Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(build/deps): switch from Homebrew to Nix for build dependencies #39

Merged
merged 2 commits into from
Nov 30, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 21 additions & 19 deletions .github/workflows/_build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@ name: _build
on:
workflow_call:
inputs:
should_run:
description: Whether or not to run the build job
type: boolean
default: false
artifact_prefix:
description: Artifact prefix
type: string
Expand Down Expand Up @@ -103,15 +107,14 @@ jobs:
check: ${{ steps.check.outputs.result }}
steps:
- name: Checkout build-emacs-for-macos repo
if: ${{ inputs.os != inputs.build_os }}
uses: actions/checkout@v4
with:
repository: jimeh/build-emacs-for-macos
ref: ${{ needs.prepare.outputs.builder_sha }}
- uses: actions/setup-go@v5
if: ${{ inputs.os != inputs.build_os }}
with:
go-version: "1.21"
go-version: "1.23"
- name: Build emacs-builder tool
if: ${{ inputs.os != inputs.build_os }}
run: make build
Expand All @@ -124,8 +127,11 @@ jobs:
- name: Ensure emacs-builder is executable
if: ${{ inputs.os == inputs.build_os }}
run: chmod +x bin/emacs-builder
- uses: DeterminateSystems/nix-installer-action@main
- uses: DeterminateSystems/magic-nix-cache-action@main
- name: Plan build
run: >-
nix develop --command
bin/emacs-builder -l debug plan --output build-plan.yml
--output-dir '${{ github.workspace }}/builds'
${{ needs.prepare.outputs.test_plan_args }}
Expand Down Expand Up @@ -163,34 +169,30 @@ jobs:
repository: jimeh/build-emacs-for-macos
ref: ${{ needs.prepare.outputs.builder_sha }}
path: builder
- uses: ruby/setup-ruby@v1
- uses: DeterminateSystems/nix-installer-action@main
- uses: DeterminateSystems/magic-nix-cache-action@main
- name: Download build-plan artifact
uses: actions/download-artifact@v4
with:
ruby-version: "3.2"
- name: Update homebrew
run: brew update
- name: Fix system python breaking homebrew
run: >-
find "$(brew --prefix)/bin" -type l
-ilname '*/Library/Frameworks/Python.framework/*'
-delete
name: ${{ inputs.artifact_prefix }}build-plan
path: ./builder/
- name: Install dependencies
run: make bootstrap
run: >-
nix develop
--command make bootstrap-ruby
working-directory: builder
env:
BUNDLE_WITHOUT: "development"
- name: Download build-plan artifact
uses: actions/download-artifact@v4
with:
name: ${{ inputs.artifact_prefix }}build-plan
path: ./
- name: Build Emacs
run: >-
./builder/build-emacs-for-macos
nix develop
--command ./build-emacs-for-macos
--log-level debug
--plan build-plan.yml
--native-full-aot
--no-self-sign
${{ inputs.build_args }}
working-directory: builder
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload unsigned app artifact
Expand Down Expand Up @@ -243,7 +245,7 @@ jobs:
KEYCHAIN_PATH="$RUNNER_TEMP/app-signing.keychain-db"

# import certificate and provisioning profile from secrets
echo -n "$CERT_BASE64" | base64 --decode --output "$CERTIFICATE_PATH"
echo -n "$CERT_BASE64" | base64 --decode > "$CERTIFICATE_PATH"

# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/_prepare.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ on:
description: Git ref to checkout of build-emacs-for-macos
required: false
type: string
default: "v0.6.48"
default: "v0.6.50"
secrets:
TAP_REPO_TOKEN:
description: Personal Access Token for Homebrew Tap repo
Expand All @@ -38,7 +38,7 @@ jobs:
if-no-files-found: error
- uses: actions/setup-go@v5
with:
go-version: "1.21"
go-version: "1.23"
- name: Build emacs-builder tool
run: make build
- name: Upload emacs-builder artifact
Expand Down
23 changes: 4 additions & 19 deletions .github/workflows/_release.yml
Original file line number Diff line number Diff line change
@@ -1,14 +1,17 @@
---
# Requires _prepare.yml and _build.yml re-usable workflows to have run.
name: _release
concurrency:
group: _release
cancel-in-progress: false
on:
workflow_call:
inputs:
os:
description: GitHub Actions runner OS
type: string
required: false
default: "macos-12"
default: "macos-13"
plan_artifact:
description: Name of artifact containing a emacs-builder plan yaml file
type: string
Expand All @@ -17,15 +20,6 @@ on:
description: Name of artifact containing a *.dmg files to release
type: string
required: true
test_build_name:
description: "Test build name"
type: string
required: false
update_casks:
description: "Update casks in homebrew tap?"
type: boolean
required: true
default: true
secrets:
TAP_REPO_TOKEN:
description: Personal Access Token for Homebrew Tap repo
Expand Down Expand Up @@ -61,14 +55,5 @@ jobs:
$(find builds -name '*.dmg' -or -name '*.sha256')
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Trigger update casks workflow in homebrew tap
if: >-
steps.dmg.outputs.result != 'fail' &&
inputs.test_build_name == '' &&
inputs.update_casks
run: >-
gh workflow run --repo jimeh/homebrew-emacs-builds update-casks.yml
env:
GITHUB_TOKEN: ${{ secrets.TAP_REPO_TOKEN }}
- run: echo 'No DMG artifact available, was there a new commit to build?'
if: ${{ steps.dmg.outputs.result == 'fail' }}
27 changes: 27 additions & 0 deletions .github/workflows/_update-casks.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
---
name: _update-casks
concurrency:
group: _update-casks
cancel-in-progress: false
on:
workflow_call:
inputs:
os:
description: GitHub Actions runner OS
type: string
required: false
default: "ubuntu-latest"
secrets:
TAP_REPO_TOKEN:
description: Personal Access Token for Homebrew Tap repo
required: true

jobs:
emacs-builds:
runs-on: ${{ inputs.os }}
steps:
- name: Trigger update casks workflow in homebrew tap
run: >-
gh workflow run --repo jimeh/homebrew-emacs-builds update-casks.yml
env:
GITHUB_TOKEN: ${{ secrets.TAP_REPO_TOKEN }}
53 changes: 41 additions & 12 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,15 @@ on:
builder_ref:
description: "Git ref to checkout of build-emacs-for-macos"
required: true
default: "v0.6.48"
default: "v0.6.50"
builder_args:
description: Custom arguments passed to build script
required: false
default: ""
os:
description: 'Runner OS ("macos-12", "macos-13", or "macos-latest")'
description: 'Runner OS ("macos-13", "macos-14", or "macos-latest")'
required: true
default: "macos-12"
default: "macos-13"
test_build_name:
description: "Test build name"
required: false
Expand Down Expand Up @@ -62,7 +62,7 @@ jobs:
needs: [prepare]
with:
os: ${{ github.event.inputs.os }}
build_os: "macos-12"
build_os: "macos-13"
artifact_prefix: "x86_64-"
git_ref: ${{ github.event.inputs.git_ref }}
git_sha: ${{ github.event.inputs.git_sha }}
Expand All @@ -82,14 +82,19 @@ jobs:
release_x86_64:
name: Release (x86_64)
uses: ./.github/workflows/_release.yml
needs: [build_x86_64]
if: ${{ needs.build_x86_64.outputs.package_created }}
# Depend on both build_x86_64 and build_arm64, but only run if build_x86_64
# was successful and a package was created. This ensure wait for all builds
# to complete before running any release jobs.
needs: [build_x86_64, build_arm64]
if: |
always() &&
needs.build_x86_64.result == 'success' &&
needs.build_x86_64.outputs.package_created &&
needs.build_arm64.result != 'failure'
with:
os: ${{ github.event.inputs.os }}
plan_artifact: x86_64-build-plan
dmg_artifact: x86_64-dmg
test_build_name: ${{ github.event.inputs.test_build_name }}
update_casks: true
secrets:
TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }}

