mirror of
https://github.com/ivabus/pantry
synced 2024-11-26 18:25:08 +03:00
Actions Refactor (#336)
This commit is contained in:
parent
b16629a131
commit
6d48c72aca
32 changed files with 383 additions and 259 deletions
26
.github/actions/bottle/action.yml
vendored
Normal file
26
.github/actions/bottle/action.yml
vendored
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
name: tea/pantry/bottle
|
||||||
|
description: internal tea.xyz specific at this time
|
||||||
|
|
||||||
|
inputs:
|
||||||
|
gpg-key-id:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
gpg-key-passphrase:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
built:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
compression:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
|
||||||
|
runs:
|
||||||
|
using: composite
|
||||||
|
steps:
|
||||||
|
- run: ${{ github.action_path }}/bottle.ts ${{ inputs.built }}
|
||||||
|
shell: sh
|
||||||
|
env:
|
||||||
|
COMPRESSION: ${{ inputs.compression }}
|
||||||
|
GPG_KEY_ID: ${{ inputs.gpg-key-id }}
|
||||||
|
GPG_PASSPHRASE: ${{ inputs.gpg-passphrase }}
|
|
@ -22,8 +22,8 @@ import { backticks, panic, run } from "utils"
|
||||||
import { crypto } from "deno/crypto/mod.ts"
|
import { crypto } from "deno/crypto/mod.ts"
|
||||||
import { encode } from "deno/encoding/hex.ts"
|
import { encode } from "deno/encoding/hex.ts"
|
||||||
import { encode as base64Encode } from "deno/encoding/base64.ts"
|
import { encode as base64Encode } from "deno/encoding/base64.ts"
|
||||||
import { set_output } from "./utils/gha.ts"
|
import { set_output } from "../../scripts/utils/gha.ts"
|
||||||
import * as ARGV from "./utils/args.ts"
|
import * as ARGV from "../../scripts/utils/args.ts"
|
||||||
import Path from "path"
|
import Path from "path"
|
||||||
|
|
||||||
const cellar = useCellar()
|
const cellar = useCellar()
|
28
.github/actions/cache/action.yml
vendored
Normal file
28
.github/actions/cache/action.yml
vendored
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
name: tea.xyz/pantry/actions/cache
|
||||||
|
description: cache deno deps
|
||||||
|
|
||||||
|
inputs:
|
||||||
|
cache-name:
|
||||||
|
description: name of the job to use on the cache key
|
||||||
|
required: true
|
||||||
|
|
||||||
|
runs:
|
||||||
|
using: composite
|
||||||
|
steps:
|
||||||
|
- run: |
|
||||||
|
if test "$RUNNER_OS" = "macOS"; then
|
||||||
|
echo "cache=~/Library/Caches/deno" >> $GITHUB_OUTPUT
|
||||||
|
else
|
||||||
|
echo "cache=~/.cache/deno" >> $GITHUB_OUTPUT
|
||||||
|
fi
|
||||||
|
id: os-cache
|
||||||
|
shell: sh
|
||||||
|
|
||||||
|
- uses: actions/cache@v3
|
||||||
|
with:
|
||||||
|
path: |
|
||||||
|
~/.deno
|
||||||
|
${{ steps.os-cache.outputs.cache }}
|
||||||
|
# This isn't perfect (can't hash stuff outside github.workspace, and if the there scripts change, the hash won't)
|
||||||
|
# but it's good enough for now. It's slightly conservative, since it monitors all .ts files, but that's fine.
|
||||||
|
key: ${{ runner.os }}-deno-${{ inputs.cache-name }}-${{ hashFiles('**/deno.jsonc', '**/*.ts') }}
|
|
@ -1,5 +1,6 @@
|
||||||
name: Apple signing
|
name: Apple Codesigning
|
||||||
description: signs binaries for macOS
|
description: Codesigns macOS binaries
|
||||||
|
|
||||||
inputs:
|
inputs:
|
||||||
p12-file-base64:
|
p12-file-base64:
|
||||||
description: Base64 encoded p12 file
|
description: Base64 encoded p12 file
|
||||||
|
@ -11,11 +12,11 @@ inputs:
|
||||||
description: Identity to use for signing
|
description: Identity to use for signing
|
||||||
required: true
|
required: true
|
||||||
paths:
|
paths:
|
||||||
description: Paths to search for files to sign
|
description: paths to sign
|
||||||
required: true
|
required: true
|
||||||
|
|
||||||
runs:
|
runs:
|
||||||
using: "composite"
|
using: composite
|
||||||
steps:
|
steps:
|
||||||
# Only runs on macOS
|
# Only runs on macOS
|
||||||
- name: Check platform
|
- name: Check platform
|
||||||
|
@ -37,13 +38,9 @@ runs:
|
||||||
p12-file-base64: ${{ inputs.p12-file-base64 }}
|
p12-file-base64: ${{ inputs.p12-file-base64 }}
|
||||||
p12-password: ${{ inputs.p12-password }}
|
p12-password: ${{ inputs.p12-password }}
|
||||||
|
|
||||||
|
|
||||||
- name: Codesign files
|
- name: Codesign files
|
||||||
shell: sh
|
shell: sh
|
||||||
run: |
|
run: find $PATHS -type f -print0 | xargs -0 codesign -s "$IDENTITY" --force -v --timestamp || true
|
||||||
find $PATHS -type f -print0 | \
|
|
||||||
xargs -0 /usr/bin/codesign -s "$IDENTITY" --force -v \
|
|
||||||
--timestamp || true
|
|
||||||
env:
|
env:
|
||||||
PATHS: ${{ inputs.paths }}
|
PATHS: ${{ inputs.paths }}
|
||||||
IDENTITY: ${{ inputs.identity }}
|
IDENTITY: ${{ inputs.identity }}
|
||||||
|
@ -51,10 +48,9 @@ runs:
