Skip to content

ci

ci #395

Workflow file for this run

name: ci
on:
pull_request:
push:
branches: [main]
workflow_dispatch:
jobs:
check:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [macos-14, ubuntu-latest]
steps:
- name: Add Homebrew to $PATH
if: runner.os == 'Linux'
run: |
# mitigate https://github.com/actions/runner-images/issues/6283
echo "/home/linuxbrew/.linuxbrew/bin:/home/linuxbrew/.linuxbrew/sbin" >>"$GITHUB_PATH"
- uses: actions/checkout@v4
- name: Install Prettier
run: npm i -g prettier@'^3'
- name: Check web code formatting with Prettier
run: prettier --check .
- name: Install formatters with Homebrew
run: brew install shfmt taplo
- name: Check shell script formatting with shfmt
run: shfmt -d -i 2 .
- name: Install ShellCheck (https://github.com/koalaman/shellcheck) on macOS
if: runner.os == 'macOS'
run: brew install bash shellcheck
- name: Check shell script formatting with ShellCheck
run: |
shopt -s globstar nullglob
set -- **/*.{sh,bash}
if [ -n "$1" ]; then
echo "Checking $@"
shellcheck "$@"
else
echo "No shell scripts for ShellCheck to check."
fi
shell: bash
env:
SHELLCHECK_OPTS: -e SC1071 -e SC1090 -e SC1091
- name: Check TOML formatting with Taplo
run: |
taplo check .taplo.toml
taplo check --schema https://starship.rs/config-schema.json .config/starship.toml
taplo fmt --check **/*.toml
test:
if: github.event_name != 'push'
needs: [check]
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [macos-14, ubuntu-latest]
timeout-minutes: 100
env:
STRAP_CI: 1
STRAP_DEBUG: 1
STRAP_DOTFILES_BRANCH: ${{ github.ref }}
STRAP_GIT_EMAIL: [email protected]
STRAP_GIT_NAME: GitHub Actions
STRAP_GITHUB_USER: br3ndonland
steps:
- name: Add Homebrew to $PATH
if: runner.os == 'Linux'
run: |
# mitigate https://github.com/actions/runner-images/issues/6283
echo "/home/linuxbrew/.linuxbrew/bin:/home/linuxbrew/.linuxbrew/sbin" >>"$GITHUB_PATH"
- name: Clean up Homebrew
run: |
type brew &>/dev/null && brew test-bot --only-cleanup-before ||
echo "Homebrew not found."
- name: Clean up macOS
if: runner.os == 'macOS'
run: |
sudo rm -rf /usr/local/Caskroom /usr/local/Homebrew /usr/local/bin/brew \
/usr/local/.??* /Applications/Xcode.app /Library/Developer/CommandLineTools
- name: Enable passwordless sudo commands on macOS runners
if: runner.os == 'macOS'
run: |
# mitigate https://github.com/actions/runner-images/issues/10484
sudo sed -i '' 's/%admin ALL = (ALL) ALL/%admin ALL = (ALL) NOPASSWD: ALL/g' /etc/sudoers
sudo -v
- name: Create a non-admin user account
run: |
username=standard-user
if ${{ runner.os == 'Linux' }}; then
sudo adduser --disabled-password --gecos "" "$username"
home_prefix=/home
elif ${{ runner.os == 'macOS' }}; then
sudo sysadminctl -addUser "$username"
sudo passwd -u "$username"
sudo dseditgroup -o edit -d "$username" -t user admin
home_prefix=/Users
sudo dscl . -create "$home_prefix/$username" NFSHomeDirectory "$home_prefix/$username"
fi
echo "NON_ADMIN_USER=$username" >>"$GITHUB_ENV"
echo "NON_ADMIN_USER_HOME=$home_prefix/$username" >>"$GITHUB_ENV"
- name: Set bootstrap script URL
run: |
STRAP_SCRIPT_URL="https://raw.githubusercontent.com/$STRAP_GITHUB_USER/dotfiles/$STRAP_DOTFILES_BRANCH/bootstrap.sh"
echo "STRAP_SCRIPT_URL=$STRAP_SCRIPT_URL"
echo "STRAP_SCRIPT_URL=$STRAP_SCRIPT_URL" >>"$GITHUB_ENV"
- name: >
Run bootstrap.sh with a non-admin non-sudo user without Homebrew installed
(Homebrew installation requires sudo)
id: bootstrap-non-admin-non-sudo
run: |
sudo \
--preserve-env=STRAP_CI,STRAP_DEBUG,STRAP_DOTFILES_BRANCH,STRAP_GIT_EMAIL,STRAP_GIT_NAME,STRAP_GITHUB_USER,STRAP_SCRIPT_URL \
-u "$NON_ADMIN_USER" bash -c '/usr/bin/env bash -c "$(curl -fsSL ${{ env.STRAP_SCRIPT_URL }})"'
working-directory: ${{ env.NON_ADMIN_USER_HOME }}
- name: Update non-admin user account with sudo permissions
run: |
SUDOERS_FILE="/etc/sudoers.d/$NON_ADMIN_USER"
echo "$NON_ADMIN_USER ALL=(ALL) NOPASSWD:ALL" | sudo tee "$SUDOERS_FILE"
sudo chmod 0440 "$SUDOERS_FILE"
- name: Run bootstrap.sh with a non-admin sudo user without Homebrew installed
run: |
sudo \
--preserve-env=STRAP_CI,STRAP_DEBUG,STRAP_DOTFILES_BRANCH,STRAP_GIT_EMAIL,STRAP_GIT_NAME,STRAP_GITHUB_USER,STRAP_SCRIPT_URL \
-u "$NON_ADMIN_USER" bash -c '/usr/bin/env bash -c "$(curl -fsSL ${{ env.STRAP_SCRIPT_URL }})"'
working-directory: ${{ env.NON_ADMIN_USER_HOME }}
- name: Rerun bootstrap.sh with a non-admin sudo user after Homebrew has been installed
run: |
sudo \
--preserve-env=STRAP_CI,STRAP_DEBUG,STRAP_DOTFILES_BRANCH,STRAP_GIT_EMAIL,STRAP_GIT_NAME,STRAP_GITHUB_USER,STRAP_SCRIPT_URL \
-u "$NON_ADMIN_USER" bash -c '/usr/bin/env bash "${{ env.NON_ADMIN_USER_HOME }}/.dotfiles/bootstrap.sh"'
working-directory: ${{ env.NON_ADMIN_USER_HOME }}
- name: Run bootstrap.sh
run: /usr/bin/env bash -c "$(curl -fsSL $STRAP_SCRIPT_URL)"
- name: Rerun bootstrap.sh to test idempotence
run: bash "$HOME/.dotfiles/bootstrap.sh"
- name: Check Homebrew formulae
run: brew list | grep -qE "\b(bash|grep|sed)\b"
- name: Check Homebrew configuration
run: brew config
- name: Check for potential problems with brew doctor
run: brew doctor || echo "Potential problems detected. See output for details."