name: Vendor Gems on: pull_request: paths: - Library/Homebrew/dev-cmd/vendor-gems.rb - Library/Homebrew/Gemfile* push: paths: - .github/workflows/vendor-gems.yml branches-ignore: - main - master workflow_dispatch: inputs: pull_request: description: Pull request number required: true permissions: contents: write pull-requests: read defaults: run: shell: bash -xeuo pipefail {0} jobs: vendor-gems: if: github.repository_owner == 'Homebrew' runs-on: macos-15 steps: - name: Set up Homebrew id: set-up-homebrew uses: Homebrew/actions/setup-homebrew@main with: core: false cask: false test-bot: false - name: Configure Git user if: github.event_name == 'workflow_dispatch' uses: Homebrew/actions/git-user-config@main with: username: BrewTestBot - name: Set up commit signing if: github.event_name == 'workflow_dispatch' uses: Homebrew/actions/setup-commit-signing@main with: signing_key: ${{ secrets.BREWTESTBOT_SSH_SIGNING_KEY }} - name: Check out pull request id: checkout if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.user.login == 'dependabot') run: | gh pr checkout "${PR}" branch="$(git branch --show-current)" echo "branch=${branch}" >> "$GITHUB_OUTPUT" gem_name="$(echo "${branch}" | sed -E 's|.*/||;s|(.*)-.*$|\1|')" echo "gem_name=${gem_name}" >> "$GITHUB_OUTPUT" env: PR: ${{ github.event.pull_request.number || github.event.inputs.pull_request }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }} - name: Vendor Gems run: | if [[ "${GITHUB_EVENT_NAME}" == "workflow_dispatch" || ("${GITHUB_EVENT_NAME}" == "pull_request" && "${GITHUB_ACTOR}" == "dependabot") ]] then brew vendor-gems --non-bundler-gems else brew vendor-gems --non-bundler-gems --no-commit fi - name: Update RBI files run: brew typecheck --update - name: Commit RBI changes if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.user.login == 'dependabot') env: GEM_NAME: ${{ steps.checkout.outputs.gem_name }} working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }} run: | if ! git diff --stat --exit-code "Library/Homebrew/sorbet" then git add "Library/Homebrew/sorbet" git commit -m "Update RBI files for ${GEM_NAME}." \ -m "Autogenerated by the [vendor-gems](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/vendor-gems.yml) workflow." fi - name: Generate push token uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 id: app-token if: github.event_name == 'workflow_dispatch' with: app-id: ${{ vars.BREW_COMMIT_APP_ID }} private-key: ${{ secrets.BREW_COMMIT_APP_KEY }} - name: Push to pull request if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.user.login == 'dependabot') uses: Homebrew/actions/git-try-push@main with: token: ${{ steps.app-token.outputs.token || secrets.GITHUB_TOKEN }} directory: ${{ steps.set-up-homebrew.outputs.repository-path }} branch: ${{ steps.checkout.outputs.branch }} force: true