|
||||||
# This isn't very informative, but even a no-op is safer than none
|
# This isn't very informative, but even a no-op is safer than none
|
||||||
- name: Check codesigning
|
- name: Check codesigning
|
||||||
shell: sh
|
shell: sh
|
||||||
run: |
|
|
||||||
# FIXME: `deno` compiled binaries don't currently pass validation.
|
# FIXME: `deno` compiled binaries don't currently pass validation.
|
||||||
# https://github.com/denoland/deno/issues/17753
|
# https://github.com/denoland/deno/issues/17753
|
||||||
find $PATHS -type f ! -name tea -print0 | xargs -0 codesign -vvv --strict
|
run: find $PATHS -type f ! -name tea -print0 | xargs -0 codesign -vvv --strict
|
||||||
env:
|
env:
|
||||||
PATHS: ${{ inputs.paths }}
|
PATHS: ${{ inputs.paths }}
|
||||||
|
|
35
.github/actions/fetch-pr-artifacts/action.yml
vendored
Normal file
35
.github/actions/fetch-pr-artifacts/action.yml
vendored
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
name: tea/pantry/fetch-pr-artifacts
|
||||||
|
description: internal tea.xyz specific at this time
|
||||||
|
|
||||||
|
inputs:
|
||||||
|
platform:
|
||||||
|
description: platform+arch to fetch
|
||||||
|
required: true
|
||||||
|
token:
|
||||||
|
description: github token
|
||||||
|
default: ${{ github.token }}
|
||||||
|
required: true
|
||||||
|
AWS_S3_BUCKET:
|
||||||
|
description: AWS S3 bucket to use for cache
|
||||||
|
required: true
|
||||||
|
AWS_ACCESS_KEY_ID:
|
||||||
|
description: AWS access key id
|
||||||
|
required: true
|
||||||
|
AWS_SECRET_ACCESS_KEY:
|
||||||
|
description: AWS secret access key
|
||||||
|
required: true
|
||||||
|
|
||||||
|
runs:
|
||||||
|
using: composite
|
||||||
|
steps:
|
||||||
|
- run:
|
||||||
|
${{ github.action_path }}/fetch-pr-artifacts.ts
|
||||||
|
${{ github.repository }}
|
||||||
|
${{ github.sha }}
|
||||||
|
${{ inputs.platform }} >>$GITHUB_ENV
|
||||||
|
shell: sh
|
||||||
|
env:
|
||||||
|
GITHUB_TOKEN: ${{ inputs.token }}
|
||||||
|
AWS_S3_CACHE: ${{ inputs.AWS_S3_CACHE }}
|
||||||
|
AWS_ACCESS_KEY_ID: ${{ inputs.AWS_ACCESS_KEY_ID }}
|
||||||
|
AWS_SECRET_ACCESS_KEY: ${{ inputs.AWS_SECRET_ACCESS_KEY }}
|
39
.github/actions/get-platform/action.yml
vendored
Normal file
39
.github/actions/get-platform/action.yml
vendored
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
name: tea/pantry/get-platform
|
||||||
|
description: Outputs the platform spec we need for builds
|
||||||
|
|
||||||
|
inputs:
|
||||||
|
platform:
|
||||||
|
description: >
|
||||||
|
The platform+arch to get specs for
|
||||||
|
required: true
|
||||||
|
|
||||||
|
outputs:
|
||||||
|
os:
|
||||||
|
description: the OS for general tasks
|
||||||
|
value: ${{ steps.platform.outputs.os }}
|
||||||
|
build-os:
|
||||||
|
description: the OS for build tasks
|
||||||
|
value: ${{ steps.platform.outputs.build-os }}
|
||||||
|
container:
|
||||||
|
description: the container for build tasks
|
||||||
|
value: ${{ steps.platform.outputs.container }}
|
||||||
|
test-matrix:
|
||||||
|
description: the matrix of os/containers for test tasks
|
||||||
|
value: ${{ steps.platform.outputs.test-matrix }}
|
||||||
|
|
||||||
|
runs:
|
||||||
|
using: composite
|
||||||
|
steps:
|
||||||
|
- uses: teaxyz/setup@v0
|
||||||
|
with:
|
||||||
|
srcroot: null
|
||||||
|
|
||||||
|
- uses: teaxyz/pantry.core/.github/actions/cache@main
|
||||||
|
with:
|
||||||
|
cache-name: get-platform
|
||||||
|
|
||||||
|
- run: ${{github.action_path}}/get-platform.ts
|
||||||
|
shell: sh
|
||||||
|
id: platform
|
||||||
|
env:
|
||||||
|
PLATFORM: ${{ inputs.platform }}
|
|
@ -25,7 +25,6 @@ type Output = {
|
||||||
buildOs: OS,
|
buildOs: OS,
|
||||||
container?: string,
|
container?: string,
|
||||||
testMatrix: { os: OS, container?: string }[]
|
testMatrix: { os: OS, container?: string }[]
|
||||||
cacheSet: string
|
|
||||||
}
|
}
|
||||||
|
|
||||||
type OS = string | string[]
|
type OS = string | string[]
|
||||||
|
@ -33,11 +32,6 @@ type OS = string | string[]
|
||||||
const platform = Deno.env.get("PLATFORM") ?? panic("$PLATFORM not set")
|
const platform = Deno.env.get("PLATFORM") ?? panic("$PLATFORM not set")
|
||||||
|
|
||||||
|
|
||||||
const cacheSets = {
|
|
||||||
"darwin": `~/.deno\n~/Library/Caches/deno/deps/https/`,
|
|
||||||
"linux": `~/.deno\n~/.cache/deno/deps/https/`
|
|
||||||
}
|
|
||||||
|
|
||||||
const output: Output = (() => {
|
const output: Output = (() => {
|
||||||
switch(platform) {
|
switch(platform) {
|
||||||
case "darwin+x86-64": {
|
case "darwin+x86-64": {
|
||||||
|
@ -46,7 +40,6 @@ const output: Output = (() => {
|
||||||
os,
|
os,
|
||||||
buildOs: ["self-hosted", "macOS", "X64"],
|
buildOs: ["self-hosted", "macOS", "X64"],
|
||||||
testMatrix: [{ os }],
|
testMatrix: [{ os }],
|
||||||
cacheSet: cacheSets["darwin"]
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
case "darwin+aarch64": {
|
case "darwin+aarch64": {
|
||||||
|
@ -55,7 +48,6 @@ const output: Output = (() => {
|
||||||
os,
|
os,
|
||||||
buildOs: os,
|
buildOs: os,
|
||||||
testMatrix: [{ os }],
|
testMatrix: [{ os }],
|
||||||
cacheSet: cacheSets["darwin"]
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
case "linux+aarch64": {
|
case "linux+aarch64": {
|
||||||
|
@ -64,7 +56,6 @@ const output: Output = (() => {
|
||||||
os,
|
os,
|
||||||
buildOs: os,
|
buildOs: os,
|
||||||
testMatrix: [{ os }],
|
testMatrix: [{ os }],
|
||||||
cacheSet: cacheSets["linux"]
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
case "linux+x86-64": {
|
case "linux+x86-64": {
|
||||||
|
@ -80,7 +71,6 @@ const output: Output = (() => {
|
||||||
{ os, container },
|
{ os, container },
|
||||||
{ os, container: "debian:buster-slim" }
|
{ os, container: "debian:buster-slim" }
|
||||||
],
|
],
|
||||||
cacheSet: cacheSets["linux"]
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
default:
|
default:
|
||||||
|
