From c831a1e5cba373300663bd3e717bf0b61a8c273f Mon Sep 17 00:00:00 2001 From: apainintheneck Date: Sun, 19 Mar 2023 00:43:00 -0700 Subject: [PATCH 1/3] CI: Change order of tap-syntax step Now the steps that say they run on all taps are after the one where we set up all taps. --- .github/workflows/tests.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 96d599fc2e..1e8136c994 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -82,14 +82,13 @@ jobs: - name: Install Bundler RubyGems run: brew install-bundler-gems --groups=sorbet - - name: Run brew readall on all taps - run: brew readall --eval-all --aliases - - name: Run brew style on homebrew-core run: brew style --display-cop-names homebrew/core - - name: Run brew audit --skip-style on all taps - run: brew audit --eval-all --skip-style --except=version --display-failures-only + - name: Run brew audit --skip-style on homebrew-core for macOS + run: brew audit --skip-style --except=version --tap=homebrew/core + env: + HOMEBREW_SIMULATE_MACOS_ON_LINUX: 1 - name: Set up all Homebrew taps run: | @@ -109,10 +108,11 @@ jobs: # brew style doesn't like world writable directories sudo chmod -R g-w,o-w "$(brew --repo)/Library/Taps" - - name: Run brew audit --skip-style on homebrew-core for macOS - run: brew audit --skip-style --except=version --tap=homebrew/core - env: - HOMEBREW_SIMULATE_MACOS_ON_LINUX: 1 + - name: Run brew readall on all taps + run: brew readall --eval-all --aliases + + - name: Run brew audit --skip-style on all taps + run: brew audit --eval-all --skip-style --except=version --display-failures-only - name: Run brew style on official taps run: | From 91c07232d48044e76b4148e3031b24da03afecc5 Mon Sep 17 00:00:00 2001 From: apainintheneck Date: Fri, 24 Mar 2023 18:54:33 -0700 Subject: [PATCH 2/3] CI: create tap audit job This will reduce the time it takes for the tap-syntax job to complete (currently that is the slowest one) and will allow us to audit casks as well as formulae (casks weren't getting audited before in CI). --- .github/workflows/tests.yml | 54 +++++++++++++++++++++++++++++-------- 1 file changed, 43 insertions(+), 11 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 1e8136c994..875997549a 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -85,11 +85,6 @@ jobs: - name: Run brew style on homebrew-core run: brew style --display-cop-names homebrew/core - - name: Run brew audit --skip-style on homebrew-core for macOS - run: brew audit --skip-style --except=version --tap=homebrew/core - env: - HOMEBREW_SIMULATE_MACOS_ON_LINUX: 1 - - name: Set up all Homebrew taps run: | brew tap homebrew/aliases @@ -108,12 +103,6 @@ jobs: # brew style doesn't like world writable directories sudo chmod -R g-w,o-w "$(brew --repo)/Library/Taps" - - name: Run brew readall on all taps - run: brew readall --eval-all --aliases - - - name: Run brew audit --skip-style on all taps - run: brew audit --eval-all --skip-style --except=version --display-failures-only - - name: Run brew style on official taps run: | brew style --display-cop-names homebrew/bundle \ @@ -133,6 +122,49 @@ jobs: homebrew/cask-fonts \ homebrew/cask-versions + tap-audit: + name: tap audit + needs: syntax + if: startsWith(github.repository, 'Homebrew/') + runs-on: macos-12 + env: + HOMEBREW_NO_INSTALL_FROM_API: 1 + steps: + - name: Set up Homebrew + id: set-up-homebrew + uses: Homebrew/actions/setup-homebrew@master + + - name: Cache Bundler RubyGems + uses: actions/cache@v1 + with: + path: ${{ steps.set-up-homebrew.outputs.gems-path }} + key: ${{ runner.os }}-rubygems-${{ steps.set-up-homebrew.outputs.gems-hash }} + restore-keys: ${{ runner.os }}-rubygems- + + - name: Install Bundler RubyGems + run: brew install-bundler-gems --groups=sorbet + + - name: Set up Homebrew cask and formula taps + run: | + brew tap homebrew/cask + brew tap homebrew/cask-drivers + brew tap homebrew/cask-fonts + brew tap homebrew/cask-versions + brew tap homebrew/core + + - name: Run brew readall on all taps + run: brew readall --eval-all --aliases + + - name: Run brew audit --skip-style on formulae + run: brew audit --skip-style --except=version --display-failures-only --tap=homebrew/core + + - name: Run brew audit --skip-style on casks + run: | + brew audit --skip-style --except=version --display-failures-only --tap=homebrew/cask + brew audit --skip-style --except=version --display-failures-only --tap=homebrew/cask-drivers + brew audit --skip-style --except=version --display-failures-only --tap=homebrew/cask-fonts + brew audit --skip-style --except=version --display-failures-only --tap=homebrew/cask-versions + vendored-gems: name: vendored gems needs: syntax From 7c5e98602f45a65fa60c4c00eac52451aa608d42 Mon Sep 17 00:00:00 2001 From: apainintheneck Date: Sat, 25 Mar 2023 01:49:38 -0700 Subject: [PATCH 3/3] CI: split up audits into two jobs There will be one for casks which runs on MacOS and the other for formulae which runs on Linux. --- .github/workflows/tests.yml | 45 +++++++++++++++++++++++++++++-------- 1 file changed, 36 insertions(+), 9 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 875997549a..5a7c1f1aff 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -122,8 +122,39 @@ jobs: homebrew/cask-fonts \ homebrew/cask-versions - tap-audit: - name: tap audit + formula-audit: + name: formula audit + needs: syntax + if: startsWith(github.repository, 'Homebrew/') + runs-on: ubuntu-22.04 + env: + HOMEBREW_NO_INSTALL_FROM_API: 1 + steps: + - name: Set up Homebrew + id: set-up-homebrew + uses: Homebrew/actions/setup-homebrew@master + + - name: Cache Bundler RubyGems + uses: actions/cache@v1 + with: + path: ${{ steps.set-up-homebrew.outputs.gems-path }} + key: ${{ runner.os }}-rubygems-${{ steps.set-up-homebrew.outputs.gems-hash }} + restore-keys: ${{ runner.os }}-rubygems- + + - name: Install Bundler RubyGems + run: brew install-bundler-gems --groups=sorbet + + - name: Set up the homebrew/core tap + run: brew tap homebrew/core + + - name: Run brew readall on homebrew/core + run: brew readall --aliases homebrew/core + + - name: Run brew audit --skip-style on homebrew/core + run: brew audit --skip-style --except=version --display-failures-only --tap=homebrew/core + + cask-audit: + name: cask audit needs: syntax if: startsWith(github.repository, 'Homebrew/') runs-on: macos-12 @@ -144,19 +175,15 @@ jobs: - name: Install Bundler RubyGems run: brew install-bundler-gems --groups=sorbet - - name: Set up Homebrew cask and formula taps + - name: Set up Homebrew all cask taps run: | brew tap homebrew/cask brew tap homebrew/cask-drivers brew tap homebrew/cask-fonts brew tap homebrew/cask-versions - brew tap homebrew/core - - name: Run brew readall on all taps - run: brew readall --eval-all --aliases - - - name: Run brew audit --skip-style on formulae - run: brew audit --skip-style --except=version --display-failures-only --tap=homebrew/core + - name: Run brew readall on all casks + run: brew readall homebrew/cask homebrew/cask-drivers homebrew/cask-fonts homebrew/cask-versions - name: Run brew audit --skip-style on casks run: |