Update Homebrew Formula #10
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update Homebrew Formula | |
| # NOTE | |
| # This is a reusable workflow that is intended to be called by the `create_release` workflow | |
| # after a Github release is successfully created. This workflow generates an updated | |
| # version of the Enos Homebrew formula file, opens a PR on HashiCorp's internal Homebrew | |
| # tap (hashicorp/homebrew-internal), and tags `quality-team` for review. | |
| on: | |
| workflow_call: | |
| inputs: | |
| channel: | |
| required: true | |
| type: string | |
| product: | |
| required: true | |
| type: string | |
| sha: | |
| required: true | |
| type: string | |
| version: | |
| required: true | |
| type: string | |
| # Dispatchable if for some reason we need to change the homebrew formula without | |
| # creating a new release. | |
| workflow_dispatch: | |
| inputs: | |
| channel: | |
| required: true | |
| type: choice | |
| description: The Artifactory repo from which to download the release assets | |
| default: stable | |
| options: | |
| - dev | |
| - stable | |
| - staging | |
| product: | |
| required: true | |
| type: string | |
| sha: | |
| required: true | |
| type: string | |
| description: The git SHA of the artifacts in Artifactory to be used in this release | |
| version: | |
| required: true | |
| type: string | |
| description: The version number to be used in this release (e.g. 0.0.27) | |
| jobs: | |
| update-formula: | |
| name: "Update Homebrew formula definition" | |
| runs-on: ubuntu-latest | |
| env: | |
| # Note: `gh` CLI automatically looks for and uses `env.GH_TOKEN` for authentication. | |
| # This token must have read:org scope in order to authenticate on a different repo. | |
| GH_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN }} | |
| TARGET_REPO: hashicorp/homebrew-tap | |
| TARGET_REPO_FILEPATH: homebrew-tap-checkout | |
| BASE_BRANCH: master | |
| PR_BRANCH: enos_homebrew_formula_update_v${{ inputs.version }} | |
| PR_TITLE: "Homebrew formula update for Enos version v${{ inputs.version }}" | |
| PR_BODY: "This is an automatically generated PR to update the Homebrew formula for Enos after a release has been completed. It must be manually approved and merged by a reviewer." | |
| COMMIT_MSG: "Update Homebrew formula for Enos version v${{ inputs.version }}" | |
| GIT_USER_EMAIL: [email protected] | |
| GIT_USER_NAME: Vault Quality Team | |
| REVIEWER: hashicorp/team-vault-quality | |
| steps: | |
| # Checkout Enos repo and place it in the specified relative path within the runner's main directory, | |
| # in order to accommodate checking out multiple repos. | |
| - name: Checkout enos repo | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| path: enos-checkout | |
| - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 | |
| with: | |
| go-version-file: enos-checkout/go.mod | |
| # Set up bob CLI | |
| - name: Setup bob CLI | |
| uses: hashicorp/action-setup-bob@01076d9cc869139ac97693d0869f0e80a666cb3b # v2.1.1 | |
| with: | |
| github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} | |
| # Use bob to download SHA256SUMS file from Artifactory | |
| - name: Download artifacts | |
| env: | |
| BOB_ARTIFACTORY_TOKEN: ${{ secrets.QUALITY_TEAM_ARTIFACTORY_TOKEN }} | |
| BOB_ARTIFACTORY_USER: ${{ secrets.QUALITY_TEAM_ARTIFACTORY_USER }} | |
| run: | | |
| bob download artifactory \ | |
| -channel ${{ inputs.channel }} \ | |
| -commit=${{ inputs.sha }} \ | |
| -product-name=${{ inputs.product }} \ | |
| -product-version=${{ inputs.version }} \ | |
| -pattern="${{ inputs.product }}_${{ inputs.version }}_SHA256SUMS" | |
| # Generate Homebrew formula file (enos.rb) | |
| - name: Generate Homebrew formula file | |
| run: | | |
| cd enos-checkout | |
| go run ./tools/homebrew/... create -p ../.bob/artifacts/${{ inputs.product }}_${{ inputs.version }}_SHA256SUMS -o enos.rb | |
| # Checkout target repo and place it in the specified relative path within the runner's main directory, | |
| # in order to accommodate checking out multiple repos. | |
| # A token with sufficient permissions for the target repo is required. | |
| - name: Checkout homebrew-tap | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| repository: ${{ env.TARGET_REPO }} | |
| path: ${{ env.TARGET_REPO_FILEPATH }} | |
| token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} | |
| # Create PR | |
| - name: Create PR | |
| run: | | |
| cd ${{ env.TARGET_REPO_FILEPATH }} | |
| git config user.email "${{ env.GIT_USER_EMAIL }}" | |
| git config user.name "${{ env.GIT_USER_NAME }}" | |
| git checkout -b ${{ env.PR_BRANCH }} | |
| mv ../enos-checkout/enos.rb ./Formula/enos.rb | |
| git add Formula/enos.rb | |
| git commit -m "${{ env.COMMIT_MSG }}" | |
| git push origin ${{ env.PR_BRANCH }} | |
| gh pr create --repo ${{ env.TARGET_REPO }} --base ${{ env.BASE_BRANCH }} --head ${{ env.PR_BRANCH }} --title "${{ env.PR_TITLE }}" --body "${{ env.PR_BODY }}" --reviewer ${{ env.REVIEWER }} --label ${{ inputs.product }} |