@ -90,8 +80,7 @@ const output: Output = (() => {
|
||||||
const rv = `os=${JSON.stringify(output.os)}\n` +
|
const rv = `os=${JSON.stringify(output.os)}\n` +
|
||||||
`build-os=${JSON.stringify(output.buildOs)}\n` +
|
`build-os=${JSON.stringify(output.buildOs)}\n` +
|
||||||
`container=${JSON.stringify(output.container)}\n` +
|
`container=${JSON.stringify(output.container)}\n` +
|
||||||
`test-matrix=${JSON.stringify(output.testMatrix)}\n` +
|
`test-matrix=${JSON.stringify(output.testMatrix)}\n`
|
||||||
`cache-set<<EOF\n${output.cacheSet}\nEOF\n`
|
|
||||||
|
|
||||||
Deno.stdout.write(new TextEncoder().encode(rv))
|
Deno.stdout.write(new TextEncoder().encode(rv))
|
||||||
|
|
39
.github/actions/has-artifacts/action.yml
vendored
Normal file
39
.github/actions/has-artifacts/action.yml
vendored
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
name: tea/pantry/has-artifacts
|
||||||
|
description: Outputs the platform spec we need for builds
|
||||||
|
|
||||||
|
inputs:
|
||||||
|
platform:
|
||||||
|
description: >
|
||||||
|
The platform+arch to get specs for
|
||||||
|
required: true
|
||||||
|
|
||||||
|
outputs:
|
||||||
|
os:
|
||||||
|
description: the OS for general tasks
|
||||||
|
value: ${{ steps.platform.outputs.os }}
|
||||||
|
build-os:
|
||||||
|
description: the OS for build tasks
|
||||||
|
value: ${{ steps.platform.outputs.build-os }}
|
||||||
|
container:
|
||||||
|
description: the container for build tasks
|
||||||
|
value: ${{ steps.platform.outputs.container }}
|
||||||
|
test-matrix:
|
||||||
|
description: the matrix of os/containers for test tasks
|
||||||
|
value: ${{ steps.platform.outputs.test-matrix }}
|
||||||
|
|
||||||
|
runs:
|
||||||
|
using: composite
|
||||||
|
steps:
|
||||||
|
- uses: teaxyz/setup@v0
|
||||||
|
with:
|
||||||
|
srcroot: null
|
||||||
|
|
||||||
|
- uses: teaxyz/pantry.core/.github/actions/cache@main
|
||||||
|
with:
|
||||||
|
cache-name: has-artifacts
|
||||||
|
|
||||||
|
- run: ${{github.action_path}}/get-platform.ts
|
||||||
|
shell: sh
|
||||||
|
id: platform
|
||||||
|
env:
|
||||||
|
PLATFORM: ${{ inputs.platform }}
|
|
@ -11,9 +11,9 @@ args:
|
||||||
/// Test
|
/// Test
|
||||||
/// ./scripts/has-artifacts.ts e582b03fe6efedde80f9569403555f4513dbec91
|
/// ./scripts/has-artifacts.ts e582b03fe6efedde80f9569403555f4513dbec91
|
||||||
|
|
||||||
import { S3 } from "s3";
|
import { S3 } from "s3"
|
||||||
import { panic } from "utils";
|
import { panic } from "utils"
|
||||||
import { find_pr } from "./fetch-pr-artifacts.ts";
|
import { find_pr } from "../fetch-pr-artifacts/fetch-pr-artifacts.ts"
|
||||||
|
|
||||||
/// Main
|
/// Main
|
||||||
/// -------------------------------------------------------------------------------
|
/// -------------------------------------------------------------------------------
|
39
.github/actions/setup-brewkit/action.yml
vendored
Normal file
39
.github/actions/setup-brewkit/action.yml
vendored
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
name: +tea.xyz/brewkit
|
||||||
|
description: sets up tea, tea.xyz/brewkit & caching
|
||||||
|
|
||||||
|
# inputs and outputs are `teaxyz/setup` passthrough
|
||||||
|
|
||||||
|
inputs:
|
||||||
|
prefix:
|
||||||
|
description: >
|
||||||
|
Where tea stows its packages.
|
||||||
|
Defaults to `$HOME/.tea`.
|
||||||
|
required: false
|
||||||
|
outputs:
|
||||||
|
version:
|
||||||
|
description: Your project’s version.
|
||||||
|
value: ${{ steps.tea.outputs.version }}
|
||||||
|
prefix:
|
||||||
|
description: The prefix you specified.
|
||||||
|
value: ${{ steps.tea.outputs.prefix }}
|
||||||
|
|
||||||
|
runs:
|
||||||
|
using: composite
|
||||||
|
steps:
|
||||||
|
- uses: teaxyz/setup@v0
|
||||||
|
id: tea
|
||||||
|
with:
|
||||||
|
prefix: ${{ inputs.prefix }}
|
||||||
|
+: tea.xyz/brewkit
|
||||||
|
# prevent pantry from reassigning TEA_PREFIX etc.
|
||||||
|
srcroot: null
|
||||||
|
|
||||||
|
- uses: teaxyz/pantry.core/.github/actions/cache@main
|
||||||
|
with:
|
||||||
|
cache-name: setup
|
||||||
|
|
||||||
|
- run: |
|
||||||
|
# if test -d "{{ github.workspace }}"/projects; then
|
||||||
|
echo "TEA_PANTRY_PATH=${{ github.workspace }}" >> $GITHUB_ENV
|
||||||
|
# fi
|
||||||
|
shell: sh
|
40
.github/actions/stage-build-artifacts/action.yml
vendored
Normal file
40
.github/actions/stage-build-artifacts/action.yml
vendored
Normal file
|
@ -0,0 +1,40 @@
|
||||||
|
name: tea/pantry/stage-build-artifacts
|
||||||
|
description: internal tea.xyz specific at this time
|
||||||
|
|
||||||
|
inputs:
|
||||||
|
platform:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
AWS_S3_BUCKET:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
AWS_ACCESS_KEY_ID:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
AWS_SECRET_ACCESS_KEY:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
|
||||||
|
runs:
|
||||||
|
using: composite
|
||||||
|
steps:
|
||||||
|
- uses: actions/download-artifact@v3
|
||||||
|
with:
|
||||||
|
name: ${{ inputs.platform }}
|
||||||
|
|
||||||
|
- uses: teaxyz/setup@v0
|
||||||
|
|
||||||
|
- uses: teaxyz/pantry.core/.github/actions/cache@main
|
||||||
|
with:
|
||||||
|
cache-name: stage
|
||||||
|
|
||||||
|
- run: ${{ github.action_path }}/cache-artifacts.ts
|
||||||
|
${{github.repository}}
|
||||||
|
${{github.ref}}
|
||||||
|
${{inputs.platform}}
|
||||||
|
artifacts.tgz
|
||||||
|
shell: sh
|
||||||
|
env:
|
||||||
|
AWS_S3_BUCKET: ${{ inputs.AWS_S3_BUCKET }}
|
||||||
|
AWS_ACCESS_KEY_ID: ${{ inputs.AWS_ACCESS_KEY_ID }}
|
||||||
|
AWS_SECRET_ACCESS_KEY: ${{ inputs.AWS_SECRET_ACCESS_KEY }}
|
|
@ -34,7 +34,7 @@ const s3 = new S3({
|
||||||
secretKey: Deno.env.get("AWS_SECRET_ACCESS_KEY")!,
|
secretKey: Deno.env.get("AWS_SECRET_ACCESS_KEY")!,
|
||||||
region: "us-east-1",
|
region: "us-east-1",
|
||||||
})
|
})
|
||||||
const bucket = s3.getBucket(Deno.env.get("AWS_S3_CACHE")!)
