feat: Switch to znkr.io/diff for builtin diff #8671
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: main | |
| on: | |
| pull_request: | |
| branches: | |
| - master | |
| push: | |
| branches: | |
| - master | |
| tags: | |
| - v* | |
| schedule: | |
| - cron: 32 2 * * * | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| AGE_VERSION: 1.2.1 # https://github.com/FiloSottile/age/releases | |
| CHOCOLATEY_VERSION: 2.5.1 # https://github.com/chocolatey/choco/releases | |
| COSIGN_VERSION: 2.6.1 # https://github.com/sigstore/cosign/releases https://github.com/goreleaser/goreleaser/issues/6195 | |
| GO_VERSION: 1.25.4 # https://go.dev/doc/devel/release | |
| GOLANGCI_LINT_VERSION: 2.6.2 # https://github.com/golangci/golangci-lint/releases | |
| GORELEASER_VERSION: 2.12.7 # https://github.com/goreleaser/goreleaser/releases | |
| PYTHON_VERSION: '3.10' # https://www.python.org/downloads/ | |
| RAGE_VERSION: 0.11.1 # https://github.com/str4d/rage/releases | |
| SYFT_VERSION: 1.38.0 # https://github.com/anchore/syft/releases | |
| UV_VERSION: 0.9.11 # https://github.com/astral-sh/uv/releases | |
| jobs: | |
| changes: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| code: ${{ steps.filter.outputs.code }} | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - id: filter | |
| uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
| with: | |
| filters: | | |
| code: | |
| - '**/*.go' | |
| - '.github/actions/setup-go/action.yml' | |
| - '.github/workflows/main.yml' | |
| - '.goreleaser.yaml' | |
| - 'Makefile' | |
| - 'assets/**/*.tmpl' | |
| - 'assets/docker/**' | |
| - 'assets/scripts/*.py' | |
| - 'assets/scripts/generate-commit.go' | |
| - 'assets/scripts/stow-to-chezmoi.sh' | |
| - 'assets/vagrant/**' | |
| - 'completions/**' | |
| - 'go.*' | |
| - 'internal/**/!(install.sh.tmpl)' | |
| codeql: | |
| needs: changes | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| security-events: write | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-go | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| upload-cache: false | |
| - uses: github/codeql-action/init@ba454b8ab46733eb6145342877cd148270bb77ab # codeql-bundle-v2.23.5 | |
| with: | |
| languages: go | |
| - uses: github/codeql-action/analyze@ba454b8ab46733eb6145342877cd148270bb77ab # codeql-bundle-v2.23.5 | |
| misspell: | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - uses: reviewdog/action-misspell@d6429416b12b09b4e2768307d53bef58d172e962 # v1.27.0 | |
| with: | |
| locale: US | |
| test-alpine: | |
| needs: changes | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 | |
| with: | |
| path: | | |
| ~/.go-alpine | |
| key: alpine-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| alpine-go- | |
| - name: test | |
| env: | |
| CHEZMOI_GITHUB_TOKEN: ${{ secrets.CHEZMOI_GITHUB_TOKEN }} | |
| run: | | |
| export DOCKER_GOCACHE="$HOME/.go-alpine" | |
| ./assets/docker/test.sh alpine | |
| test-archlinux: | |
| needs: changes | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 | |
| with: | |
| path: | | |
| ~/.go-archlinux | |
| key: archlinux-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| archlinux-go- | |
| - name: test | |
| env: | |
| CHEZMOI_GITHUB_TOKEN: ${{ secrets.CHEZMOI_GITHUB_TOKEN }} | |
| run: | | |
| export DOCKER_GOCACHE="$HOME/.go-archlinux" | |
| ./assets/docker/test.sh archlinux | |
| test-macos: | |
| name: test-macos | |
| needs: changes | |
| # if: github.event_name == 'push' || needs.changes.outputs.code == 'true' # FIXME re-enable macos | |
| if: false | |
| runs-on: macos-15 | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - uses: ./.github/actions/setup-go | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: build | |
| run: | | |
| go build -v ./... | |
| - name: run | |
| run: | | |
| go tool chezmoi --version | |
| - name: install-age | |
| run: | | |
| brew install age | |
| age --version | |
| - name: install-rage | |
| run: | | |
| brew tap str4d.xyz/rage https://str4d.xyz/rage | |
| brew install rage | |
