Skip to content

Comments

Add brew install#279

Open
josh-padnick wants to merge 5 commits intomainfrom
add-brew-install
Open

Add brew install#279
josh-padnick wants to merge 5 commits intomainfrom
add-brew-install

Conversation

@josh-padnick
Copy link
Contributor

@josh-padnick josh-padnick commented Feb 21, 2026

Description

This PR automates the creation of a new brew formula in https://github.com/gruntwork-io/homebrew-tap every time there's a new release.

Fixes #267.

How it works

When a GitHub Release is published, the new GitHub Actions workflow will:

  1. Download all 4 platform/arch binaries and compute SHA256 checksums
  2. Clone homebrew-tap, read metadata from the existing formula
  3. Generate updated <tool>.rb (latest) and <tool>@<semver>.rb (versioned)
  4. Open a PR, approve it via the GitHub App, and enable auto-merge

Authentication

To gain permissions to create a pull request on https://github.com/gruntwork-io/homebrew-tap, I recently created the Gruntwork Homebrew Tap Updater GitHub App (complete with fancy new logo). The GitHub Actions workflow uses actions/create-github-app-token to mint short-lived tokens scoped to homebrew-tap. This requires two repo secrets:

  • HOMEBREW_TAP_APP_ID
  • HOMEBREW_TAP_APP_PRIVATE_KEY

These secrets are already defined and stored in 1Password under the entry "Gruntwork Homebrew Tap Updater" (hopefully I got the right 1Password group; let me know if it should be moved).

Security

Note that Gruntwork Homebrew Tap Updater currently has read/write access to the https://github.com/gruntwork-io/homebrew-tap to read/write git commits and pull requests. The https://github.com/gruntwork-io/homebrew-tap repo has branch protection that requires one review before a PR is merged, however the Gruntwork Homebrew Tap Updater should be able to meet that requirement. As a result, the PR for a new brew formula will be created, approved, and merged all automatically without human intervention.

I'm not sure there's much point in humans manually reviewing each PR if it's just new versions and SHA commits.

TODOs

Read the Gruntwork contribution guidelines.

  • Update the docs.
  • Run the relevant tests successfully, including pre-commit checks.
  • Ensure any 3rd party code adheres with our license policy or delete this line if its not applicable.
  • Include release notes. If this PR is backward incompatible, include a migration guide.

Release Notes (draft)

  • Boilerplate is now available via homebrew! Install it with brew install gruntwork-io/tap/boilerplate.

@vercel
Copy link

vercel bot commented Feb 21, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
boilerplate Ready Ready Preview, Comment Feb 21, 2026 2:56am

Request Review

@josh-padnick josh-padnick marked this pull request as ready for review February 21, 2026 00:17
@josh-padnick
Copy link
Contributor Author

josh-padnick commented Feb 21, 2026

FYI, this won't run right now since we don't currently build release assets in GitHub Actions! I'm using AI to generate an equivalent GitHub Actions workflow to what we have now in CircleCI, and maybe that will work as a one-shot.

Suggestions welcome on how to proceed with this. I suppose we could just do the brew install in CircleCI, but I hate to add more there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gruntwork-codeowner gruntwork-codeowner Awaiting requested review from gruntwork-codeowner gruntwork-codeowner is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Brew

1 participant

@josh-padnick