|
const bucket = s3.getBucket(Deno.env.get("AWS_S3_BUCKET")!)
|
||||||
|
|
||||||
const key = `pull-request/${repo.split("/")[1]}/${pr}/${dest}`
|
const key = `pull-request/${repo.split("/")[1]}/${pr}/${dest}`
|
||||||
const body = await Deno.readFile(file.string)
|
const body = await Deno.readFile(file.string)
|
47
.github/actions/upload/action.yml
vendored
Normal file
47
.github/actions/upload/action.yml
vendored
Normal file
|
@ -0,0 +1,47 @@
|
||||||
|
name: tea/pantry/upload
|
||||||
|
description: internal tea.xyz specific at this time
|
||||||
|
|
||||||
|
inputs:
|
||||||
|
pkgs:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
srcs:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
bottles:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
checksums:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
signatures:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
AWS_S3_BUCKET:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
AWS_ACCESS_KEY_ID:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
AWS_SECRET_ACCESS_KEY:
|
||||||
|
description: ''
|
||||||
|
required: true
|
||||||
|
|
||||||
|
runs:
|
||||||
|
using: composite
|
||||||
|
steps:
|
||||||
|
- uses: teaxyz/pantry.core/.github/actions/cache@main
|
||||||
|
with:
|
||||||
|
cache-name: upload
|
||||||
|
|
||||||
|
- run: ${{ github.action_path }}/upload.ts
|
||||||
|
--pkgs ${{ inputs.pkgs }}
|
||||||
|
--srcs ${{ inputs.srcs }}
|
||||||
|
--bottles ${{ inputs.bottles }}
|
||||||
|
--checksums ${{ inputs.checksums }}
|
||||||
|
--signatures ${{ inputs.signatures }}
|
||||||
|
shell: sh
|
||||||
|
env:
|
||||||
|
AWS_S3_BUCKET: ${{ inputs.AWS_S3_BUCKET }}
|
||||||
|
AWS_ACCESS_KEY_ID: ${{ inputs.AWS_ACCESS_KEY_ID }}
|
||||||
|
AWS_SECRET_ACCESS_KEY: ${{ inputs.AWS_SECRET_ACCESS_KEY }}
|
|
@ -18,8 +18,8 @@ import { basename, dirname } from "deno/path/mod.ts"
|
||||||
import { retry } from "deno/async/retry.ts"
|
import { retry } from "deno/async/retry.ts"
|
||||||
import { decode as base64Decode } from "deno/encoding/base64.ts"
|
import { decode as base64Decode } from "deno/encoding/base64.ts"
|
||||||
import Path from "path"
|
import Path from "path"
|
||||||
import { set_output } from "./utils/gha.ts"
|
import { set_output } from "../../scripts/utils/gha.ts"
|
||||||
import { sha256 } from "./bottle.ts"
|
import { sha256 } from "../bottle/bottle.ts"
|
||||||
|
|
||||||
//------------------------------------------------------------------------- funcs
|
//------------------------------------------------------------------------- funcs
|
||||||
function args_get(key: string): string[] {
|
function args_get(key: string): string[] {
|
9
deno.jsonc → .github/deno.jsonc
vendored
9
deno.jsonc → .github/deno.jsonc
vendored
|
@ -16,14 +16,7 @@
|
||||||
},
|
},
|
||||||
"tea": {
|
"tea": {
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"deno.land": "^1.30",
|
"deno.land": "^1.30"
|
||||||
"tea.xyz/brewkit": "^0.3"
|
|
||||||
},
|
|
||||||
"env": {
|
|
||||||
// if your primary tea.prefix is somewhere else then you’ll
|
|
||||||
// need to `tea --sync` in this dev-env
|
|
||||||
"TEA_PANTRY_PATH": "{{srcroot}}:{{home}}/.tea/tea.xyz/var/pantry",
|
|
||||||
"TEA_PREFIX": "{{srcroot}}/tea.out"
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"importMap": "https://raw.githubusercontent.com/teaxyz/cli/v0.23/import-map.json"
|
"importMap": "https://raw.githubusercontent.com/teaxyz/cli/v0.23/import-map.json"
|
|
@ -1,14 +1,4 @@
|
||||||
#!/usr/bin/env tea
|
#!/usr/bin/env -S tea -E deno run --allow-read --allow-env --allow-net --allow-sys
|
||||||
|
|
||||||
/*---
|
|
||||||
args:
|
|
||||||
- deno
|
|
||||||
- run
|
|
||||||
- --allow-read
|
|
||||||
- --allow-env
|
|
||||||
- --allow-net
|
|
||||||
- --allow-sys
|
|
||||||
---*/
|
|
||||||
|
|
||||||
import { usePantry } from "hooks"
|
import { usePantry } from "hooks"
|
||||||
import * as ARGV from "./utils/args.ts"
|
import * as ARGV from "./utils/args.ts"
|
|
@ -1,4 +1,3 @@
|
||||||
|
|
||||||
const e = new TextEncoder()
|
const e = new TextEncoder()
|
||||||
const encode = e.encode.bind(e)
|
const encode = e.encode.bind(e)
|
||||||
|
|
90
.github/workflows/bottle.yml
vendored
90
.github/workflows/bottle.yml
vendored
|
@ -22,20 +22,10 @@ jobs:
|
||||||
os: ${{ steps.platform.outputs.os }}
|
os: ${{ steps.platform.outputs.os }}
|
||||||
cache-set: ${{ steps.platform.outputs.cache-set }}
|
cache-set: ${{ steps.platform.outputs.cache-set }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: teaxyz/pantry.core/.github/actions/get-platform@main
|
||||||
with:
|
|
||||||
repository: teaxyz/pantry.core
|
|
||||||
- uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: |
|
|
||||||
~/.deno
|
|
||||||
~/.cache/deno
|
|
||||||
key: ${{ runner.os }}-deno-get-platform-${{ hashFiles('deno.jsonc')}}
|
|
||||||
- uses: teaxyz/setup@v0
|
|
||||||
- run: scripts/get-platform.ts
|
|
||||||
id: platform
|
id: platform
|
||||||
env:
|
with:
|
||||||
PLATFORM: ${{ inputs.platform }}
|
platform: ${{ inputs.platform }}
|