| rage --version | |
| - name: install-keepassxc | |
| run: | | |
| brew install keepassxc | |
| keepassxc-cli --version | |
| - name: test | |
| env: | |
| CHEZMOI_GITHUB_TOKEN: ${{ secrets.CHEZMOI_GITHUB_TOKEN }} | |
| run: | | |
| go test ./... -race | |
| test-release: | |
| needs: changes | |
| runs-on: ubuntu-22.04 # use older Ubuntu for older glibc, update minimum glibc version in install.sh.tmpl if this changes | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| with: | |
| fetch-depth: 0 | |
| - uses: ./.github/actions/free-disk-space | |
| - uses: ./.github/actions/setup-go | |
| with: | |
| cache-prefix: release-go | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: install-release-dependencies | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| run: | | |
| sudo apt-get --quiet update | |
| sudo apt-get --no-install-suggests --no-install-recommends --quiet --yes install musl-tools snapcraft | |
| mkdir -p /opt/chocolatey | |
| wget -q -O - "https://github.com/chocolatey/choco/releases/download/${CHOCOLATEY_VERSION}/chocolatey.v${CHOCOLATEY_VERSION}.tar.gz" | tar -xz -C "/opt/chocolatey" | |
| echo '#!/bin/bash' >> /usr/local/bin/choco | |
| echo 'mono /opt/chocolatey/choco.exe $@' >> /usr/local/bin/choco | |
| chmod +x /usr/local/bin/choco | |
| - name: create-syso | |
| run: | | |
| make create-syso | |
| - name: build-release | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0 | |
| with: | |
| version: ${{ env.GORELEASER_VERSION }} | |
| args: release --skip=sign --snapshot --timeout=1h | |
| - name: upload-artifact-chezmoi-darwin-amd64 | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 | |
| with: | |
| name: chezmoi-darwin-amd64 | |
| path: dist/chezmoi-nocgo_darwin_amd64_v1/chezmoi | |
| - name: upload-artifact-chezmoi-darwin-arm64 | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 | |
| with: | |
| name: chezmoi-darwin-arm64 | |
| path: dist/chezmoi-nocgo_darwin_arm64_v8.0/chezmoi | |
| - name: upload-artifact-chezmoi-linux-amd64 | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 | |
| with: | |
| name: chezmoi-linux-amd64 | |
| path: dist/chezmoi-cgo-glibc_linux_amd64_v1/chezmoi | |
| - name: upload-artifact-chezmoi-linux-musl-amd64 | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 | |
| with: | |
| name: chezmoi-linux-amd64-musl | |
| path: dist/chezmoi-cgo-musl_linux_amd64_v1/chezmoi | |
| - name: upload-artifact-chezmoi-windows-amd64.exe | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 | |
| with: | |
| name: chezmoi-windows-amd64 | |
| path: dist/chezmoi-nocgo_windows_amd64_v1/chezmoi.exe | |
| test-ubuntu: | |
| name: test-ubuntu-umask${{ matrix.umask }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| umask: | |
| - '022' | |
| - '002' | |
| needs: changes | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' || matrix.umask == '022' | |
| with: | |
| fetch-depth: 0 | |
| - uses: ./.github/actions/setup-go | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' || matrix.umask == '022' | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: install-age | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| run: | | |
| cd "$(mktemp -d)" | |
| curl -fsSL "https://github.com/FiloSottile/age/releases/download/v${AGE_VERSION}/age-v${AGE_VERSION}-linux-amd64.tar.gz" | tar xzf - | |
| sudo install -m 755 age/age /usr/local/bin | |
| sudo install -m 755 age/age-keygen /usr/local/bin | |
| - name: install-rage | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| run: | | |
| cd "$(mktemp -d)" | |
| curl -fsSL "https://github.com/str4d/rage/releases/download/v${RAGE_VERSION}/rage-v${RAGE_VERSION}-x86_64-linux.tar.gz" | tar xzf - | |
| sudo install -m 755 rage/rage /usr/local/bin | |
| sudo install -m 755 rage/rage-keygen /usr/local/bin | |
| - name: build | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' || matrix.umask == '022' | |
| run: | | |
| go build -v ./... | |
| - name: run | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' || matrix.umask == '022' | |
