From 50f4e213504a4cbc670ed0f8c44949d37c05550a Mon Sep 17 00:00:00 2001 From: Carlo Cabrera <30379873+carlocab@users.noreply.github.com> Date: Sat, 21 Sep 2024 03:07:03 +0800 Subject: [PATCH] workflows: use `set -xeuo pipefail` globally This makes it easier to avoid subtle shell script bugs. --- .github/workflows/actionlint.yml | 4 ++++ .github/workflows/autogenerated-files.yml | 4 ++++ .github/workflows/codeql-analysis.yml | 4 ++++ .github/workflows/docker.yml | 4 ++++ .github/workflows/docs.yml | 6 ++++-- .github/workflows/doctor.yml | 7 +++++++ .github/workflows/pkg-installer.yml | 5 +++++ .github/workflows/rubydoc.yml | 4 ++++ .github/workflows/schemas.yml | 4 ++++ .github/workflows/sorbet.yml | 4 ++++ .github/workflows/spdx.yml | 4 ++++ .github/workflows/sponsors-maintainers-man-completions.yml | 4 ++++ .github/workflows/stale-issues.yml | 4 ++++ .github/workflows/tests.yml | 4 ++++ .github/workflows/vendor-gems.yml | 4 ++++ .github/workflows/vendor-version.yml | 4 ++++ 16 files changed, 68 insertions(+), 2 deletions(-) diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml index 08a070c6aec4ba..3be5a69e57e132 100644 --- a/.github/workflows/actionlint.yml +++ b/.github/workflows/actionlint.yml @@ -18,6 +18,10 @@ env: HOMEBREW_NO_AUTO_UPDATE: 1 HOMEBREW_NO_ENV_HINTS: 1 +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: "actionlint-${{ github.ref }}" cancel-in-progress: ${{ github.event_name == 'pull_request' }} diff --git a/.github/workflows/autogenerated-files.yml b/.github/workflows/autogenerated-files.yml index 1689fdc7f41b1e..ed9ba98e3f7609 100644 --- a/.github/workflows/autogenerated-files.yml +++ b/.github/workflows/autogenerated-files.yml @@ -16,6 +16,10 @@ env: HOMEBREW_DEVELOPER: 1 HOMEBREW_NO_AUTO_UPDATE: 1 +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: autogenerated: runs-on: ubuntu-22.04 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index f31d643a9df21a..f0a83806bfcd63 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -8,6 +8,10 @@ on: branches: - master +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: analyze: name: Analyze diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index d5595a76bc5c2e..1f2d72da7653eb 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -13,6 +13,10 @@ on: permissions: contents: read +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: ubuntu: if: github.repository_owner == 'Homebrew' diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 40898756ea65cf..c78d236893d524 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -17,6 +17,10 @@ env: HOMEBREW_BOOTSNAP: 1 HOMEBREW_NO_INSTALL_CLEANUP: 1 +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: docs: runs-on: ubuntu-22.04 @@ -38,8 +42,6 @@ jobs: - name: Cleanup Homebrew/brew docs if: github.repository == 'Homebrew/brew' run: | - set -xeuo pipefail - # Avoid failing on broken symlinks. rm Library/Homebrew/os/mac/pkgconfig/fuse/fuse.pc rm Library/Homebrew/os/mac/pkgconfig/fuse/osxfuse.pc diff --git a/.github/workflows/doctor.yml b/.github/workflows/doctor.yml index 7a260e7cff58ed..169d58de151634 100644 --- a/.github/workflows/doctor.yml +++ b/.github/workflows/doctor.yml @@ -8,11 +8,18 @@ on: - Library/Homebrew/extend/os/diagnostic.rb - Library/Homebrew/extend/os/mac/diagnostic.rb - Library/Homebrew/os/mac/xcode.rb + permissions: contents: read + env: HOMEBREW_DEVELOPER: 1 HOMEBREW_NO_AUTO_UPDATE: 1 + +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: determine-runners: runs-on: ubuntu-22.04 diff --git a/.github/workflows/pkg-installer.yml b/.github/workflows/pkg-installer.yml index 0af9241994162d..e2857ca9d2a91a 100644 --- a/.github/workflows/pkg-installer.yml +++ b/.github/workflows/pkg-installer.yml @@ -15,6 +15,11 @@ env: PKG_APPLE_DEVELOPER_TEAM_ID: ${{ secrets.PKG_APPLE_DEVELOPER_TEAM_ID }} HOMEBREW_NO_ANALYTICS_THIS_RUN: 1 HOMEBREW_NO_ANALYTICS_MESSAGE_OUTPUT: 1 + +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: build: if: github.repository_owner == 'Homebrew' && github.actor != 'dependabot[bot]' diff --git a/.github/workflows/rubydoc.yml b/.github/workflows/rubydoc.yml index 80a7e1cc766e17..771d69d6e65024 100644 --- a/.github/workflows/rubydoc.yml +++ b/.github/workflows/rubydoc.yml @@ -16,6 +16,10 @@ env: HOMEBREW_BOOTSNAP: 1 HOMEBREW_NO_INSTALL_CLEANUP: 1 +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: rubydoc: if: github.repository == 'Homebrew/brew' diff --git a/.github/workflows/schemas.yml b/.github/workflows/schemas.yml index 8a3d2d5c023e27..3afa4c9d072e60 100644 --- a/.github/workflows/schemas.yml +++ b/.github/workflows/schemas.yml @@ -12,6 +12,10 @@ on: permissions: contents: read +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: spdx: if: github.repository == 'Homebrew/brew' diff --git a/.github/workflows/sorbet.yml b/.github/workflows/sorbet.yml index 34873deceab40f..cbc9f9256581a2 100644 --- a/.github/workflows/sorbet.yml +++ b/.github/workflows/sorbet.yml @@ -18,6 +18,10 @@ on: permissions: contents: read +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: tapioca: if: github.repository == 'Homebrew/brew' diff --git a/.github/workflows/spdx.yml b/.github/workflows/spdx.yml index 399084795a47cc..2b61db8899c2c1 100644 --- a/.github/workflows/spdx.yml +++ b/.github/workflows/spdx.yml @@ -12,6 +12,10 @@ on: permissions: contents: read +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: spdx: if: github.repository == 'Homebrew/brew' diff --git a/.github/workflows/sponsors-maintainers-man-completions.yml b/.github/workflows/sponsors-maintainers-man-completions.yml index f891e5c140e78f..173bd6c46261d3 100644 --- a/.github/workflows/sponsors-maintainers-man-completions.yml +++ b/.github/workflows/sponsors-maintainers-man-completions.yml @@ -21,6 +21,10 @@ on: permissions: contents: read +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: updates: runs-on: ubuntu-22.04 diff --git a/.github/workflows/stale-issues.yml b/.github/workflows/stale-issues.yml index e38e019ae995de..111de4bd0eaef8 100644 --- a/.github/workflows/stale-issues.yml +++ b/.github/workflows/stale-issues.yml @@ -17,6 +17,10 @@ permissions: issues: write pull-requests: write +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: stale-issues cancel-in-progress: ${{ github.event_name != 'issue_comment' }} diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 33c91bc00abaa5..8846b7e6ab4f9d 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -18,6 +18,10 @@ env: HOMEBREW_NO_INSTALL_CLEANUP: 1 HOMEBREW_VERIFY_ATTESTATIONS: 1 +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: "${{ github.ref }}" cancel-in-progress: ${{ github.event_name == 'pull_request' }} diff --git a/.github/workflows/vendor-gems.yml b/.github/workflows/vendor-gems.yml index 61a5822879f3dc..ef9cdc33e8f297 100644 --- a/.github/workflows/vendor-gems.yml +++ b/.github/workflows/vendor-gems.yml @@ -20,6 +20,10 @@ permissions: contents: read pull-requests: read +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: vendor-gems: if: github.repository_owner == 'Homebrew' diff --git a/.github/workflows/vendor-version.yml b/.github/workflows/vendor-version.yml index eb4808870c3647..25d9458e2bc0ea 100644 --- a/.github/workflows/vendor-version.yml +++ b/.github/workflows/vendor-version.yml @@ -9,6 +9,10 @@ on: permissions: contents: read +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: check-vendor-version: runs-on: ubuntu-22.04