ci(publish): wire Scoop bucket + Homebrew tap jobs (D3 §3b/§3c)
Add sibling publish.yaml jobs (scoop-bucket, homebrew-tap) that render a manifest from the release .sha256 sidecars and idempotently push it to the org-level lazyeval/scoop-bucket and lazyeval/homebrew-tap repos, using the scoped lazyeval-ci bot token (LAZYEVAL_PKG_TOKEN). Render logic lives in dependency-free bash (the CI image has no jq/ruby): scripts/render-scoop-manifest.sh and scripts/render-homebrew-formula.sh. scripts/test-package-renders.sh exercises both: it validates the Scoop JSON with node and asserts fields on both manifests, and additionally runs `ruby -c` on the formula where ruby is present (dev box), skipping it gracefully otherwise. A new ci.yaml `manifests` job runs that test on every push so a render regression surfaces immediately, not at the next manual publish dispatch. The CI image has no ruby, so in CI the gate covers the Scoop JSON (node) and field assertions for both manifests; the formula's Ruby syntax is checked dev-side only (the static heredoc's variable parts cannot introduce syntax errors). - Scoop: x64 (gnu) + arm64 (gnullvm); #/-rename fragment so the bin shim is version-stable; checkver, no autoupdate (the pipeline is the updater). - Homebrew: on_macos/on_linux x arch bare-binary formula; no Windows. Docs: ADR-0056 Amendment 2 (+ README index, requirements D3). Unverified pending real use: scoop/brew install, the HEAD:main branch assumption, macOS Gatekeeper-via-brew on the ad-hoc-signed binary.
This commit is contained in:
claude@clouddev1
@@ -6,6 +6,11 @@
|
||||
# was enabled once the tree was reformatted on main (ADR-ci-002 Amendment 1 /
|
||||
# issue #35). The release job (static binary for D2) and the platform matrix
|
||||
# layer on later, step by step.
|
||||
#
|
||||
# A separate, lightweight `manifests` job logic-tests the package-manifest
|
||||
# render scripts (Scoop/Homebrew) used by publish.yaml — bash + node only, no
|
||||
# toolchain — so a render regression surfaces on the breaking push rather than
|
||||
# weeks later at the next manual publish dispatch (ADR-0056 Amendment 2).
|
||||
name: ci
|
||||
on:
|
||||
push:
|
||||
@@ -46,3 +51,21 @@ jobs:
|
||||
run: nix develop -c cargo clippy --all-targets -- -D warnings
|
||||
- name: test
|
||||
run: nix develop -c cargo test --no-fail-fast
|
||||
|
||||
# Logic test for the package-manifest render scripts. Renders with DUMMY
|
||||
# inputs and validates the output — it never publishes or touches the lazyeval
|
||||
# repos (that is publish.yaml's manual job). Runs on the same image but skips
|
||||
# nix: it needs only bash + node, both in the base image.
|
||||
#
|
||||
# NOTE: the CI image has no ruby, so the script's `ruby -c` formula syntax
|
||||
# check is skipped here (it degrades gracefully); the Scoop JSON is still
|
||||
# validated with node and both manifests' fields are asserted. Full formula
|
||||
# syntax is checked dev-side (ruby present) on every pre-commit local run.
|
||||
manifests:
|
||||
runs-on: ci-public
|
||||
container:
|
||||
image: git.lazyeval.net/oli/rdbms-playground-ci:latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- name: render-script tests (Scoop + Homebrew)
|
||||
run: bash scripts/test-package-renders.sh
|
||||
|
||||
Reference in New Issue
Block a user