| run: | | |
| go tool chezmoi --version | |
| - name: test-umask-${{ matrix.umask }} | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| env: | |
| CHEZMOI_GITHUB_TOKEN: ${{ secrets.CHEZMOI_GITHUB_TOKEN }} | |
| TEST_FLAGS: -ldflags="-X github.com/twpayne/chezmoi/internal/chezmoitest.umaskStr=0o${{ matrix.umask }}" -race -timeout=1h | |
| run: | | |
| go test ./... ${{ env.TEST_FLAGS }} | |
| test-website: | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - uses: ./.github/actions/setup-go | |
| with: | |
| cache-prefix: website-go | |
| go-version: ${{ env.GO_VERSION }} | |
| - uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4 | |
| with: | |
| enable-cache: true | |
| version: ${{ env.UV_VERSION }} | |
| - name: install-website-dependencies | |
| run: | | |
| uv python install ${{ env.PYTHON_VERSION }} | |
| uv sync --locked | |
| - name: build-website | |
| run: uv run -v task build-docs | |
| env: | |
| CHEZMOI_GITHUB_TOKEN: ${{ secrets.CHEZMOI_GITHUB_TOKEN }} | |
| test-windows: | |
| name: test-windows-${{ matrix.test-index }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| test-index: [0, 1, 2, 3] | |
| needs: changes | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| runs-on: windows-2022 | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - uses: ./.github/actions/setup-go | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: build | |
| run: | | |
| go build -v ./... | |
| - name: run | |
| run: | | |
| go tool chezmoi --version | |
| - name: test | |
| env: | |
| CHEZMOI_GITHUB_TOKEN: ${{ secrets.CHEZMOI_GITHUB_TOKEN }} | |
| run: | | |
| if (${{ matrix.test-index }} -eq 0) { | |
| go test ./... -short -race | |
| go test ./internal/cmd -run=TestScript -filter='^[0-9a-cA-C]' -race | |
| } elseif (${{ matrix.test-index }} -eq 1) { | |
| go test ./internal/cmd -run=TestScript -filter='^[d-fD-F]' -race | |
| } elseif (${{ matrix.test-index }} -eq 2) { | |
| go test ./internal/cmd -run=TestScript -filter='^[g-lG-L]' -race | |
| } else { | |
| go test ./internal/cmd -run=TestScript -filter='^[m-zM-Z]' -race | |
| } | |
| check: | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| with: | |
| fetch-depth: 0 | |
| - uses: ./.github/actions/setup-go | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| upload-cache: false | |
| - name: generate | |
| run: | | |
| go generate | |
| git diff --exit-code | |
| - name: capslock | |
| run: | | |
| make capslock | |
| git diff --exit-code | |
| - name: actionlint | |
| run: | | |
| go tool actionlint | |
| - uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # 2.0.0 | |
| with: | |
| ignore_paths: completions | |
| - name: editorconfig-checker | |
| run: | | |
| go tool editorconfig-checker | |
| - name: lint-whitespace | |
| run: | | |
| go tool lint-whitespace | |
| - name: lint-txtar | |
| run: | | |
| find . -name '*.txtar' -print0 | xargs -0 go tool lint-txtar | |
| - name: find-typos | |
| run: | | |
| go tool find-typos -format=github-actions chezmoi . | |
| - name: lint-commit-messages | |
| if: github.event_name == 'push' | |
| run: | | |
| go tool lint-commit-messages HEAD~1..HEAD | |
| - name: lint-commit-messages | |
| if: github.event_name == 'pull_request' && github.event.pull_request.draft == false | |
| run: | | |
| go tool lint-commit-messages ${{ github.event.pull_request.head.sha }}~${{ github.event.pull_request.commits }}..${{ github.event.pull_request.head.sha }} | |
| - name: lint-markdown | |
| if: false # FIXME | |
| uses: DavidAnson/markdownlint-cli2-action@30a0e04f1870d58f8d717450cc6134995f993c63 # v21.0.0 | |
| lint: | |
| name: lint-${{ matrix.runs-on }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| runs-on: | |
| # - macos-15 # FIXME re-enable macos | |
| - ubuntu-22.04 | |
| - windows-2022 | |
| needs: changes | |
| if: github.event_name == 'push' || needs.changes.outputs.code == 'true' | |
| runs-on: ${{ matrix.runs-on }} | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - uses: ./.github/actions/setup-go | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| upload-cache: false | |