||||||
|
|
||||||
bottle:
|
bottle:
|
||||||
needs: [get-platform]
|
needs: [get-platform]
|
||||||
|
@ -45,29 +35,17 @@ jobs:
|
||||||
built: ${{ env.built }}
|
built: ${{ env.built }}
|
||||||
pr: ${{ env.PR }}
|
pr: ${{ env.PR }}
|
||||||
steps:
|
steps:
|
||||||
- uses: teaxyz/setup@v0
|
- uses: teaxyz/pantry.core/.github/actions/setup-brewkit@main
|
||||||
id: tea
|
|
||||||
with:
|
|
||||||
srcroot: null
|
|
||||||
prefix: ${{ github.workspace }}
|
|
||||||
|
|
||||||
- uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: ${{ needs.get-platform.outputs.cache-set }}
|
|
||||||
key: ${{ runner.os }}-deno-bottle-${{ hashFiles('tea.xyz/var/pantry/deno.jsonc')}}
|
|
||||||
|
|
||||||
- name: configure scripts PATH
|
|
||||||
run: echo "$TEA_PREFIX/tea.xyz/var/pantry/scripts" >> $GITHUB_PATH
|
|
||||||
|
|
||||||
- uses: actions/download-artifact@v3
|
- uses: actions/download-artifact@v3
|
||||||
if: ${{ inputs.new-version }}
|
if: ${{ inputs.new-version }}
|
||||||
with:
|
with:
|
||||||
name: ${{ inputs.platform }}
|
name: ${{ inputs.platform }}
|
||||||
|
|
||||||
- run: fetch-pr-artifacts.ts ${{ github.repository }} ${{ github.sha }} ${{ inputs.platform }} >>$GITHUB_ENV
|
- uses: teaxyz/pantry.core/.github/actions/fetch-pr-artifacts@main
|
||||||
if: ${{ !inputs.new-version }}
|
if: ${{ !inputs.new-version }}
|
||||||
env:
|
with:
|
||||||
GITHUB_TOKEN: ${{github.token}}
|
token: ${{ github.token }}
|
||||||
AWS_S3_CACHE: ${{ secrets.AWS_S3_CACHE }}
|
AWS_S3_CACHE: ${{ secrets.AWS_S3_CACHE }}
|
||||||
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||||
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||||
|
@ -87,19 +65,21 @@ jobs:
|
||||||
env:
|
env:
|
||||||
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
|
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
|
||||||
|
|
||||||
- run: bottle.ts $built
|
- uses: teaxyz/pantry.core/.github/actions/bottle@main
|
||||||
id: bottle-xz
|
id: bottle-xz
|
||||||
env:
|
with:
|
||||||
COMPRESSION: xz
|
built: ${{ env.built }}
|
||||||
GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }}
|
compresson: xz
|
||||||
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
|
gpg-key-id: ${{ secrets.GPG_KEY_ID }}
|
||||||
|
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
|
||||||
|
|
||||||
- run: bottle.ts $built
|
- uses: teaxyz/pantry.core/.github/actions/bottle@main
|
||||||
id: bottle-gz
|
id: bottle-gz
|
||||||
env:
|
with:
|
||||||
COMPRESSION: gz
|
built: ${{ env.built }}
|
||||||
GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }}
|
compresson: gz
|
||||||
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
|
gpg-key-id: ${{ secrets.GPG_KEY_ID }}
|
||||||
|
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
|
||||||
|
|
||||||
- run: |
|
- run: |
|
||||||
echo ${{ steps.bottle-gz.outputs.bottles }} ${{ steps.bottle-xz.outputs.bottles }} >bottles
|
echo ${{ steps.bottle-gz.outputs.bottles }} ${{ steps.bottle-xz.outputs.bottles }} >bottles
|
||||||
|
@ -125,22 +105,6 @@ jobs:
|
||||||
needs: [bottle]
|
needs: [bottle]
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: teaxyz/setup@v0
|
|
||||||
id: tea
|
|
||||||
with:
|
|
||||||
srcroot: null
|
|
||||||
prefix: ${{ github.workspace }}
|
|
||||||
|
|
||||||
- name: configure scripts PATH
|
|
||||||
run: echo "${{ steps.tea.outputs.prefix }}/tea.xyz/var/pantry/scripts" >> $GITHUB_PATH
|
|
||||||
|
|
||||||
- uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: |
|
|
||||||
~/.deno
|
|
||||||
~/.cache/deno
|
|
||||||
key: ${{ runner.os }}-deno-bottle-${{ hashFiles('tea.xyz/var/pantry/deno.jsonc')}}
|
|
||||||
|
|
||||||
- uses: actions/download-artifact@v3
|
- uses: actions/download-artifact@v3
|
||||||
with:
|
with:
|
||||||
name: ${{ inputs.platform }}-bottles
|
name: ${{ inputs.platform }}-bottles
|
||||||
|
@ -152,15 +116,13 @@ jobs:
|
||||||
echo "$file=$(cat $file)" >>$GITHUB_ENV
|
echo "$file=$(cat $file)" >>$GITHUB_ENV
|
||||||
done
|
done
|
||||||
|
|
||||||
- name: upload bottles
|
- uses: teaxyz/pantry.core/.github/actions/upload@main
|
||||||
id: upload
|
with:
|
||||||
run: upload.ts
|
pkgs: ${{ needs.bottle.outputs.built }} ${{ needs.bottle.outputs.built }}
|
||||||
--pkgs ${{ needs.bottle.outputs.built }} ${{ needs.bottle.outputs.built }}
|
srcs: ${{ needs.bottle.outputs.srcs }} ${{ needs.bottle.outputs.srcs }}
|
||||||
--srcs ${{ needs.bottle.outputs.srcs }} ${{ needs.bottle.outputs.srcs }}
|
bottles: ${{ env.bottles }}
|
||||||
--bottles $bottles
|
checksums: ${{ env.checksums }}
|
||||||
--checksums $checksums
|
signatures: ${{ env.signatures }}
|
||||||
--signatures $signatures
|
|
||||||
env:
|
|
||||||
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
|
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
|
||||||
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||||
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||||
|
|
70
.github/workflows/build.yml
vendored
70
.github/workflows/build.yml
vendored
|
@ -24,21 +24,10 @@ jobs:
|
||||||
