From 2f80d1ab7f22e37fd6622fda102930856d5dc974 Mon Sep 17 00:00:00 2001 From: Razvan Dimescu Date: Mon, 6 Apr 2026 22:54:07 +0300 Subject: [PATCH] ci: auto-update Homebrew tap on release After creating a GitHub release, the new update-homebrew job: - Extracts SHA256 checksums from build artifacts - Generates an updated numa.rb formula with correct version and hashes - Pushes it to razvandimescu/homebrew-tap via the GitHub API Requires HOMEBREW_TAP_TOKEN secret (PAT with repo scope on homebrew-tap). Co-Authored-By: Claude Opus 4.6 (1M context) --- .github/workflows/release.yml | 90 +++++++++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 057a8d0..0afa63f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -108,3 +108,93 @@ jobs: *.tar.gz *.zip *.sha256 + + update-homebrew: + needs: release + runs-on: ubuntu-latest + steps: + - name: Get version from tag + id: version + run: echo "version=${GITHUB_REF_NAME#v}" >> "$GITHUB_OUTPUT" + + - name: Download SHA256 files + uses: actions/download-artifact@v4 + with: + merge-multiple: true + + - name: Extract checksums + id: sha + run: | + echo "macos_arm=$(awk '{print $1}' numa-macos-aarch64.tar.gz.sha256)" >> "$GITHUB_OUTPUT" + echo "macos_x86=$(awk '{print $1}' numa-macos-x86_64.tar.gz.sha256)" >> "$GITHUB_OUTPUT" + echo "linux_arm=$(awk '{print $1}' numa-linux-aarch64.tar.gz.sha256)" >> "$GITHUB_OUTPUT" + echo "linux_x86=$(awk '{print $1}' numa-linux-x86_64.tar.gz.sha256)" >> "$GITHUB_OUTPUT" + + - name: Update Homebrew formula + uses: actions/github-script@v7 + with: + github-token: ${{ secrets.HOMEBREW_TAP_TOKEN }} + script: | + const version = '${{ steps.version.outputs.version }}'; + const base = `https://github.com/razvandimescu/numa/releases/download/v${version}`; + const formula = `class Numa < Formula + desc "Portable DNS resolver with ad blocking, .numa local service proxy, and developer overrides" + homepage "https://github.com/razvandimescu/numa" + license "MIT" + version "${version}" + + on_macos do + if Hardware::CPU.arm? + url "${base}/numa-macos-aarch64.tar.gz" + sha256 "${{ steps.sha.outputs.macos_arm }}" + else + url "${base}/numa-macos-x86_64.tar.gz" + sha256 "${{ steps.sha.outputs.macos_x86 }}" + end + end + + on_linux do + if Hardware::CPU.arm? + url "${base}/numa-linux-aarch64.tar.gz" + sha256 "${{ steps.sha.outputs.linux_arm }}" + else + url "${base}/numa-linux-x86_64.tar.gz" + sha256 "${{ steps.sha.outputs.linux_x86 }}" + end + end + + def install + bin.install "numa" + end + + def caveats + <<~EOS + Numa requires root to bind port 53: + sudo numa # start the DNS server + sudo numa install # set as system DNS + sudo numa service start # run as persistent service + + Dashboard: http://localhost:5380 + EOS + end + + test do + assert_match "numa", shell_output("#{bin}/numa --version") + end + end + `.replace(/^ /gm, ''); + + const { data: existing } = await github.rest.repos.getContent({ + owner: 'razvandimescu', + repo: 'homebrew-tap', + path: 'numa.rb', + }); + + await github.rest.repos.createOrUpdateFileContents({ + owner: 'razvandimescu', + repo: 'homebrew-tap', + path: 'numa.rb', + message: `numa ${version}`, + content: Buffer.from(formula).toString('base64'), + sha: existing.sha, + });