ needs.get-platform.outputs.cache-set }}
-          key: ${{ runner.os }}-deno-bottle-${{ hashFiles('.tea/tea.xyz/var/pantry/deno.jsonc')}}
+          key: ${{ runner.os }}-deno-bottle-${{ hashFiles('tea.xyz/var/pantry/deno.jsonc')}}
 
       - name: configure scripts PATH
         run: echo "$TEA_PREFIX/tea.xyz/var/pantry/scripts" >> $GITHUB_PATH
@@ -63,7 +61,6 @@ jobs:
         if: ${{ inputs.new-version }}
         with:
           name: ${{ inputs.platform }}
-          path: tea.xyz/var/pantry
 
       - run: fetch-pr-artifacts.ts ${{ github.repository }} ${{ github.sha }} ${{ inputs.platform }} >>$GITHUB_ENV
         if: ${{ !inputs.new-version }}
@@ -73,13 +70,12 @@ jobs:
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
           AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
 
-      - run: tar xzf artifacts.tgz -C ${{ steps.tea.outputs.prefix }}
+      - run: tar xzvf artifacts.tgz
 
       - run: |
           for file in built relative-paths srcs; do
             echo "$file=$(cat $file)" >>$GITHUB_ENV
           done
-        working-directory: ${{ steps.tea.outputs.prefix }}
 
       # the next three steps bless our code for Apple. It might be the case they should be
       # encapulated separately.
@@ -102,7 +98,6 @@ jobs:
               xargs -0 codesign -s "Developer ID Application: Tea Inc. (7WV56FL599)" --force -v --deep --timestamp --preserve-metadata=entitlements -o runtime || true
             codesign -s "Developer ID Application: Tea Inc. (7WV56FL599)" -v --force --deep --timestamp --preserve-metadata=entitlements -o runtime /opt/$PKG/bin/* || true
           done
-        working-directory: ${{ steps.tea.outputs.prefix }}
 
       # This isn't very informative, but even a no-op is safer than none
       - name: Check codesigning
@@ -113,7 +108,6 @@ jobs:
               codesign -vvv --deep --strict "$SIG"
             done
           done
-        working-directory: ${{ steps.tea.outputs.prefix }}
 
       # Needed for self-hosted runner, since it doesn't destroy itself automatically.
       - name: Delete keychain
@@ -149,14 +143,12 @@ jobs:
 
           SRCS=$(echo $srcs | tr -d '~')
 
-          tar cf $GITHUB_WORKSPACE/artifacts.tar \
+          tar cf artifacts.tar \
             $SRCS \
             ${{ steps.bottle-gz.outputs.bottles }} \
             ${{ steps.bottle-xz.outputs.bottles }} \
             bottles checksums signatures
 
-        working-directory: ${{ steps.tea.outputs.prefix }}
-
       - name: upload artifacts
         uses: actions/upload-artifact@v3
         with:
@@ -167,35 +159,31 @@ jobs:
   upload:
     needs: [bottle]
     runs-on: ubuntu-latest
-    defaults:
-      run:
-        working-directory: tea.xyz/var/pantry
     steps:
       - uses: teaxyz/setup@v0
         id: tea
         with:
-          srcroot: tea.xyz/var/pantry
-          prefix:  ${{ github.workspace }}
+          srcroot: null
+          prefix: ${{ github.workspace }}
+
+      - name: configure scripts PATH
+        run: echo "${{ steps.tea.outputs.prefix }}/tea.xyz/var/pantry/scripts" >> $GITHUB_PATH
 
       - uses: actions/cache@v3
         with:
           path: $HOME/.cache/deno
-          key: ${{ runner.os }}-deno-bottle-${{ hashFiles('.tea/tea.xyz/var/pantry/deno.jsonc')}}
+          key: ${{ runner.os }}-deno-bottle-${{ hashFiles('tea.xyz/var/pantry/deno.jsonc')}}
 