test-matrix: ${{ steps.platform.outputs.test-matrix }}
|
test-matrix: ${{ steps.platform.outputs.test-matrix }}
|
||||||
cache-set: ${{ steps.platform.outputs.cache-set }}
|
cache-set: ${{ steps.platform.outputs.cache-set }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: teaxyz/pantry.core/.github/actions/get-platform@main
|
||||||
with:
|
|
||||||
repository: teaxyz/pantry.core
|
|
||||||
- uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: |
|
|
||||||
~/.deno
|
|
||||||
~/.cache/deno
|
|
||||||
key: ${{ runner.os }}-deno-get-platform-${{ hashFiles('deno.jsonc')}}
|
|
||||||
- uses: teaxyz/setup@v0
|
|
||||||
- run: scripts/get-platform.ts ${{ inputs.projects }}
|
|
||||||
id: platform
|
id: platform
|
||||||
env:
|
with:
|
||||||
PLATFORM: ${{ inputs.platform }}
|
platform: ${{ inputs.platform }}
|
||||||
TEA_PANTRY_PATH: ${{ github.workspace }}
|
|
||||||
|
|
||||||
build:
|
build:
|
||||||
runs-on: ${{ fromJson(needs.get-platform.outputs.build-os) }}
|
runs-on: ${{ fromJson(needs.get-platform.outputs.build-os) }}
|
||||||
|
@ -46,27 +35,17 @@ jobs:
|
||||||
needs: [get-platform]
|
needs: [get-platform]
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
- uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: ${{ needs.get-platform.outputs.cache-set }}
|
|
||||||
key: ${{ runner.os }}-deno-build-${{ hashFiles('deno.jsonc')}}
|
|
||||||
|
|
||||||
- uses: teaxyz/setup@v0
|
- uses: teaxyz/pantry.core/.github/actions/setup-brewkit@main
|
||||||
id: tea
|
id: tea
|
||||||
with:
|
with:
|
||||||
srcroot: null
|
|
||||||
prefix: /opt
|
prefix: /opt
|
||||||
|
|
||||||
- name: sanitize macOS runners
|
- name: sanitize macOS runners
|
||||||
if: fromJson(needs.get-platform.outputs.build-os) == 'macos-11'
|
if: fromJson(needs.get-platform.outputs.build-os) == 'macos-11'
|
||||||
run: sudo mv /usr/local/bin/* /tmp/
|
run: sudo mv /usr/local/bin/* /tmp/
|
||||||
|
|
||||||
- name: configure tea env
|
- run: pkg build ${{ inputs.projects }}
|
||||||
run: |
|
|
||||||
echo "$PWD/scripts:$TEA_PREFIX/tea.xyz/var/pantry/scripts" >> $GITHUB_PATH
|
|
||||||
echo "TEA_PANTRY_PATH=$GITHUB_WORKSPACE" >> $GITHUB_ENV
|
|
||||||
|
|
||||||
- run: tea +tea.xyz/brewkit build ${{ inputs.projects }}
|
|
||||||
id: build
|
id: build
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ github.token }}
|
GITHUB_TOKEN: ${{ github.token }}
|
||||||
|
@ -82,7 +61,7 @@ jobs:
|
||||||
TEA_PREFIX: ${{ steps.tea.outputs.prefix }}
|
TEA_PREFIX: ${{ steps.tea.outputs.prefix }}
|
||||||
|
|
||||||
# sign macOS binaries
|
# sign macOS binaries
|
||||||
- uses: teaxyz/pantry.core/.github/actions/apple-signing@main
|
- uses: teaxyz/pantry.core/.github/actions/codesign@main
|
||||||
if: startsWith(inputs.platform, 'darwin+') && github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name
|
if: startsWith(inputs.platform, 'darwin+') && github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name
|
||||||
with:
|
with:
|
||||||
p12-file-base64: ${{ secrets.APPLE_CERTIFICATE_P12 }}
|
p12-file-base64: ${{ secrets.APPLE_CERTIFICATE_P12 }}
|
||||||
|
@ -118,7 +97,6 @@ jobs:
|
||||||
needs: [get-platform, build]
|
needs: [get-platform, build]
|
||||||
runs-on: ${{ matrix.platform.os }}
|
runs-on: ${{ matrix.platform.os }}
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
|
||||||
matrix:
|
matrix:
|
||||||
platform: ${{ fromJson(needs.get-platform.outputs.test-matrix) }}
|
platform: ${{ fromJson(needs.get-platform.outputs.test-matrix) }}
|
||||||
outputs:
|
outputs:
|
||||||
|
@ -126,11 +104,7 @@ jobs:
|
||||||
container: ${{ matrix.platform.container }}
|
container: ${{ matrix.platform.container }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
|
- uses: teaxyz/pantry.core/.github/actions/setup-brewkit@main
|
||||||
- uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: ${{ needs.get-platform.outputs.cache-set }}
|
|
||||||
key: ${{ runner.os }}-deno-test-${{ hashFiles('deno.jsonc')}}
|
|
||||||
|
|
||||||
- uses: teaxyz/setup@v0
|
- uses: teaxyz/setup@v0
|
||||||
with:
|
with:
|
||||||
|
@ -143,12 +117,11 @@ jobs:
|
||||||
- name: extract bottles
|
- name: extract bottles
|
||||||
run: tar xzvf artifacts.tgz -C $TEA_PREFIX
|
run: tar xzvf artifacts.tgz -C $TEA_PREFIX
|
||||||
|
|
||||||
- run: tea +tea.xyz/brewkit test ${{ inputs.projects }}
|
- run: pkg test ${{ inputs.projects }}
|
||||||
env:
|
env:
|
||||||
TEA_PANTRY_PATH: ${{ github.workspace }}
|
GITHUB_TOKEN: ${{ github.token }}
|
||||||
GITHUB_TOKEN: ${{github.token}}
|
|
||||||
|
|
||||||
- name: post
|
- name: '[post]'
|
||||||
run:
|
run:
|
||||||
echo "HAS_SECRETS=$HAS_SECRETS" >>$GITHUB_ENV
|
echo "HAS_SECRETS=$HAS_SECRETS" >>$GITHUB_ENV
|
||||||
env:
|
env:
|
||||||
|
@ -178,28 +151,13 @@ jobs:
|
||||||
if: startsWith(github.ref, 'refs/pull/') && startsWith(github.repository, 'teaxyz/pantry.') && needs.test.outputs.HAS_SECRETS == 'true'
|
if: startsWith(github.ref, 'refs/pull/') && startsWith(github.repository, 'teaxyz/pantry.') && needs.test.outputs.HAS_SECRETS == 'true'
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: |
