From d7ccd4aaf4976acb3136973fdfd96784874597ed Mon Sep 17 00:00:00 2001 From: Carlo Cabrera <30379873+carlocab@users.noreply.github.com> Date: Sun, 29 Sep 2024 04:27:23 +0800 Subject: [PATCH] workflows: use `set -xeuo pipefail` globally This is the same change as Homebrew/brew#18369. --- .github/workflows/actionlint.yml | 7 +++++-- .github/workflows/autobump.yml | 4 ++++ .github/workflows/automerge-from-merge-queue.yml | 7 ++++--- .github/workflows/automerge-triggers.yml | 4 ++++ .github/workflows/automerge.yml | 7 ++++--- .github/workflows/cache.yml | 4 ++++ .github/workflows/clean-up-closed-prs.yml | 7 ++++--- .github/workflows/create-replacement-pr.yml | 7 ++++--- .github/workflows/dispatch-build-bottle.yml | 9 +++++---- .github/workflows/dispatch-rebottle.yml | 9 +++++---- .github/workflows/manage-pull-request-labels.yml | 4 ++++ .github/workflows/publish-commit-bottles.yml | 7 ++++--- .github/workflows/recreate-linux-runners.yml | 4 ++++ .github/workflows/remove-disabled-packages.yml | 4 ++++ .github/workflows/scheduled.yml | 4 ++++ .github/workflows/tests.yml | 8 ++++++-- .github/workflows/triage-ci.yml | 4 ++++ .github/workflows/triage.yml | 4 ++++ 18 files changed, 77 insertions(+), 27 deletions(-) diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml index 83779b952666..f91e59724b25 100644 --- a/.github/workflows/actionlint.yml +++ b/.github/workflows/actionlint.yml @@ -10,6 +10,10 @@ on: paths: - '.github/workflows/*.ya?ml' +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: "actionlint-${{ github.ref }}" cancel-in-progress: ${{ github.event_name == 'pull_request' }} @@ -35,7 +39,6 @@ jobs: test-bot: false - name: Set up actionlint - shell: bash env: HOMEBREW_TAP_REPOSITORY: ${{ steps.setup-homebrew.outputs.repository-path }} run: | @@ -48,7 +51,7 @@ jobs: # Setting `shell: /bin/bash` prevents shellcheck from running on # those steps, so let's change them to `shell: bash` for linting. - sed -i 's:/bin/bash -e {0}:bash:' .github/workflows/*.y*ml + sed -i 's|shell: /bin/bash -x|shell: bash -x|' .github/workflows/*.y*ml # The JSON matcher needs to be accessible to the container host. cp "$(brew --repository)/.github/actionlint-matcher.json" "$HOME" echo "::add-matcher::$HOME/actionlint-matcher.json" diff --git a/.github/workflows/autobump.yml b/.github/workflows/autobump.yml index b1feb9aea791..586d739322d1 100644 --- a/.github/workflows/autobump.yml +++ b/.github/workflows/autobump.yml @@ -18,6 +18,10 @@ on: permissions: contents: read +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: autobump: if: github.repository == 'Homebrew/homebrew-core' diff --git a/.github/workflows/automerge-from-merge-queue.yml b/.github/workflows/automerge-from-merge-queue.yml index e033097c9c62..6f541ab88626 100644 --- a/.github/workflows/automerge-from-merge-queue.yml +++ b/.github/workflows/automerge-from-merge-queue.yml @@ -7,6 +7,10 @@ on: types: - completed +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: automerge-merge_queue-${{ github.event.workflow_run.event }}-${{ github.event.workflow_run.id }} cancel-in-progress: true @@ -252,9 +256,6 @@ jobs: contents: read pull-requests: read actions: write # to dispatch publish workflow - defaults: - run: - shell: bash steps: - name: Set up Homebrew uses: Homebrew/actions/setup-homebrew@master diff --git a/.github/workflows/automerge-triggers.yml b/.github/workflows/automerge-triggers.yml index ddaf9f1a93c6..52c95e75b534 100644 --- a/.github/workflows/automerge-triggers.yml +++ b/.github/workflows/automerge-triggers.yml @@ -9,6 +9,10 @@ on: - unlabeled - ready_for_review +defaults: + run: + shell: bash -xeuo pipefail {0} + jobs: check: if: > diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml index 81ba319bf722..834e88f7524f 100644 --- a/.github/workflows/automerge.yml +++ b/.github/workflows/automerge.yml @@ -8,6 +8,10 @@ on: types: - completed +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: automerge-${{ github.event.workflow_run.event }}-${{ github.event.workflow_run.id }} cancel-in-progress: true @@ -182,9 +186,6 @@ jobs: contents: read pull-requests: read actions: write # to dispatch publish workflow - defaults: - run: - shell: bash steps: - name: Set up Homebrew uses: Homebrew/actions/setup-homebrew@master diff --git a/.github/workflows/cache.yml b/.github/workflows/cache.yml index 45deb4e676a3..abe489ac18b6 100644 --- a/.github/workflows/cache.yml +++ b/.github/workflows/cache.yml @@ -20,6 +20,10 @@ env: HOMEBREW_DEVELOPER: 1 HOMEBREW_NO_AUTO_UPDATE: 1 +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: cache-${{ github.event.pull_request.number }} cancel-in-progress: true diff --git a/.github/workflows/clean-up-closed-prs.yml b/.github/workflows/clean-up-closed-prs.yml index 6abe29ddba23..5411d5f69d89 100644 --- a/.github/workflows/clean-up-closed-prs.yml +++ b/.github/workflows/clean-up-closed-prs.yml @@ -5,6 +5,10 @@ on: types: - closed +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: ${{ github.workflow }}-${{ github.event.number }} cancel-in-progress: true @@ -23,9 +27,6 @@ jobs: runs-on: ubuntu-latest container: image: ghcr.io/homebrew/ubuntu22.04:master - defaults: - run: - shell: bash permissions: contents: read actions: write # for `gh run cancel` diff --git a/.github/workflows/create-replacement-pr.yml b/.github/workflows/create-replacement-pr.yml index 92e282558a37..1ba51a3b0d32 100644 --- a/.github/workflows/create-replacement-pr.yml +++ b/.github/workflows/create-replacement-pr.yml @@ -1,6 +1,10 @@ name: Create replacement pull request run-name: "Replace PR #${{ inputs.pull_request }}" +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: ${{ github.workflow }}-${{ github.event.inputs.pull_request }}-${{ github.event.inputs.upload }} cancel-in-progress: ${{ !fromJson(github.event.inputs.upload) }} @@ -56,9 +60,6 @@ jobs: repository-projects: write # for `gh pr edit` attestations: write # for actions/attest-build-provenance id-token: write # for actions/attest-build-provenance - defaults: - run: - shell: bash steps: - name: Post comment once started uses: Homebrew/actions/post-comment@master diff --git a/.github/workflows/dispatch-build-bottle.yml b/.github/workflows/dispatch-build-bottle.yml index 99b25a77b48e..1ac225eb5163 100644 --- a/.github/workflows/dispatch-build-bottle.yml +++ b/.github/workflows/dispatch-build-bottle.yml @@ -40,6 +40,10 @@ env: DISPATCH_BUILD_BOTTLE_ISSUE: ${{ inputs.issue }} DISPATCH_BUILD_BOTTLE_UPLOAD: ${{ inputs.upload }} +defaults: + run: + shell: bash -xeuo pipefail {0} + # Intentionally the same as dispatch-rebottle concurrency: bottle-${{ github.event.inputs.formula }} @@ -143,7 +147,7 @@ jobs: contents: read defaults: run: - shell: /bin/bash -e {0} + shell: /bin/bash -xeuo pipefail {0} working-directory: ${{matrix.workdir || github.workspace}} env: GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} @@ -197,9 +201,6 @@ jobs: if: inputs.upload container: image: ghcr.io/homebrew/ubuntu22.04:master - defaults: - run: - shell: bash env: HOMEBREW_SIMULATE_MACOS_ON_LINUX: 1 GH_REPO: ${{github.repository}} diff --git a/.github/workflows/dispatch-rebottle.yml b/.github/workflows/dispatch-rebottle.yml index 3523f487a6bd..3f6d4211e249 100644 --- a/.github/workflows/dispatch-rebottle.yml +++ b/.github/workflows/dispatch-rebottle.yml @@ -31,6 +31,10 @@ on: default: true required: false +defaults: + run: + shell: bash -xeuo pipefail {0} + # Intentionally the same as dispatch-build-bottle concurrency: bottle-${{ github.event.inputs.formula }} @@ -84,7 +88,7 @@ jobs: timeout-minutes: ${{fromJson(inputs.timeout)}} defaults: run: - shell: /bin/bash -e {0} + shell: /bin/bash -xeuo pipefail {0} working-directory: ${{matrix.workdir || github.workspace}} env: GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} @@ -134,9 +138,6 @@ jobs: if: inputs.upload container: image: ghcr.io/homebrew/ubuntu22.04:master - defaults: - run: - shell: bash env: HOMEBREW_SIMULATE_MACOS_ON_LINUX: 1 GH_REPO: ${{github.repository}} diff --git a/.github/workflows/manage-pull-request-labels.yml b/.github/workflows/manage-pull-request-labels.yml index