       - uses: actions/download-artifact@v3
         with:
           name: ${{ inputs.platform }}-bottles
 
       - run: |
-          tar xvf $GITHUB_WORKSPACE/artifacts.tar
+          tar xvf artifacts.tar
 
           for file in bottles checksums signatures; do
             echo "$file=$(cat $file)" >>$GITHUB_ENV
           done
-        working-directory: ${{ steps.tea.outputs.prefix }}
-
-      - name: configure scripts PATH
-        run: echo "$TEA_PREFIX/tea.xyz/var/pantry/scripts" >> $GITHUB_PATH
 
       - name: upload bottles
         id: upload

.github/workflows/build.yml

@@ -48,9 +48,11 @@ jobs:
         with:
           path: ${{ needs.get-platform.outputs.cache-set }}
           key: ${{ runner.os }}-deno-build-${{ hashFiles('deno.jsonc')}}
+
       - uses: teaxyz/setup@v0
         id: tea
         with:
+          srcroot: null
           prefix: /opt
 
       - name: sanitize macOS runners
@@ -68,10 +70,6 @@ jobs:
           GITHUB_TOKEN: ${{ github.token }}
           FORCE_UNSAFE_CONFIGURE: 1  # some configure scripts refuse to run as root
 
-      - name: delete `.la` files
-        run: find . -name '*.la' -delete
-        working-directory: ${{ steps.tea.outputs.prefix }}
-
       # cache data we'll need in the bottling job
       - name: assemble artifact metadata
         run: |
@@ -84,7 +82,7 @@ jobs:
       # /ref https://github.com/actions/upload-artifact/issues/38
       - name: create artifacts.tgz
         run:
-          tar czf $GITHUB_WORKSPACE/artifacts.tgz
+          tar czvf $GITHUB_WORKSPACE/artifacts.tgz
             ${{ steps.build.outputs.relative-paths }}
             ${{ steps.build.outputs.srcs-relative-paths }}
             built relative-paths srcs

.github/workflows/cd.yml

@@ -1,11 +1,11 @@
 name: cd
+
 on:
   push:
-   branches:
-   - main
+   branches: [main]
 
 jobs:
-  cd:
+  cd:  # job is named poorly, all I can tell you about it is: it’s *not* CD
     runs-on: ubuntu-latest
     outputs:
       HAS_ARTIFACTS: ${{ env.HAS_ARTIFACTS }}
@@ -16,11 +16,11 @@ jobs:
           path: $HOME/.cache/deno
           key: ${{ runner.os }}-deno-cd-${{ hashFiles('deno.jsonc')}}
       - uses: teaxyz/setup@v0
-      - run: ./scripts/map-projects-to-githubs.ts
+      - run: scripts/map-projects-to-githubs.ts
         env:
           WATCHER_URL: ${{ secrets.WATCHER_URL }}
           TEA_API_TOKEN: ${{ secrets.TEA_API_TOKEN }}
-      - run: ./scripts/has-artifacts.ts ${{ github.repository }} ${{ github.sha }} >>$GITHUB_ENV
+      - run: scripts/has-artifacts.ts ${{ github.repository }} ${{ github.sha }} >>$GITHUB_ENV
         env:
           GITHUB_TOKEN: ${{github.token}}
           AWS_S3_CACHE: ${{ secrets.AWS_S3_CACHE }}
@@ -42,6 +42,7 @@ jobs:
     with:
       platform: ${{ matrix.platform }}
     secrets: inherit
+
   cleanup:
     needs: [bottle-pr]
     runs-on: ubuntu-latest
@@ -67,6 +68,7 @@ jobs:
         env:
           AWS_S3_CACHE: ${{ secrets.AWS_S3_CACHE }}
           PR: ${{ needs.bottle.outputs.pr }}
+
   bottle-standalone:
     runs-on: ubuntu-latest
     needs: [cd]
@@ -74,9 +76,13 @@ jobs:
     steps:
       - uses: actions/checkout@v3
       - uses: technote-space/get-diff-action@v6
-        id: diff
+        id: get-diff
         with:
           PATTERNS: projects/**/package.yml
+      - id: diff
+        run: |
+          RESULT=$(echo ${{ steps.get-diff.outputs.diff }} | sed 's#projects/\(.*\)/.*#\1#')
+          echo "diff=$RESULT" >> $GITHUB_OUTPUT
       - run: gh workflow run new-version.yml -R teaxyz/pantry.core -f "projects=$PROJECTS"
         if: ${{ steps.diff.outputs.diff != '' }}
         env:

