diff --git a/.github/workflows/_build.yml b/.github/workflows/_build.yml index 7a69eb2..c30fb25 100644 --- a/.github/workflows/_build.yml +++ b/.github/workflows/_build.yml @@ -4,6 +4,10 @@ name: _build on: workflow_call: inputs: + should_run: + description: Whether or not to run the build job + type: boolean + default: false artifact_prefix: description: Artifact prefix type: string @@ -103,7 +107,6 @@ jobs: check: ${{ steps.check.outputs.result }} steps: - name: Checkout build-emacs-for-macos repo - if: ${{ inputs.os != inputs.build_os }} uses: actions/checkout@v4 with: repository: jimeh/build-emacs-for-macos @@ -111,7 +114,7 @@ jobs: - uses: actions/setup-go@v5 if: ${{ inputs.os != inputs.build_os }} with: - go-version: "1.21" + go-version: "1.23" - name: Build emacs-builder tool if: ${{ inputs.os != inputs.build_os }} run: make build @@ -124,8 +127,11 @@ jobs: - name: Ensure emacs-builder is executable if: ${{ inputs.os == inputs.build_os }} run: chmod +x bin/emacs-builder + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main - name: Plan build run: >- + nix develop --command bin/emacs-builder -l debug plan --output build-plan.yml --output-dir '${{ github.workspace }}/builds' ${{ needs.prepare.outputs.test_plan_args }} @@ -163,34 +169,30 @@ jobs: repository: jimeh/build-emacs-for-macos ref: ${{ needs.prepare.outputs.builder_sha }} path: builder - - uses: ruby/setup-ruby@v1 + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - name: Download build-plan artifact + uses: actions/download-artifact@v4 with: - ruby-version: "3.2" - - name: Update homebrew - run: brew update - - name: Fix system python breaking homebrew - run: >- - find "$(brew --prefix)/bin" -type l - -ilname '*/Library/Frameworks/Python.framework/*' - -delete + name: ${{ inputs.artifact_prefix }}build-plan + path: ./builder/ - name: Install dependencies - run: make bootstrap + run: >- + nix develop + --command make bootstrap-ruby working-directory: builder env: BUNDLE_WITHOUT: "development" - - name: Download build-plan artifact - uses: actions/download-artifact@v4 - with: - name: ${{ inputs.artifact_prefix }}build-plan - path: ./ - name: Build Emacs run: >- - ./builder/build-emacs-for-macos + nix develop + --command ./build-emacs-for-macos --log-level debug --plan build-plan.yml --native-full-aot --no-self-sign ${{ inputs.build_args }} + working-directory: builder env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Upload unsigned app artifact @@ -243,7 +245,7 @@ jobs: KEYCHAIN_PATH="$RUNNER_TEMP/app-signing.keychain-db" # import certificate and provisioning profile from secrets - echo -n "$CERT_BASE64" | base64 --decode --output "$CERTIFICATE_PATH" + echo -n "$CERT_BASE64" | base64 --decode > "$CERTIFICATE_PATH" # create temporary keychain security create-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH" diff --git a/.github/workflows/_prepare.yml b/.github/workflows/_prepare.yml index b9f43ae..000fdca 100644 --- a/.github/workflows/_prepare.yml +++ b/.github/workflows/_prepare.yml @@ -12,7 +12,7 @@ on: description: Git ref to checkout of build-emacs-for-macos required: false type: string - default: "v0.6.48" + default: "v0.6.50" secrets: TAP_REPO_TOKEN: description: Personal Access Token for Homebrew Tap repo @@ -38,7 +38,7 @@ jobs: if-no-files-found: error - uses: actions/setup-go@v5 with: - go-version: "1.21" + go-version: "1.23" - name: Build emacs-builder tool run: make build - name: Upload emacs-builder artifact diff --git a/.github/workflows/_release.yml b/.github/workflows/_release.yml index f2e7642..853e0cf 100644 --- a/.github/workflows/_release.yml +++ b/.github/workflows/_release.yml @@ -1,6 +1,9 @@ --- # Requires _prepare.yml and _build.yml re-usable workflows to have run. name: _release +concurrency: + group: _release + cancel-in-progress: false on: workflow_call: inputs: @@ -8,7 +11,7 @@ on: description: GitHub Actions runner OS type: string required: false - default: "macos-12" + default: "macos-13" plan_artifact: description: Name of artifact containing a emacs-builder plan yaml file type: string @@ -17,15 +20,6 @@ on: description: Name of artifact containing a *.dmg files to