From a2a9ef0249a666bd0f2ef51c400ddbfa5916ea98 Mon Sep 17 00:00:00 2001 From: bybrooklyn Date: Mon, 2 Mar 2026 16:40:29 -0500 Subject: [PATCH] rc: harden release automation and public install docs --- .github/workflows/aur-publish.yml | 69 +++++++++++++++++++------------ .github/workflows/ci.yml | 48 +++++++++++++++++++++ .github/workflows/release.yml | 10 +++++ README.md | 19 +++++++++ sdk/README.md | 12 +++++- 5 files changed, 130 insertions(+), 28 deletions(-) diff --git a/.github/workflows/aur-publish.yml b/.github/workflows/aur-publish.yml index 964a511..c621009 100644 --- a/.github/workflows/aur-publish.yml +++ b/.github/workflows/aur-publish.yml @@ -95,36 +95,51 @@ jobs: chmod 600 ~/.ssh/aur ssh-keyscan -H aur.archlinux.org >> ~/.ssh/known_hosts - - name: Publish openbitdo + - name: Publish openbitdo and openbitdo-bin env: GIT_SSH_COMMAND: ssh -i ~/.ssh/aur AUR_USER: ${{ secrets.AUR_USERNAME }} run: | set -euo pipefail - TMP="$(mktemp -d)" - git clone "ssh://${AUR_USER}@aur.archlinux.org/openbitdo.git" "$TMP/openbitdo" - cp /tmp/release-metadata/aur/openbitdo/PKGBUILD "$TMP/openbitdo/PKGBUILD" - cp /tmp/release-metadata/aur/openbitdo/.SRCINFO "$TMP/openbitdo/.SRCINFO" - cd "$TMP/openbitdo" - git config user.name "openbitdo-ci" - git config user.email "actions@users.noreply.github.com" - git add PKGBUILD .SRCINFO - git commit -m "Update openbitdo package for ${TAG}" || exit 0 - git push + publish_pkg() { + local pkg="$1" + local remote="ssh://${AUR_USER}@aur.archlinux.org/${pkg}.git" + local tmp_root + local workdir - - name: Publish openbitdo-bin - env: - GIT_SSH_COMMAND: ssh -i ~/.ssh/aur - AUR_USER: ${{ secrets.AUR_USERNAME }} - run: | - set -euo pipefail - TMP="$(mktemp -d)" - git clone "ssh://${AUR_USER}@aur.archlinux.org/openbitdo-bin.git" "$TMP/openbitdo-bin" - cp /tmp/release-metadata/aur/openbitdo-bin/PKGBUILD "$TMP/openbitdo-bin/PKGBUILD" - cp /tmp/release-metadata/aur/openbitdo-bin/.SRCINFO "$TMP/openbitdo-bin/.SRCINFO" - cd "$TMP/openbitdo-bin" - git config user.name "openbitdo-ci" - git config user.email "actions@users.noreply.github.com" - git add PKGBUILD .SRCINFO - git commit -m "Update openbitdo-bin package for ${TAG}" || exit 0 - git push + tmp_root="$(mktemp -d)" + workdir="${tmp_root}/${pkg}" + + if git clone "$remote" "$workdir"; then + echo "${pkg}: updated-existing" + else + echo "${pkg}: bootstrap-created" + mkdir -p "$workdir" + cd "$workdir" + git init + git remote add origin "$remote" + fi + + cp "/tmp/release-metadata/aur/${pkg}/PKGBUILD" "${workdir}/PKGBUILD" + cp "/tmp/release-metadata/aur/${pkg}/.SRCINFO" "${workdir}/.SRCINFO" + + cd "$workdir" + git config user.name "openbitdo-ci" + git config user.email "actions@users.noreply.github.com" + git add PKGBUILD .SRCINFO + + if git diff --cached --quiet; then + echo "${pkg}: no metadata changes" + return 0 + fi + + git commit -m "Update ${pkg} package for ${TAG}" + if git ls-remote --exit-code --heads origin >/dev/null 2>&1; then + git push + else + git push -u origin HEAD:master + fi + } + + publish_pkg openbitdo + publish_pkg openbitdo-bin diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2a26b90..3cc3a84 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -97,6 +97,52 @@ jobs: name: ci-macos-arm64-package path: sdk/dist/openbitdo-v0.0.0-ci-macos-arm64* + build-linux-x86_64: + runs-on: ubuntu-latest + needs: guard + defaults: + run: + working-directory: sdk + steps: + - uses: actions/checkout@v4 + - name: Install system deps + run: | + sudo apt-get update + sudo apt-get install -y libudev-dev pkg-config + - name: Install Rust + uses: dtolnay/rust-toolchain@stable + - name: Build/package linux x86_64 artifacts + run: ./scripts/package-linux.sh v0.0.0-ci x86_64 + - name: Upload linux x86_64 artifact sample + if: always() + uses: actions/upload-artifact@v4 + with: + name: ci-linux-x86_64-package + path: sdk/dist/openbitdo-v0.0.0-ci-linux-x86_64* + + build-linux-aarch64: + runs-on: ubuntu-24.04-arm + needs: guard + defaults: + run: + working-directory: sdk + steps: + - uses: actions/checkout@v4 + - name: Install system deps + run: | + sudo apt-get update + sudo apt-get install -y libudev-dev pkg-config + - name: Install Rust + uses: dtolnay/rust-toolchain@stable + - name: Build/package linux aarch64 artifacts + run: ./scripts/package-linux.sh v0.0.0-ci aarch64 + - name: Upload linux aarch64 artifact sample + if: always() + uses: actions/upload-artifact@v4 + with: + name: ci-linux-aarch64-package + path: sdk/dist/openbitdo-v0.0.0-ci-linux-aarch64* + hardware-paths: runs-on: ubuntu-latest outputs: @@ -125,6 +171,8 @@ jobs: - tui-smoke-test - aur-validate - build-macos-arm64 + - build-linux-x86_64 + - build-linux-aarch64 defaults: run: working-directory: sdk diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 94dda9c..4e63d25 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -57,6 +57,16 @@ jobs: [[ -n "${AUR_SSH_PRIVATE_KEY:-}" ]] || { echo "missing required secret: AUR_SSH_PRIVATE_KEY" >&2; exit 1; } [[ -n "${HOMEBREW_TAP_TOKEN:-}" ]] || { echo "missing required secret: HOMEBREW_TAP_TOKEN" >&2; exit 1; } + - name: Preflight Homebrew tap repository access + working-directory: ${{ github.workspace }} + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + HOMEBREW_TAP_REPO: ${{ vars.HOMEBREW_TAP_REPO }} + run: | + set -euo pipefail + [[ -n "${HOMEBREW_TAP_REPO:-}" ]] || { echo "missing required variable: HOMEBREW_TAP_REPO" >&2; exit 1; } + gh repo view "${HOMEBREW_TAP_REPO}" >/dev/null + - name: Require successful CI and hardware checks on tagged commit working-directory: ${{ github.workspace }} env: diff --git a/README.md b/README.md index a2b6673..901525c 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,25 @@ cargo run -p openbitdo -- --mock Beginner flow is always `openbitdo` only. No extra command surface is required. +## Install (Public RC) + +Homebrew tap install path for RC: + +```bash +brew tap bybrooklyn/openbitdo +brew install openbitdo +``` + +Homebrew Core inclusion (`brew install openbitdo` without tapping) is not an RC blocker and may land later. + +AUR package names: +- `openbitdo` (source build) +- `openbitdo-bin` (prebuilt binary) + +macOS RC caveat: +- `.pkg` installers are unsigned/ad-hoc for `v0.0.1-rc.1`. +- notarization is required starting with `v0.1.0`. + ## UI Language Support | Language | Status | Notes | diff --git a/sdk/README.md b/sdk/README.md index 26a262e..9992556 100644 --- a/sdk/README.md +++ b/sdk/README.md @@ -99,12 +99,19 @@ Packaging outputs use: - Clean-tree requirement from `/Users/brooklyn/data/8bitdo/cleanroom/RC_CHECKLIST.md` must be satisfied before tagging. ## Distribution Prep +- Homebrew install path for public RC: + - `brew tap bybrooklyn/openbitdo` + - `brew install openbitdo` +- Homebrew Core inclusion is not required for `v0.0.1-rc.1`. - Homebrew formula scaffold: `/Users/brooklyn/data/8bitdo/cleanroom/packaging/homebrew/Formula/openbitdo.rb` - Homebrew tap sync script (disabled by default): `/Users/brooklyn/data/8bitdo/cleanroom/packaging/homebrew/sync_tap.sh` -- Planned tap repository: `bybrooklyn/homebrew-openbitdo` +- Tap repository: `bybrooklyn/homebrew-openbitdo` - AUR package sources: - `/Users/brooklyn/data/8bitdo/cleanroom/packaging/aur/openbitdo` - `/Users/brooklyn/data/8bitdo/cleanroom/packaging/aur/openbitdo-bin` +- AUR package names: + - `openbitdo` + - `openbitdo-bin` - Release metadata renderer: - `/Users/brooklyn/data/8bitdo/cleanroom/packaging/scripts/render_release_metadata.sh` - AUR publish workflow: @@ -113,6 +120,9 @@ Packaging outputs use: - Homebrew publish path: - `release.yml` renders checksum-pinned formula and runs `sync_tap.sh` - gated by `HOMEBREW_PUBLISH_ENABLED=1` +- macOS `.pkg` caveat: + - unsigned/ad-hoc is accepted for RC + - notarization required for `v0.1.0` ## Hardware CI gates - required: