refactor(workflows): switch to re-usable GitHub Actions workflows

This makes the workflow setup more flexible, and less copy/pasting between workflows. And also makes the process of adding nightly builds for non-master branches easier too.
2026-02-19 08:26:40 +00:00 · 2021-10-11 00:03:33 +01:00
parent 1f67047d8d
commit 2c06f2c0c8
5 changed files with 321 additions and 309 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -1,206 +1,67 @@
 ---
 name: Build
 on:
-  schedule:
-    - cron: "0 0 * * *"
  workflow_dispatch:
    inputs:
-      gitRef:
-        description: "Emacs git ref to build"
+      git_ref:
+        description: Emacs git ref to build
        required: true
        default: "master"
-      extraPlanArgs:
-        description: "Extra plan args"
+      git_sha:
+        description: Override Emacs git commit SHA to build
+        required: false
+      builder_ref:
+        description: "Git ref to checkout of build-emacs-for-macos"
+        required: true
+        default: "master"
+      os:
+        description: 'Runner OS ("macos-10.15" or "macos-11")'
+        required: true
+        default: "macos-10.15"
+      test_build_name:
+        description: "Test build name"
        required: false
        default: ""
-      extraCheckArgs:
-        description: "Extra check args"
-        required: false
-        default: ""
-      extraBuildArgs:
-        description: "Extra build args"
-        required: false
-        default: ""
-      extraPackageArgs:
-        description: "Extra package args"
-        required: false
-        default: ""
-      extraReleaseArgs:
-        description: "Extra release args"
+      test_release_type:
+        description: "prerelease or draft"
        required: false
        default: ""

 jobs:
-  plan:
-    runs-on: macos-10.15
-    outputs:
-      check: "${{ steps.check.outcome }}"
-    steps:
-      - name: Checkout build-emacs-for-macos repo
-        uses: actions/checkout@v2
-        with:
-          repository: jimeh/build-emacs-for-macos
-          ref: "v0.6.15"
-          path: builder
-      - uses: actions/setup-go@v2
-        with:
-          go-version: 1.16
-      - uses: actions/cache@v2
-        id: builder-cache
-        with:
-          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go-${{ hashFiles('builder/**/go.sum') }}
-          restore-keys: ${{ runner.os }}-go-
-      - name: Pre-build emacs-builder tool
-        run: make build
-        working-directory: builder
-      - name: Plan build
-        run: >-
-          builder/bin/emacs-builder -l debug plan
-          --output build-plan.yml
-          --output-dir '${{ github.workspace }}/builds'
-          ${{ github.event.inputs.extraPlanArgs }}
-          '${{ github.event.inputs.gitRef }}'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: Show plan
-        run: cat build-plan.yml
-      - name: Check if planned release and asset already exist
-        id: check
-        continue-on-error: true
-        run: >-
-          builder/bin/emacs-builder -l debug release --plan build-plan.yml check
-          ${{ github.event.inputs.extraCheckArgs }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: Upload pre-built emacs-builder artifact
-        uses: actions/upload-artifact@v2
-        with:
-          name: emacs-builder
-          path: builder/bin/emacs-builder
-          if-no-files-found: error
-      - name: Upload build-plan.yml artifact
-        uses: actions/upload-artifact@v2
-        with:
-          name: build-plan.yml
-          path: build-plan.yml
-          if-no-files-found: error
+  prepare:
+    name: Prepare
+    uses: jimeh/emacs-builds/.github/workflows/_prepare.yml@main
+    with:
+      builder_ref: ${{ github.event.inputs.builder_ref }}
+    secrets:
+      TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }}