release type: string required: true - test_build_name: - description: "Test build name" - type: string - required: false - update_casks: - description: "Update casks in homebrew tap?" - type: boolean - required: true - default: true secrets: TAP_REPO_TOKEN: description: Personal Access Token for Homebrew Tap repo @@ -61,14 +55,5 @@ jobs: $(find builds -name '*.dmg' -or -name '*.sha256') env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Trigger update casks workflow in homebrew tap - if: >- - steps.dmg.outputs.result != 'fail' && - inputs.test_build_name == '' && - inputs.update_casks - run: >- - gh workflow run --repo jimeh/homebrew-emacs-builds update-casks.yml - env: - GITHUB_TOKEN: ${{ secrets.TAP_REPO_TOKEN }} - run: echo 'No DMG artifact available, was there a new commit to build?' if: ${{ steps.dmg.outputs.result == 'fail' }} diff --git a/.github/workflows/_update-casks.yml b/.github/workflows/_update-casks.yml new file mode 100644 index 0000000..a850c2a --- /dev/null +++ b/.github/workflows/_update-casks.yml @@ -0,0 +1,27 @@ +--- +name: _update-casks +concurrency: + group: _update-casks + cancel-in-progress: false +on: + workflow_call: + inputs: + os: + description: GitHub Actions runner OS + type: string + required: false + default: "ubuntu-latest" + secrets: + TAP_REPO_TOKEN: + description: Personal Access Token for Homebrew Tap repo + required: true + +jobs: + emacs-builds: + runs-on: ${{ inputs.os }} + steps: + - name: Trigger update casks workflow in homebrew tap + run: >- + gh workflow run --repo jimeh/homebrew-emacs-builds update-casks.yml + env: + GITHUB_TOKEN: ${{ secrets.TAP_REPO_TOKEN }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4608801..29ab9a8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -13,15 +13,15 @@ on: builder_ref: description: "Git ref to checkout of build-emacs-for-macos" required: true - default: "v0.6.48" + default: "v0.6.50" builder_args: description: Custom arguments passed to build script required: false default: "" os: - description: 'Runner OS ("macos-12", "macos-13", or "macos-latest")' + description: 'Runner OS ("macos-13", "macos-14", or "macos-latest")' required: true - default: "macos-12" + default: "macos-13" test_build_name: description: "Test build name" required: false @@ -62,7 +62,7 @@ jobs: needs: [prepare] with: os: ${{ github.event.inputs.os }} - build_os: "macos-12" + build_os: "macos-13" artifact_prefix: "x86_64-" git_ref: ${{ github.event.inputs.git_ref }} git_sha: ${{ github.event.inputs.git_sha }} @@ -82,14 +82,19 @@ jobs: release_x86_64: name: Release (x86_64) uses: ./.github/workflows/_release.yml - needs: [build_x86_64] - if: ${{ needs.build_x86_64.outputs.package_created }} + # Depend on both build_x86_64 and build_arm64, but only run if build_x86_64 + # was successful and a package was created. This ensure wait for all builds + # to complete before running any release jobs. + needs: [build_x86_64, build_arm64] + if: | + always() && + needs.build_x86_64.result == 'success' && + needs.build_x86_64.outputs.package_created && + needs.build_arm64.result != 'failure' with: os: ${{ github.event.inputs.os }} plan_artifact: x86_64-build-plan dmg_artifact: x86_64-dmg - test_build_name: ${{ github.event.inputs.test_build_name }} - update_casks: true secrets: TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }} @@ -124,13 +129,37 @@ jobs: release_arm64: name: Release (arm64) uses: ./.github/workflows/_release.yml - needs: [build_arm64] - if: ${{ needs.build_arm64.outputs.package_created }} + # Depend on both build_arm64 and build_x86_64, but only run if build_arm64 + # was successful and a package was created. This ensure wait for all builds + # to complete before running any release jobs. + needs: [build_arm64, build_x86_64] + if: | + always() && + needs.build_arm64.result == 'success' && + needs.build_arm64.outputs.package_created && + needs.build_x86_64.result != 'failure' with: os: ${{ github.event.inputs.os }} plan_artifact: arm64-build-plan dmg_artifact: arm64-dmg - test_build_name: ${{ github.event.inputs.test_build_name }} - update_casks: false + secrets: + TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }} + + # ---------------------------------------------------------------------------- + # Trigger update casks workflow in homebrew tap + # ---------------------------------------------------------------------------- + + update_casks: + name: Update Casks + uses: ./.github/workflows/_update-casks.yml + # Depend on both release jobs, but only run if either of them was + # successful. This ensures we only run this job once all release jobs have + # been completed. + needs: [release_x86_64, release_arm64] + if: >- + always() && + github.event.inputs.test_build_name == '' && + contains(needs.