| - uses: golangci/golangci-lint-action@e7fa5ac41e1cf5b7d48e45e42232ce7ada589601 # v9.1.0 | |
| with: | |
| version: v${{ env.GOLANGCI_LINT_VERSION }} | |
| args: --timeout=5m | |
| - name: format # FIXME add make format-yaml | |
| run: | | |
| make format | |
| git diff --exit-code | |
| release: # FIXME this should be merged into test-release above | |
| if: startsWith(github.ref, 'refs/tags/') | |
| needs: | |
| - check | |
| - lint | |
| - test-alpine | |
| - test-archlinux | |
| - test-macos | |
| - test-release | |
| - test-ubuntu | |
| - test-website | |
| - test-windows | |
| runs-on: ubuntu-22.04 # use older Ubuntu for older glibc, update minimum glibc version in install.sh.tmpl if this changes | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: install-build-dependencies | |
| run: | | |
| sudo apt-get --quiet update | |
| sudo apt-get --no-install-suggests --no-install-recommends --quiet --yes install musl-tools snapcraft | |
| mkdir -p /opt/chocolatey | |
| wget -q -O - "https://github.com/chocolatey/choco/releases/download/${CHOCOLATEY_VERSION}/chocolatey.v${CHOCOLATEY_VERSION}.tar.gz" | tar -xz -C "/opt/chocolatey" | |
| echo '#!/bin/bash' >> /usr/local/bin/choco | |
| echo 'mono /opt/chocolatey/choco.exe $@' >> /usr/local/bin/choco | |
| chmod +x /usr/local/bin/choco | |
| - name: check-snapcraft-credentials | |
| run: snapcraft whoami | |
| env: | |
| SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_STORE_CREDENTIALS }} | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| with: | |
| fetch-depth: 0 | |
| - uses: ./.github/actions/free-disk-space | |
| - uses: ./.github/actions/setup-go | |
| with: | |
| cache-prefix: release-go | |
| go-version: ${{ env.GO_VERSION }} | |
| - uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 | |
| with: | |
| cosign-release: v${{ env.COSIGN_VERSION }} | |
| - name: create-syso | |
| run: | | |
| make create-syso | |
| - uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0 | |
| with: | |
| version: ${{ env.GORELEASER_VERSION }} | |
| args: release --timeout=1h | |
| env: | |
| CHOCOLATEY_API_KEY: ${{ secrets.CHOCOLATEY_API_KEY }} | |
| COSIGN_PWD: ${{ secrets.COSIGN_PWD }} | |
| GITHUB_TOKEN: ${{ secrets.GORELEASER_GITHUB_TOKEN }} | |
| SCOOP_GITHUB_TOKEN: ${{ secrets.SCOOP_GITHUB_TOKEN }} | |
| SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_STORE_CREDENTIALS }} | |
| WINGET_GITHUB_TOKEN: ${{ secrets.WINGET_GITHUB_TOKEN }} | |
| deploy-website: | |
| needs: | |
| - release | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| with: | |
| fetch-depth: 0 | |
| - uses: ./.github/actions/setup-go | |
| with: | |
| cache-prefix: website-go | |
| go-version: ${{ env.GO_VERSION }} | |
| - uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4 | |
| with: | |
| enable-cache: true | |
| version: ${{ env.UV_VERSION }} | |
| - name: prepare-chezmoi.io | |
| run: | | |
| uv sync --locked | |
| uv python install ${{ env.PYTHON_VERSION }} | |
| uv run -v task build-docs | |
| env: | |
| CHEZMOI_GITHUB_TOKEN: ${{ secrets.CHEZMOI_GITHUB_TOKEN }} | |
| - name: push-chezmoi.io | |
| run: | | |
| uv run -v task deploy-docs | |
| - name: prepare-get.chezmoi.io | |
| run: | | |
| cp assets/scripts/install.sh assets/get.chezmoi.io/index.html | |
| cp assets/scripts/install-local-bin.sh assets/get.chezmoi.io/lb | |
| cp assets/scripts/install.ps1 assets/get.chezmoi.io/ps1 | |
| cp LICENSE assets/get.chezmoi.io/LICENSE | |
| - name: push-get.chezmoi.io | |
| uses: cpina/github-action-push-to-another-repository@55306faa4ed53b815ae49e564af8cfb359d32ae2 # v1.7.3 | |
| env: | |
| SSH_DEPLOY_KEY: ${{ secrets.GET_CHEZMOI_IO_SSH_DEPLOY_KEY }} | |
| with: | |
| source-directory: assets/get.chezmoi.io | |
| destination-github-username: chezmoi | |
| destination-repository-name: get.chezmoi.io | |
| target-branch: gh-pages | |
| commit-message: 'chore: Update from ORIGIN_COMMIT' | |
| user-email: [email protected] |