e7bc0e743ec4..755ea199a470 100644 --- a/.github/workflows/manage-pull-request-labels.yml +++ b/.github/workflows/manage-pull-request-labels.yml @@ -5,6 +5,10 @@ on: types: - unlabeled +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: ${{ github.workflow }}-${{ github.event.number }}-${{ github.event.label.name }} cancel-in-progress: true diff --git a/.github/workflows/publish-commit-bottles.yml b/.github/workflows/publish-commit-bottles.yml index e4c2195ffabf..d794f7a0b68e 100644 --- a/.github/workflows/publish-commit-bottles.yml +++ b/.github/workflows/publish-commit-bottles.yml @@ -32,6 +32,10 @@ on: description: "Message to include when autosquashing revision bumps, deletions, and rebuilds (requires autosquash)" required: false +defaults: + run: + shell: bash -xeuo pipefail {0} + env: PR: ${{inputs.pull_request}} INPUT_MESSAGE: ${{ inputs.message }} @@ -251,9 +255,6 @@ jobs: actions: read # for `brew pr-pull` pull-requests: write # for `gh pr edit|review` repository-projects: write # for `gh pr edit` - defaults: - run: - shell: bash steps: - name: Post comment once started uses: Homebrew/actions/post-comment@master diff --git a/.github/workflows/recreate-linux-runners.yml b/.github/workflows/recreate-linux-runners.yml index 2d7674aa2429..c8b899285ae8 100644 --- a/.github/workflows/recreate-linux-runners.yml +++ b/.github/workflows/recreate-linux-runners.yml @@ -11,6 +11,10 @@ on: types: - completed +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: recreate-linux-runners-${{ github.event.workflow_run.id || github.ref }} cancel-in-progress: true diff --git a/.github/workflows/remove-disabled-packages.yml b/.github/workflows/remove-disabled-packages.yml index ccac6d0ba908..0a4b8d096925 100644 --- a/.github/workflows/remove-disabled-packages.yml +++ b/.github/workflows/remove-disabled-packages.yml @@ -13,6 +13,10 @@ on: env: RUN_URL: ${{github.event.repository.html_url}}/actions/runs/${{github.run_id}} +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: remove-disabled-packages cancel-in-progress: true diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml index ac7194931e93..cca5902e7415 100644 --- a/.github/workflows/scheduled.yml +++ b/.github/workflows/scheduled.yml @@ -10,6 +10,10 @@ on: # Once every day at 1AM - cron: "0 1 * * *" +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: scheduled cancel-in-progress: true diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 287f01998fc3..8a34d913ee31 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -20,6 +20,10 @@ env: GH_PROMPT_DISABLED: 1 SCRIPTS_PATH: .github/workflows/scripts +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: "tests-${{ github.ref }}" cancel-in-progress: ${{ github.event_name == 'pull_request' }} @@ -213,7 +217,7 @@ jobs: timeout-minutes: ${{ matrix.timeout }} defaults: run: - shell: /bin/bash -e {0} + shell: /bin/bash -xeuo pipefail {0} working-directory: ${{matrix.workdir || github.workspace}} env: GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} @@ -332,7 +336,7 @@ jobs: timeout-minutes: ${{ matrix.timeout }} defaults: run: - shell: /bin/bash -e {0} + shell: /bin/bash -xeuo pipefail {0} working-directory: ${{matrix.workdir || github.workspace}} env: GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} diff --git a/.github/workflows/triage-ci.yml b/.github/workflows/triage-ci.yml index 0ada758ff311..d429254fcf0e 100644 --- a/.github/workflows/triage-ci.yml +++ b/.github/workflows/triage-ci.yml @@ -7,6 +7,10 @@ on: types: - completed +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: triage-ci-${{ github.event.workflow_run.event }}-${{ github.event.workflow_run.id }} cancel-in-progress: true diff --git a/.github/workflows/triage.yml b/.github/workflows/triage.yml index e8c264382426..46a364aa23dd 100644 --- a/.github/workflows/triage.yml +++ b/.github/workflows/triage.yml @@ -7,6 +7,10 @@ env: GH_NO_UPDATE_NOTIFIER: 1 GH_PROMPT_DISABLED: 1 +defaults: + run: + shell: bash -xeuo pipefail {0} + concurrency: group: "triage-${{ github.event.number }}" cancel-in-progress: true