From c678d71cfe786ff75cc44329b4ece21d1b4952ed Mon Sep 17 00:00:00 2001 From: William Woodruff Date: Tue, 7 May 2024 17:43:40 -0400 Subject: [PATCH] publish-commit-bottles: refactor to avoid retry Signed-off-by: William Woodruff --- .github/workflows/publish-commit-bottles.yml | 34 +++++++++++--------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/.github/workflows/publish-commit-bottles.yml b/.github/workflows/publish-commit-bottles.yml index 5b510ff2bfbd7..5569215f7c905 100644 --- a/.github/workflows/publish-commit-bottles.yml +++ b/.github/workflows/publish-commit-bottles.yml @@ -289,15 +289,13 @@ jobs: GH_TOKEN: ${{secrets.GITHUB_TOKEN}} run: gh pr checkout "$PR" - - name: Pull and upload bottles to GitHub Packages + - name: Pull PR bottles id: pr-pull working-directory: ${{steps.set-up-homebrew.outputs.repository-path}} env: BREWTESTBOT_NAME_EMAIL: "BrewTestBot <1589480+BrewTestBot@users.noreply.github.com>" HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} HOMEBREW_GITHUB_API_TOKEN: ${{secrets.HOMEBREW_CORE_PUBLIC_REPO_EMAIL_TOKEN}} - HOMEBREW_GITHUB_PACKAGES_USER: brewtestbot - HOMEBREW_GITHUB_PACKAGES_TOKEN: ${{secrets.HOMEBREW_CORE_GITHUB_PACKAGES_TOKEN}} EXPECTED_SHA: ${{needs.check.outputs.head_sha}} LARGE_RUNNER: ${{inputs.large_runner}} run: | @@ -323,6 +321,7 @@ jobs: # Don't quote arguments that might be empty; this causes errors. brew pr-pull \ + --no-upload \ --debug \ --clean \ --no-cherry-pick \ @@ -337,23 +336,26 @@ jobs: echo "head_sha=$(git rev-parse HEAD)" >> "$GITHUB_OUTPUT" - name: Generate build provenance - # GitHub Attestations are still in early public access, and we've seen - # some sporadic errors when generating attestations. - # Rather than fail outright, we allow this step to fail and fall - # through to a last-ditch retry below. Longer term, we should put this - # above the 'pr-pull' step, which should be split into separate 'pull' - # and 'push to GitHub Packages' phases. - continue-on-error: true - id: first-attestation-attempt uses: actions/attest-build-provenance@v1 with: subject-path: '${{steps.pr-pull.outputs.bottle_path}}/*.tar.gz' - - name: Generate build provenance (last ditch) - if: always() && steps.first-attestation-attempt.outcome == 'failure' - uses: actions/attest-build-provenance@v1 - with: - subject-path: '${{steps.pr-pull.outputs.bottle_path}}/*.tar.gz' + - name: Upload bottles to GitHub Packages + id: pr-upload + working-directory: ${{steps.set-up-homebrew.outputs.repository-path}} + env: + BREWTESTBOT_NAME_EMAIL: "BrewTestBot <1589480+BrewTestBot@users.noreply.github.com>" + HOMEBREW_GITHUB_API_TOKEN: ${{secrets.HOMEBREW_CORE_PUBLIC_REPO_EMAIL_TOKEN}} + HOMEBREW_GITHUB_PACKAGES_USER: brewtestbot + HOMEBREW_GITHUB_PACKAGES_TOKEN: ${{secrets.HOMEBREW_CORE_GITHUB_PACKAGES_TOKEN}} + run: | + # Don't quote arguments that might be empty; this causes errors. + brew pr-upload \ + --debug \ + --committer="$BREWTESTBOT_NAME_EMAIL" \ + --root-url="https://ghcr.io/v2/homebrew/core" \ + ${{inputs.warn_on_upload_failure && '--warn-on-upload-failure' || ''}} \ + "$PR" - name: Push commits uses: Homebrew/actions/git-try-push@master