|
|
||||||
~/.deno
|
|
||||||
~/.cache/deno
|
|
||||||
key: ${{ runner.os }}-deno-stage-${{ hashFiles('deno.jsonc')}}
|
|
||||||
- uses: teaxyz/setup@v0
|
|
||||||
|
|
||||||
- name: configure scripts PATH
|
|
||||||
run: echo "$PWD/scripts:$TEA_PREFIX/tea.xyz/var/pantry/scripts" >> $GITHUB_PATH
|
|
||||||
|
|
||||||
- uses: actions/download-artifact@v3
|
- uses: actions/download-artifact@v3
|
||||||
with:
|
with:
|
||||||
name: ${{ inputs.platform }}
|
name: ${{ inputs.platform }}
|
||||||
|
|
||||||
- run: cache-artifacts.ts
|
- uses: teaxyz/pantry.core/.github/actions/stage-build-artifacts@main
|
||||||
${{github.repository}}
|
with:
|
||||||
${{github.ref}}
|
platform: ${{ inputs.platform }}
|
||||||
${{inputs.platform}}
|
AWS_S3_BUCKET: ${{ secrets.AWS_S3_CACHE }}
|
||||||
artifacts.tgz
|
|
||||||
env:
|
|
||||||
AWS_S3_CACHE: ${{ secrets.AWS_S3_CACHE }}
|
|
||||||
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||||
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||||
|
|
13
.github/workflows/cd.yml
vendored
13
.github/workflows/cd.yml
vendored
|
@ -5,23 +5,22 @@ on:
|
||||||
branches: [main]
|
branches: [main]
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
cd: # job is named poorly, all I can tell you about it is: it’s *not* CD
|
cd:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
outputs:
|
outputs:
|
||||||
HAS_ARTIFACTS: ${{ env.HAS_ARTIFACTS }}
|
HAS_ARTIFACTS: ${{ env.HAS_ARTIFACTS }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
- uses: actions/cache@v3
|
|
||||||
with:
|
with:
|
||||||
path: |
|
repo: teaxyz/pantry.core
|
||||||
~/.deno
|
|
||||||
~/.cache/deno
|
- uses: teaxyz/pantry.core/.github/actions/setup-brewkit@main
|
||||||
key: ${{ runner.os }}-deno-cd-${{ hashFiles('deno.jsonc')}}
|
|
||||||
- uses: teaxyz/setup@v0
|
|
||||||
- run: scripts/map-projects-to-githubs.ts
|
- run: scripts/map-projects-to-githubs.ts
|
||||||
env:
|
env:
|
||||||
WATCHER_URL: ${{ secrets.WATCHER_URL }}
|
WATCHER_URL: ${{ secrets.WATCHER_URL }}
|
||||||
TEA_API_TOKEN: ${{ secrets.TEA_API_TOKEN }}
|
TEA_API_TOKEN: ${{ secrets.TEA_API_TOKEN }}
|
||||||
|
|
||||||
- run: scripts/has-artifacts.ts ${{ github.repository }} ${{ github.sha }} >>$GITHUB_ENV
|
- run: scripts/has-artifacts.ts ${{ github.repository }} ${{ github.sha }} >>$GITHUB_ENV
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{github.token}}
|
GITHUB_TOKEN: ${{github.token}}
|
||||||
|
|
12
.github/workflows/ci-scripts.yml
vendored
12
.github/workflows/ci-scripts.yml
vendored
|
@ -3,14 +3,18 @@ name: ci·scripts
|
||||||
on:
|
on:
|
||||||
pull_request:
|
pull_request:
|
||||||
paths:
|
paths:
|
||||||
- scripts/**/*.ts
|
- .github/**.ts
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
typecheck:
|
typecheck:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
env:
|
|
||||||
TEA_SECRET: ${{ secrets.TEA_SECRET }}
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
- uses: teaxyz/setup@v0
|
- uses: teaxyz/setup@v0
|
||||||
- run: deno check --unstable scripts/*.ts
|
with:
|
||||||
|
srcroot: .github
|
||||||
|
- uses: teaxyz/pantry.core/.github/actions/cache@main
|
||||||
|
with:
|
||||||
|
cache-name: ci-scripts
|
||||||
|
- run: deno check --unstable **/*.ts
|
||||||
|
working-directory: .github
|
||||||
|
|
2
.github/workflows/ci.yml
vendored
2
.github/workflows/ci.yml
vendored
|
@ -20,7 +20,7 @@ jobs:
|
||||||
RESULT="$RESULT $y"
|
RESULT="$RESULT $y"
|
||||||
done
|
done
|
||||||
echo "diff=$RESULT" >> $GITHUB_OUTPUT
|
echo "diff=$RESULT" >> $GITHUB_OUTPUT
|
||||||
build:
|
ci:
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
fail-fast: false
|
||||||
matrix:
|
matrix:
|
||||||
|
|
6
.github/workflows/cleanup.yml
vendored
6
.github/workflows/cleanup.yml
vendored
|
@ -1,4 +1,7 @@
|
||||||
name: cleanup
|
# cleans up our S3 staging area if a PR is closed without merge
|
||||||
|
|
||||||
|
name: teaxyz s3 cleanup
|
||||||
|
|
||||||
on:
|
on:
|
||||||
pull_request:
|
pull_request:
|
||||||
types: [closed]
|
types: [closed]
|
||||||
|
@ -14,6 +17,7 @@ jobs:
|
||||||
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||||
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||||
aws-region: us-east-1
|
aws-region: us-east-1
|
||||||
|
|
||||||
- name: remove staged artifacts
|
- name: remove staged artifacts
|
||||||
run: |
|
run: |
|
||||||
REPO=$(echo ${{github.repository}} | sed -e 's_teaxyz/__')
|
REPO=$(echo ${{github.repository}} | sed -e 's_teaxyz/__')
|
||||||
|
|
2
.github/workflows/complain.yml
vendored
2
.github/workflows/complain.yml
vendored
|
@ -26,8 +26,6 @@ jobs:
|
||||||
SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }}
|
SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }}
|
||||||
SLACK_MESSAGE: new-version:${{ inputs.projects }} (${{ inputs.platform }}) ${{ steps.status.outputs.status }}
|
SLACK_MESSAGE: new-version:${{ inputs.projects }} (${{ inputs.platform }}) ${{ steps.status.outputs.status }}
|
||||||
SLACK_COLOR: ${{ steps.status.outputs.status }}
|
