ci #395
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
pull_request: | |
push: | |
branches: [main] | |
workflow_dispatch: | |
jobs: | |
check: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
os: [macos-14, ubuntu-latest] | |
steps: | |
- name: Add Homebrew to $PATH | |
if: runner.os == 'Linux' | |
run: | | |
# mitigate https://github.com/actions/runner-images/issues/6283 | |
echo "/home/linuxbrew/.linuxbrew/bin:/home/linuxbrew/.linuxbrew/sbin" >>"$GITHUB_PATH" | |
- uses: actions/checkout@v4 | |
- name: Install Prettier | |
run: npm i -g prettier@'^3' | |
- name: Check web code formatting with Prettier | |
run: prettier --check . | |
- name: Install formatters with Homebrew | |
run: brew install shfmt taplo | |
- name: Check shell script formatting with shfmt | |
run: shfmt -d -i 2 . | |
- name: Install ShellCheck (https://github.com/koalaman/shellcheck) on macOS | |
if: runner.os == 'macOS' | |
run: brew install bash shellcheck | |
- name: Check shell script formatting with ShellCheck | |
run: | | |
shopt -s globstar nullglob | |
set -- **/*.{sh,bash} | |
if [ -n "$1" ]; then | |
echo "Checking $@" | |
shellcheck "$@" | |
else | |
echo "No shell scripts for ShellCheck to check." | |
fi | |
shell: bash | |
env: | |
SHELLCHECK_OPTS: -e SC1071 -e SC1090 -e SC1091 | |
- name: Check TOML formatting with Taplo | |
run: | | |
taplo check .taplo.toml | |
taplo check --schema https://starship.rs/config-schema.json .config/starship.toml | |
taplo fmt --check **/*.toml | |
test: | |
if: github.event_name != 'push' | |
needs: [check] | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [macos-14, ubuntu-latest] | |
timeout-minutes: 100 | |
env: | |
STRAP_CI: 1 | |
STRAP_DEBUG: 1 | |
STRAP_DOTFILES_BRANCH: ${{ github.ref }} | |
STRAP_GIT_EMAIL: [email protected] | |
STRAP_GIT_NAME: GitHub Actions | |
STRAP_GITHUB_USER: br3ndonland | |
steps: | |
- name: Add Homebrew to $PATH | |
if: runner.os == 'Linux' | |
run: | | |
# mitigate https://github.com/actions/runner-images/issues/6283 | |
echo "/home/linuxbrew/.linuxbrew/bin:/home/linuxbrew/.linuxbrew/sbin" >>"$GITHUB_PATH" | |
- name: Clean up Homebrew | |
run: | | |
type brew &>/dev/null && brew test-bot --only-cleanup-before || | |
echo "Homebrew not found." | |
- name: Clean up macOS | |
if: runner.os == 'macOS' | |
run: | | |
sudo rm -rf /usr/local/Caskroom /usr/local/Homebrew /usr/local/bin/brew \ | |
/usr/local/.??* /Applications/Xcode.app /Library/Developer/CommandLineTools | |
- name: Enable passwordless sudo commands on macOS runners | |
if: runner.os == 'macOS' | |
run: | | |
# mitigate https://github.com/actions/runner-images/issues/10484 | |
sudo sed -i '' 's/%admin ALL = (ALL) ALL/%admin ALL = (ALL) NOPASSWD: ALL/g' /etc/sudoers | |
sudo -v | |
- name: Create a non-admin user account | |
run: | | |
username=standard-user | |
if ${{ runner.os == 'Linux' }}; then | |
sudo adduser --disabled-password --gecos "" "$username" | |
home_prefix=/home | |
elif ${{ runner.os == 'macOS' }}; then | |
sudo sysadminctl -addUser "$username" | |
sudo passwd -u "$username" | |
sudo dseditgroup -o edit -d "$username" -t user admin | |
home_prefix=/Users | |
sudo dscl . -create "$home_prefix/$username" NFSHomeDirectory "$home_prefix/$username" | |
fi | |
echo "NON_ADMIN_USER=$username" >>"$GITHUB_ENV" | |
echo "NON_ADMIN_USER_HOME=$home_prefix/$username" >>"$GITHUB_ENV" | |
- name: Set bootstrap script URL | |
run: | | |
STRAP_SCRIPT_URL="https://raw.githubusercontent.com/$STRAP_GITHUB_USER/dotfiles/$STRAP_DOTFILES_BRANCH/bootstrap.sh" | |
echo "STRAP_SCRIPT_URL=$STRAP_SCRIPT_URL" | |
echo "STRAP_SCRIPT_URL=$STRAP_SCRIPT_URL" >>"$GITHUB_ENV" | |
- name: > | |
Run bootstrap.sh with a non-admin non-sudo user without Homebrew installed | |
(Homebrew installation requires sudo) | |
id: bootstrap-non-admin-non-sudo | |
run: | | |
sudo \ | |
--preserve-env=STRAP_CI,STRAP_DEBUG,STRAP_DOTFILES_BRANCH,STRAP_GIT_EMAIL,STRAP_GIT_NAME,STRAP_GITHUB_USER,STRAP_SCRIPT_URL \ | |
-u "$NON_ADMIN_USER" bash -c '/usr/bin/env bash -c "$(curl -fsSL ${{ env.STRAP_SCRIPT_URL }})"' | |
working-directory: ${{ env.NON_ADMIN_USER_HOME }} | |
- name: Update non-admin user account with sudo permissions | |
run: | | |
SUDOERS_FILE="/etc/sudoers.d/$NON_ADMIN_USER" | |
echo "$NON_ADMIN_USER ALL=(ALL) NOPASSWD:ALL" | sudo tee "$SUDOERS_FILE" | |
sudo chmod 0440 "$SUDOERS_FILE" | |
- name: Run bootstrap.sh with a non-admin sudo user without Homebrew installed | |
run: | | |
sudo \ | |
--preserve-env=STRAP_CI,STRAP_DEBUG,STRAP_DOTFILES_BRANCH,STRAP_GIT_EMAIL,STRAP_GIT_NAME,STRAP_GITHUB_USER,STRAP_SCRIPT_URL \ | |
-u "$NON_ADMIN_USER" bash -c '/usr/bin/env bash -c "$(curl -fsSL ${{ env.STRAP_SCRIPT_URL }})"' | |
working-directory: ${{ env.NON_ADMIN_USER_HOME }} | |
- name: Rerun bootstrap.sh with a non-admin sudo user after Homebrew has been installed | |
run: | | |
sudo \ | |
--preserve-env=STRAP_CI,STRAP_DEBUG,STRAP_DOTFILES_BRANCH,STRAP_GIT_EMAIL,STRAP_GIT_NAME,STRAP_GITHUB_USER,STRAP_SCRIPT_URL \ | |
-u "$NON_ADMIN_USER" bash -c '/usr/bin/env bash "${{ env.NON_ADMIN_USER_HOME }}/.dotfiles/bootstrap.sh"' | |
working-directory: ${{ env.NON_ADMIN_USER_HOME }} | |
- name: Run bootstrap.sh | |
run: /usr/bin/env bash -c "$(curl -fsSL $STRAP_SCRIPT_URL)" | |
- name: Rerun bootstrap.sh to test idempotence | |
run: bash "$HOME/.dotfiles/bootstrap.sh" | |
- name: Check Homebrew formulae | |
run: brew list | grep -qE "\b(bash|grep|sed)\b" | |
- name: Check Homebrew configuration | |
run: brew config | |
- name: Check for potential problems with brew doctor | |
run: brew doctor || echo "Potential problems detected. See output for details." |