  build:
-    runs-on: macos-10.15
-    needs: [plan]
-    # Only run if check for existing release and asset failed.
-    if: ${{ needs.plan.outputs.check == 'failure' }}
-    steps:
-      - name: Checkout build-emacs-for-macos repo
-        uses: actions/checkout@v2
-        with:
-          repository: jimeh/build-emacs-for-macos
-          ref: "v0.6.15"
-          path: builder
-      - uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: 2.7
-      - name: Install dependencies
-        run: make bootstrap-ci
-        working-directory: builder
-      - name: Download pre-built emacs-builder artifact
-        uses: actions/download-artifact@v2
-        id: builder
-        with:
-          name: emacs-builder
-          path: bin
-      - name: Ensure emacs-builder is executable
-        run: chmod +x bin/emacs-builder
-      - name: Download build-plan.yml artifact
-        uses: actions/download-artifact@v2
-        id: plan
-        with:
-          name: build-plan.yml
-          path: ./
-      - name: Build Emacs
-        run: >-
-          ./builder/build-emacs-for-macos --plan build-plan.yml
-          --no-relink-eln-files --native-full-aot --no-archive
-          ${{ github.event.inputs.extraBuildArgs }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: Install the Apple signing certificate
-        run: |
-          # create variables
-          CERTIFICATE_PATH="$RUNNER_TEMP/build_certificate.p12"
-          KEYCHAIN_PATH="$RUNNER_TEMP/app-signing.keychain-db"
-
-          # import certificate and provisioning profile from secrets
-          echo -n "$CERT_BASE64" | base64 --decode --output "$CERTIFICATE_PATH"
-
-          # create temporary keychain
-          security create-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
-          security set-keychain-settings -lut 21600 "$KEYCHAIN_PATH"
-          security unlock-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
-
-          # import certificate to keychain
-          security import "$CERTIFICATE_PATH" -P "$CERT_PASSWORD" -A \
-            -t cert -f pkcs12 -k "$KEYCHAIN_PATH"
-          security list-keychain -d user -s "$KEYCHAIN_PATH"
-        env:
-          CERT_BASE64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }}
-          CERT_PASSWORD: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }}
-          KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
-      - name: Sign, package and notarize build
-        run: >-
-          bin/emacs-builder -l debug package -v --plan build-plan.yml
-          --sign --remove-source-dir
-          ${{ github.event.inputs.extraPackageArgs }}
-        env:
-          AC_USERNAME: ${{ secrets.AC_USERNAME }}
-          AC_PASSWORD: ${{ secrets.AC_PASSWORD }}
-          AC_PROVIDER: ${{ secrets.AC_PROVIDER }}
-          AC_SIGN_IDENTITY: ${{ secrets.AC_SIGN_IDENTITY }}
-      - name: Upload disk image artifacts
-        uses: actions/upload-artifact@v2
-        with:
-          name: dmg
-          path: |
-            builds/*.dmg
-            builds/*.sha*
-          if-no-files-found: error
-      - name: Clean up keychain used for signing certificate
-        if: ${{ always() }}
-        run: |
-          security delete-keychain "$RUNNER_TEMP/app-signing.keychain-db"
+    name: Build
+    needs: [prepare]
+    uses: jimeh/emacs-builds/.github/workflows/_build.yml@main
+    with:
+      os: macos-10.15
+      git_ref: ${{ github.event.inputs.git_ref }}
+      git_sha: ${{ github.event.inputs.git_sha }}
+      test_build_name: ${{ github.event.inputs.test_build_name }}
+      test_release_type: ${{ github.event.inputs.test_release_type }}
+    secrets:
+      APPLE_DEVELOPER_CERTIFICATE_P12_BASE64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }}
+      APPLE_DEVELOPER_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }}
+      KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
+      AC_USERNAME: ${{ secrets.AC_USERNAME }}
+      AC_PASSWORD: ${{ secrets.AC_PASSWORD }}
+      AC_PROVIDER: ${{ secrets.AC_PROVIDER }}
+      AC_SIGN_IDENTITY: ${{ secrets.AC_SIGN_IDENTITY }}
+      TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }}

  release:
-    runs-on: macos-10.15
+    name: Release
    needs: [build]
-    steps:
-      - name: Download pre-built emacs-builder artifact
-        uses: actions/download-artifact@v2
-        id: builder
-        with:
-          name: emacs-builder
-          path: bin
-      - name: Ensure emacs-builder is executable
-        run: chmod +x bin/emacs-builder
-      - name: Download build-plan.yml artifact
-        uses: actions/download-artifact@v2
-        id: plan
-        with:
-          name: build-plan.yml
-          path: ./
-      - name: Download disk image artifact
-        uses: actions/download-artifact@v2
-        with:
-          name: dmg
-          path: builds
-      - name: Publish disk image to a GitHub Release
-        run: >-
-          bin/emacs-builder -l debug release --plan build-plan.yml publish
-          ${{ github.event.inputs.extraReleaseArgs }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: Trigger update casks workflow in homebrew tap
-        run: >-
-          gh workflow run --repo jimeh/homebrew-emacs-builds update-casks.yml
-        env:
-          GITHUB_TOKEN: ${{ secrets.TAP_REPO_TOKEN }}
+    uses: jimeh/emacs-builds/.github/workflows/_release.yml@main
+    with:
+      plan_artifact: big-sur_build-plan.yml
+      dmg_artifact: dmg
+    secrets:
+      TAP_REPO_TOKEN: ${{ secrets.TAP_REPO_TOKEN }}