SLACK_COLOR: ${{ steps.status.outputs.status }}
|
||||||
- run: env | grep ^GITHUB
|
|
||||||
- run: echo "${{ github.ref_name == 'main'}}"
|
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
if: github.ref_name == 'main'
|
if: github.ref_name == 'main'
|
||||||
- uses: JasonEtco/create-an-issue@v2
|
- uses: JasonEtco/create-an-issue@v2
|
||||||
|
|
9
.github/workflows/index-data.yml
vendored
9
.github/workflows/index-data.yml
vendored
|
@ -12,13 +12,10 @@ jobs:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
- uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: |
|
|
||||||
~/.deno
|
|
||||||
~/.cache/deno
|
|
||||||
key: ${{ runner.os }}-deno-queue-detail-ingestion-${{ hashFiles('deno.jsonc')}}
|
|
||||||
- uses: teaxyz/setup@v0
|
- uses: teaxyz/setup@v0
|
||||||
|
with:
|
||||||
|
srcroot: null
|
||||||
|
- uses: teaxyz/pantry.core/.github/actions/cache@main
|
||||||
- run: ./scripts/index-packages.ts ${{ inputs.projects }}
|
- run: ./scripts/index-packages.ts ${{ inputs.projects }}
|
||||||
env:
|
env:
|
||||||
TEA_PANTRY_PATH: ${{ github.workspace }}
|
TEA_PANTRY_PATH: ${{ github.workspace }}
|
||||||
|
|
2
.github/workflows/new-version.yml
vendored
2
.github/workflows/new-version.yml
vendored
|
@ -8,7 +8,6 @@ on:
|
||||||
required: true
|
required: true
|
||||||
type: string
|
type: string
|
||||||
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build:
|
build:
|
||||||
strategy:
|
strategy:
|
||||||
|
@ -25,6 +24,7 @@ jobs:
|
||||||
projects: ${{ inputs.projects }}
|
projects: ${{ inputs.projects }}
|
||||||
platform: ${{ matrix.platform }}
|
platform: ${{ matrix.platform }}
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
|
|
||||||
index_data:
|
index_data:
|
||||||
needs: [build]
|
needs: [build]
|
||||||
if: success()
|
if: success()
|
||||||
|
|
2
.vscode/settings.json
vendored
2
.vscode/settings.json
vendored
|
@ -2,6 +2,6 @@
|
||||||
"deno.enable": true,
|
"deno.enable": true,
|
||||||
"deno.lint": true,
|
"deno.lint": true,
|
||||||
"deno.unstable": true,
|
"deno.unstable": true,
|
||||||
"deno.config": "deno.jsonc",
|
"deno.config": ".github/deno.jsonc",
|
||||||
"deno.importMap": "../cli/import-map.json"
|
"deno.importMap": "../cli/import-map.json"
|
||||||
}
|
}
|
|
@ -1,63 +0,0 @@
|
||||||
#!/usr/bin/env tea
|
|
||||||
|
|
||||||
/*---
|
|
||||||
args:
|
|
||||||
- deno
|
|
||||||
- run
|
|
||||||
- --allow-read
|
|
||||||
- --allow-net
|
|
||||||
- --allow-env=AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY,AWS_S3_BUCKET,TEA_PREFIX
|
|
||||||
---*/
|
|
||||||
|
|
||||||
import { readAll, readerFromStreamReader } from "deno/streams/mod.ts"
|
|
||||||
import { useCache, useOffLicense } from "hooks"
|
|
||||||
import { Package } from "types"
|
|
||||||
import { crypto, toHashString } from "deno/crypto/mod.ts";
|
|
||||||
import { S3 } from "s3"
|
|
||||||
import Path from "path"
|
|
||||||
|
|
||||||
const s3 = new S3({
|
|
||||||
accessKeyID: Deno.env.get("AWS_ACCESS_KEY_ID")!,
|
|
||||||
secretKey: Deno.env.get("AWS_SECRET_ACCESS_KEY")!,
|
|
||||||
region: "us-east-1",
|
|
||||||
})
|
|
||||||
|
|
||||||
const offy = useOffLicense('s3')
|
|
||||||
const bucket = s3.getBucket(Deno.env.get("AWS_S3_BUCKET")!)
|
|
||||||
|
|
||||||
for (const stowed of await useCache().ls()) {
|
|
||||||
const url = offy.url(stowed)
|
|
||||||
const key = offy.key(stowed)
|
|
||||||
|
|
||||||
console.log({ checking: url })
|
|
||||||
|
|
||||||
const inRepo = await bucket.headObject(key)
|
|
||||||
const repoChecksum = inRepo ? await checksum(`${url}.sha256sum`) : undefined
|
|
||||||
|
|
||||||
// path.read() returns a string; this is easier to get a UInt8Array
|
|
||||||
const contents = await Deno.readFile(stowed.path.string)
|
|
||||||
const sha256sum = toHashString(await crypto.subtle.digest("SHA-256", contents))
|
|
||||||
|
|
||||||
if (!inRepo || repoChecksum !== sha256sum) {
|
|
||||||
const basename = url.path().basename()
|
|
||||||
const body = new TextEncoder().encode(`${sha256sum} ${basename}`)
|
|
||||||
|
|
||||||
console.log({ uploading: url })
|
|
||||||
|
|
||||||
await bucket.putObject(key, contents)
|
|
||||||
await bucket.putObject(`${key}.sha256sum`, body)
|
|
||||||
|
|
||||||
console.log({ uploaded: url })
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
async function checksum(url: string) {
|
|
||||||
const rsp = await fetch(url)
|
|
||||||
if (!rsp.ok) throw new Error(`404-not-found: ${url}`)
|
|
||||||
const rdr = rsp.body?.getReader()
|
|
||||||
if (!rdr) throw new Error(`Couldn’t read: ${url}`)
|
|
||||||
const r = await readAll(readerFromStreamReader(rdr))
|
|
||||||
return new TextDecoder().decode(r).split(' ')[0]
|
|
||||||
}
|
|
||||||
|
|
||||||
type RV = Package & {bottle: Path}
|
|
5
tea.yaml
Normal file
5
tea.yaml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
dependencies:
|
||||||
|
tea.xyz/brewkit: ^0.3
|
||||||
|
env:
|
||||||
|
TEA_PANTRY_PATH: ${{srcroot}}:{{home}}/.tea/tea.xyz/var/pantry
|
||||||
|
TEA_PREFIX: ${{srcroot}}/tea.out
|
Loading…
Reference in a new issue