.github/workflows/ci-scripts.yml

@@ -1,4 +1,4 @@
-name: ci-scripts
+name: ci·scripts
 
 on:
   pull_request:

.github/workflows/ci.yml

@@ -1,4 +1,5 @@
 name: ci
+
 on: pull_request
 
 jobs:

deno.jsonc

@@ -25,5 +25,5 @@
       "TEA_PREFIX": "{{srcroot}}/tea.out"
     }
   },
-  "importMap": "https://raw.githubusercontent.com/teaxyz/cli/v0.22/import-map.json"
+  "importMap": "https://raw.githubusercontent.com/teaxyz/cli/v0.23/import-map.json"
 }

projects/tea.xyz/brewkit/package.yml

@@ -12,9 +12,13 @@ dependencies:
 
 build: |
   mkdir -p {{prefix}}
+  rm -rf {{prefix}}/*  # because our build infra uses this pkg to build itself
   mv bin libexec share deno.* {{prefix}}
 
 test:
-  test zlib.net
-  # we would like to test builds but we need a `GITHUB_TOKEN` and
-  # currently that is not possible
+  dependencies:
+    zlib.net: '*'
+  script:
+    test zlib.net
+    # we would like to test builds but we need a `GITHUB_TOKEN` and
+    # (currently) we can’t figure out how to set that up in CI/CD

projects/tea.xyz/package.yml

@@ -1,9 +1,7 @@
 distributable:
   url: https://github.com/teaxyz/cli/releases/download/v{{ version }}/tea-{{ version }}.tar.xz
-  strip-components: 2
-  #FIXME I have no idea why we must strip TWO components
-  # when I manually extract the tarball it only has one but if we specify 1
-  # both here and manually it has that same component *still*
+  strip-components: 1
+  # NOTE for pre v0.23 is strip-components: 2
 
 versions:
   github: teaxyz/cli

scripts/bottle.ts

@@ -1,4 +1,4 @@
-#!/usr/bin/env -S tea -E
+#!/usr/bin/env tea
 
 /* ---
 dependencies:

scripts/cache-artifacts.ts

@@ -1,4 +1,4 @@
-#!/usr/bin/env -S tea -E
+#!/usr/bin/env tea
 
 /*---
 args:

scripts/fetch-pr-artifacts.ts

@@ -1,4 +1,4 @@
-#!/usr/bin/env -S tea -E
+#!/usr/bin/env tea
 
 /*---
 args:

scripts/has-artifacts.ts

@@ -1,4 +1,4 @@
-#!/usr/bin/env -S tea -E
+#!/usr/bin/env tea
 
 /*---
 args:

scripts/index-packages.ts

@@ -1,4 +1,4 @@
-#!/usr/bin/env -S tea -E
+#!/usr/bin/env tea
 
 /*---
 args:

scripts/map-projects-to-githubs.ts

@@ -1,4 +1,4 @@
-#!/usr/bin/env -S tea -E
+#!/usr/bin/env tea
 
 /*---
 args:

scripts/upload-sync.ts

@@ -1,4 +1,4 @@
-#!/usr/bin/env -S tea -E
+#!/usr/bin/env tea
 
 /*---
 args:

scripts/upload.ts

@@ -1,4 +1,4 @@
-#!/usr/bin/env -S tea -E
+#!/usr/bin/env tea
 
 /*---
 args: