forked from semgrep/semgrep
-
Notifications
You must be signed in to change notification settings - Fork 0
82 lines (81 loc) · 3.17 KB
/
release-homebrew.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
# AUTOGENERATED FROM release-homebrew.jsonnet DO NOT MODIFY
jobs:
brew-build:
name: Build Semgrep via Brew from HEAD
runs-on: macos-latest
steps:
- env:
HOMEBREW_NO_INSTALL_FROM_API: 1
run: brew update --debug --verbose
- env:
HOMEBREW_NO_INSTALL_FROM_API: 1
NONINTERACTIVE: 1
run: brew install semgrep --HEAD --debug || brew link --overwrite semgrep
- env:
HOMEBREW_NO_INSTALL_FROM_API: 1
name: Check installed correctly
run: brew test semgrep --HEAD
homebrew-core-pr:
runs-on: macos-latest
steps:
- run: brew update
- name: 'ugly: fix the python path for brew bump-formula-pr'
run: cd /usr/local/Cellar/python@3.11; ln -s 3.11.6_1 3.11.7
- env:
HOMEBREW_GITHUB_API_TOKEN: ${{ secrets.SEMGREP_HOMEBREW_RELEASE_PAT }}
if: ${{ inputs.dry-run }}
name: Dry Run bump semgrep.rb
run: |
brew bump-formula-pr --force --no-audit --no-browse --write-only \
--message="semgrep 99.99.99" \
--tag="v99.99.99" --revision="${GITHUB_SHA}" semgrep --python-exclude-packages semgrep
- if: ${{ ! inputs.dry-run }}
name: Bump semgrep.rb
run: |
brew bump-formula-pr --force --no-audit --no-browse --write-only \
--message="semgrep ${{ inputs.version }}" --tag="v${{ inputs.version }}" semgrep --debug
- env:
GITHUB_TOKEN: ${{ secrets.SEMGREP_HOMEBREW_RELEASE_PAT }}
name: Make the commit
run: |
cd "$(brew --repository)/Library/Taps/homebrew/homebrew-core"
git status
git diff
git config user.name ${{ github.actor }}
git config user.email ${{ github.actor }}@users.noreply.github.com
gh auth setup-git
git remote add r2c https://github.com/semgrep-release/homebrew-core.git
git checkout -b bump-semgrep-${{ inputs.version }}
git add Formula/s/semgrep.rb
git commit -m "semgrep ${{ inputs.version }}"
- env:
GITHUB_TOKEN: ${{ secrets.SEMGREP_HOMEBREW_RELEASE_PAT }}
if: ${{ ! inputs.dry-run }}
name: Push commit to our fork of homebrew-core
run: |
cd "$(brew --repository)/Library/Taps/homebrew/homebrew-core"
git push --set-upstream r2c --force "bump-semgrep-${{ inputs.version }}"
- env:
GITHUB_TOKEN: ${{ secrets.SEMGREP_HOMEBREW_RELEASE_PAT }}
if: ${{ ! inputs.dry-run }}
name: Open PR to official homebrew-core repo
run: |
gh pr create --repo homebrew/homebrew-core \
--base master --head "semgrep-release:bump-semgrep-${{ inputs.version }}" \
--title="semgrep ${{ inputs.version }}" \
--body "Bump semgrep to version ${{ inputs.version }}"
name: release-homebrew
on:
workflow_dispatch:
inputs:
dry-run:
description: |
Check the box for a dry-run.
A dry-run will not push any external state.
required: true
type: boolean
version:
description: |
The version of Semgrep to release on Homebrew (e.g., 1.55.2)
required: true
type: string