Expand Down Expand Up @@ -124,13 +129,37 @@ jobs:
release_arm64:
name: Release (arm64)
uses: ./.github/workflows/_release.yml
needs: [build_arm64]
if: ${{ needs.build_arm64.outputs.package_created }}
# Depend on both build_arm64 and build_x86_64, but only run if build_arm64
# was successful and a package was created. This ensure wait for all builds
# to complete before running any release jobs.
needs: [build_arm64, build_x86_64]
if: |
always() &&
needs.build_arm64.result == 'success' &&
needs.build_arm64.outputs.package_created &&
needs.build_x86_64.result != 'failure'
with:
os: ${{ github.event.inputs.os }}
plan_artifact: arm64-build-plan
dmg_artifact: arm64-dmg
test_build_name: ${{ github.event.inputs.test_build_name }}
update_casks: false
secrets:
TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }}

# ----------------------------------------------------------------------------
# Trigger update casks workflow in homebrew tap
# ----------------------------------------------------------------------------

update_casks:
name: Update Casks
uses: ./.github/workflows/_update-casks.yml
# Depend on both release jobs, but only run if either of them was
# successful. This ensures we only run this job once all release jobs have
# been completed.
needs: [release_x86_64, release_arm64]
if: >-
always() &&
github.event.inputs.test_build_name == '' &&
contains(needs.*.result, 'success') &&
!contains(needs.*.result, 'failure')
secrets:
TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }}
45 changes: 38 additions & 7 deletions .github/workflows/nightly-master.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
uses: ./.github/workflows/_build.yml
needs: [prepare]
with:
build_os: "macos-12"
build_os: "macos-13"
artifact_prefix: "x86_64-"
git_ref: "master"
git_sha: ${{ github.event.inputs.git_sha }}
Expand All @@ -48,12 +48,18 @@ jobs:
release_x86_64:
name: Release (x86_64)
uses: ./.github/workflows/_release.yml
needs: [build_x86_64]
if: ${{ needs.build_x86_64.outputs.package_created }}
# Depend on both build_x86_64 and build_arm64, but only run if build_x86_64
# was successful and a package was created. This ensure wait for all builds
# to complete before running any release jobs.
needs: [build_x86_64, build_arm64]
if: |
always() &&
needs.build_x86_64.result == 'success' &&
needs.build_x86_64.outputs.package_created &&
needs.build_arm64.result != 'failure'
with:
plan_artifact: x86_64-build-plan
dmg_artifact: x86_64-dmg
update_casks: true
secrets:
TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }}

Expand Down Expand Up @@ -86,11 +92,36 @@ jobs:
release_arm64:
name: Release (arm64)
uses: ./.github/workflows/_release.yml
needs: [build_arm64]
if: ${{ needs.build_arm64.outputs.package_created }}
# Depend on both build_arm64 and build_x86_64, but only run if build_arm64
# was successful and a package was created. This ensure wait for all builds
# to complete before running any release jobs.
needs: [build_arm64, build_x86_64]
if: |
always() &&
needs.build_arm64.result == 'success' &&
needs.build_arm64.outputs.package_created &&
needs.build_x86_64.result != 'failure'
with:
plan_artifact: arm64-build-plan
dmg_artifact: arm64-dmg
update_casks: false
secrets:
TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }}

# ----------------------------------------------------------------------------
# Trigger update casks workflow in homebrew tap
# ----------------------------------------------------------------------------

update_casks:
name: Update Casks
uses: ./.github/workflows/_update-casks.yml
# Depend on both release jobs, but only run if either of them was
# successful. This ensures we only run this job once all release jobs have
# been completed.
needs: [release_x86_64, release_arm64]
if: >-
always() &&
github.event.inputs.test_build_name == '' &&
contains(needs.*.result, 'success') &&
!contains(needs.*.result, 'failure')
secrets:
TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }}
6 changes: 3 additions & 3 deletions .github/workflows/update-metadata.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout meta branch
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
ref: meta
- uses: actions/setup-go@v5
with:
go-version: "1.21"
go-version: "1.23"
- name: update total downloads shield JSON
run: >-
go run . badges downloads
Expand All @@ -25,7 +25,7 @@ jobs:
env:
GITHUB_TOKEN: ${{ github.token }}
- name: commit and push changes to meta branch
uses: stefanzweifel/git-auto-commit-action@v4
uses: stefanzweifel/git-auto-commit-action@v5
with:
commit_message: "chore(meta): update metadata files"
commit_user_name: github-actions[bot]
Expand Down