*.result, 'success') && + !contains(needs.*.result, 'failure') secrets: TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }} diff --git a/.github/workflows/nightly-master.yml b/.github/workflows/nightly-master.yml index 23a8d3a..d8c1248 100644 --- a/.github/workflows/nightly-master.yml +++ b/.github/workflows/nightly-master.yml @@ -31,7 +31,7 @@ jobs: uses: ./.github/workflows/_build.yml needs: [prepare] with: - build_os: "macos-12" + build_os: "macos-13" artifact_prefix: "x86_64-" git_ref: "master" git_sha: ${{ github.event.inputs.git_sha }} @@ -48,12 +48,18 @@ jobs: release_x86_64: name: Release (x86_64) uses: ./.github/workflows/_release.yml - needs: [build_x86_64] - if: ${{ needs.build_x86_64.outputs.package_created }} + # Depend on both build_x86_64 and build_arm64, but only run if build_x86_64 + # was successful and a package was created. This ensure wait for all builds + # to complete before running any release jobs. + needs: [build_x86_64, build_arm64] + if: | + always() && + needs.build_x86_64.result == 'success' && + needs.build_x86_64.outputs.package_created && + needs.build_arm64.result != 'failure' with: plan_artifact: x86_64-build-plan dmg_artifact: x86_64-dmg - update_casks: true secrets: TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }} @@ -86,11 +92,36 @@ jobs: release_arm64: name: Release (arm64) uses: ./.github/workflows/_release.yml - needs: [build_arm64] - if: ${{ needs.build_arm64.outputs.package_created }} + # Depend on both build_arm64 and build_x86_64, but only run if build_arm64 + # was successful and a package was created. This ensure wait for all builds + # to complete before running any release jobs. + needs: [build_arm64, build_x86_64] + if: | + always() && + needs.build_arm64.result == 'success' && + needs.build_arm64.outputs.package_created && + needs.build_x86_64.result != 'failure' with: plan_artifact: arm64-build-plan dmg_artifact: arm64-dmg - update_casks: false + secrets: + TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }} + + # ---------------------------------------------------------------------------- + # Trigger update casks workflow in homebrew tap + # ---------------------------------------------------------------------------- + + update_casks: + name: Update Casks + uses: ./.github/workflows/_update-casks.yml + # Depend on both release jobs, but only run if either of them was + # successful. This ensures we only run this job once all release jobs have + # been completed. + needs: [release_x86_64, release_arm64] + if: >- + always() && + github.event.inputs.test_build_name == '' && + contains(needs.*.result, 'success') && + !contains(needs.*.result, 'failure') secrets: TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }} diff --git a/.github/workflows/update-metadata.yml b/.github/workflows/update-metadata.yml index 89b8393..77f3138 100644 --- a/.github/workflows/update-metadata.yml +++ b/.github/workflows/update-metadata.yml @@ -11,12 +11,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout meta branch - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: meta - uses: actions/setup-go@v5 with: - go-version: "1.21" + go-version: "1.23" - name: update total downloads shield JSON run: >- go run . badges downloads @@ -25,7 +25,7 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} - name: commit and push changes to meta branch - uses: stefanzweifel/git-auto-commit-action@v4 + uses: stefanzweifel/git-auto-commit-action@v5 with: commit_message: "chore(meta): update metadata files" commit_user_name: github-actions[bot]