From 6a26de04084498ba73838b3c66d8f921e4695d56 Mon Sep 17 00:00:00 2001 From: Justin Date: Mon, 20 May 2024 14:22:32 -0400 Subject: [PATCH] ci(refactor): split build-and-test-pkg for better reuse (#953) Issue #, if available: *Description of changes:* While I was fixing the macOS pkg build error on macOS 11 (due to `yq` from brew not building properly), I noticed that most of the file was repeated (due to different archs being built/tested as different jobs) which caused it to be pretty unnecessarily unwieldy. This was the case for both the build and the test workflow jobs. I initially thought I could combine them using matrices, but then we lose the ability to run the test jobs as soon as each respective build completes (with a matrix, it would have to wait until _both_ builds complete, which isn't even guaranteed). There were other complications that made matrices hard, like the fact that we only want to build once per arch, but we want to test on several other arch/version combinations. Instead, I was able to split the workflows into reusable/composite workflows, so that only the inputs vary, and the script is mostly the same. *Testing done:* - [x] I've reviewed the guidance in CONTRIBUTING.md #### License Acceptance By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. --------- Signed-off-by: Justin Alvarez --- .github/workflows/build-and-test-pkg.yaml | 333 +++------------------- .github/workflows/build-pkg.yaml | 78 +++++ .github/workflows/pkg-output-arch.yaml | 23 ++ .github/workflows/test-pkg.yaml | 157 ++++++++++ 4 files changed, 293 insertions(+), 298 deletions(-) create mode 100644 .github/workflows/build-pkg.yaml create mode 100644 .github/workflows/pkg-output-arch.yaml create mode 100644 .github/workflows/test-pkg.yaml diff --git a/.github/workflows/build-and-test-pkg.yaml b/.github/workflows/build-and-test-pkg.yaml index 79e6e3852..c9b76a41e 100644 --- a/.github/workflows/build-and-test-pkg.yaml +++ b/.github/workflows/build-and-test-pkg.yaml @@ -13,12 +13,6 @@ on: env: GO111MODULE: on -permissions: - # This is required for configure-aws-credentials to request an OIDC JWT ID token to access AWS resources later on. - # More info: https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#adding-permissions-settings - id-token: write - contents: read # This is required for actions/checkout - jobs: get-tag-name: name: Get tag name @@ -35,316 +29,59 @@ jobs: tag=${{ github.ref_name }} fi echo "tag=$tag" >> ${GITHUB_OUTPUT} - + macos-aarch64-pkg-build: needs: get-tag-name - runs-on: [self-hosted, macos, arm64, 14, release] - timeout-minutes: 60 - steps: - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - with: - ref: ${{ needs.get-tag-name.outputs.tag }} - fetch-depth: 0 - persist-credentials: false - submodules: true - - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 - with: - go-version-file: go.mod - cache: true - - name: Make macos aarch64 build - run: | - brew install lz4 automake autoconf libtool yq - git status - git clean -f -d - make clean - make download-licenses - make FINCH_OS_IMAGE_LOCATION_ROOT=/Applications/Finch - shell: zsh {0} - - - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 - with: - role-to-assume: ${{ secrets.ROLE }} - role-session-name: dependency-upload-session - aws-region: ${{ secrets.REGION }} - - - name: generate pkg - run: | - ./installer-builder/tools/release-installer.sh aarch64 ${{ needs.get-tag-name.outputs.tag }} ${{ secrets.INSTALLER_PRIVATE_BUCKET_NAME }} ${{ secrets.EXECUTABLE_BUCKET }} ${{ secrets.PKG_BUCKET }} ${{ secrets.NOTARIZATION_ACCOUNT }} ${{ secrets.NOTARIZATION_CREDENTIAL }} - shell: zsh {0} + uses: ./.github/workflows/build-pkg.yaml + secrets: inherit + with: + os: macos + arch: arm64 + output_arch: aarch64 + version: 14 + tag: ${{ needs.get-tag-name.outputs.tag }} macos-x86-64-pkg-build: needs: get-tag-name - runs-on: [self-hosted, macos, amd64, 14, release] - timeout-minutes: 60 - steps: - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - with: - ref: ${{ needs.get-tag-name.outputs.tag }} - fetch-depth: 0 - persist-credentials: false - submodules: true - - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 - with: - go-version-file: go.mod - cache: true - - - name: Make macos x86_64 build - run: | - brew install lz4 automake autoconf libtool yq - git status - git clean -f -d - make clean - make download-licenses - make FINCH_OS_IMAGE_LOCATION_ROOT=/Applications/Finch - shell: zsh {0} - - - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 - with: - role-to-assume: ${{ secrets.ROLE }} - role-session-name: dependency-upload-session - aws-region: ${{ secrets.REGION }} - - - name: generate pkg - run: | - ./installer-builder/tools/release-installer.sh x86_64 ${{ needs.get-tag-name.outputs.tag }} ${{ secrets.INSTALLER_PRIVATE_BUCKET_NAME }} ${{ secrets.EXECUTABLE_BUCKET }} ${{ secrets.PKG_BUCKET }} ${{ secrets.NOTARIZATION_ACCOUNT }} ${{ secrets.NOTARIZATION_CREDENTIAL }} - shell: zsh {0} + uses: ./.github/workflows/build-pkg.yaml + secrets: inherit + with: + os: macos + arch: amd64 + output_arch: x86_64 + version: 14 + tag: ${{ needs.get-tag-name.outputs.tag }} macos-aarch64-pkg-test: strategy: fail-fast: false matrix: - os: [ - [self-hosted, macos, arm64, 11, release], - [self-hosted, macos, arm64, 14, release], - [self-hosted, macos, arm64, 13, release] - ] - runs-on: ${{ matrix.os }} + version: [11, 13, 14] needs: - get-tag-name - macos-aarch64-pkg-build - timeout-minutes: 180 - env: - ACCESS_TOKEN: ${{ secrets.FINCH_BOT_TOKEN }} - steps: - - name: Checkout the tag - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - with: - ref: ${{ needs.get-tag-name.outputs.tag }} - fetch-depth: 0 - persist-credentials: false - submodules: true - - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 - with: - go-version-file: go.mod - cache: true - - name: Clean up previous files - run: | - sudo rm -rf /opt/finch - sudo rm -rf ~/.finch - sudo rm -rf ./_output - if pgrep '^qemu-system'; then - sudo pkill '^qemu-system' - fi - if pgrep '^socket_vmnet'; then - sudo pkill '^socket_vmnet' - fi - - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 - with: - role-to-assume: ${{ secrets.ROLE }} - role-session-name: download-installer-session - aws-region: ${{ secrets.REGION }} - - name: Download from S3 - run: | - aws s3 cp s3://${{ secrets.INSTALLER_PRIVATE_BUCKET_NAME }}/Finch-${{ needs.get-tag-name.outputs.tag }}-aarch64.pkg Finch-${{ needs.get-tag-name.outputs.tag }}-aarch64.pkg - shell: zsh {0} - - name: Silently install - run: sudo installer -pkg Finch-${{ needs.get-tag-name.outputs.tag }}-aarch64.pkg -target / - - name: Install Rosetta 2 - run: echo "A" | softwareupdate --install-rosetta || true - - name: Build project - run: | - brew install lz4 automake autoconf libtool yq - export PATH="/opt/homebrew/opt/libtool/libexec/gnubin:$PATH" - make - shell: zsh {0} - - name: Multiple instances of Finch test - run: | - # start two Finch VM instances - ./_output/bin/finch vm init - finch vm init - # start a container in each VM instance - ./_output/bin/finch pull alpine - finch pull alpine - ./_output/bin/finch run --name test-ctr1 alpine - finch run --name test-ctr2 alpine - # check whether containers exist - if ! ./_output/bin/finch ps -a | grep 'test-ctr1'; then - echo "ERROR: The container test-ctr1 doesn't exist in the built finch VM" - exit 1 - fi - if ./_output/bin/finch ps -a | grep 'test-ctr2'; then - echo "ERROR: The container test-ctr2 shoudn't exist in the built finch VM" - exit 1 - fi - if ! finch ps -a | grep 'test-ctr2'; then - echo "ERROR: The container test-ctr2 doesn't exist in the installed finch VM" - exit 1 - fi - if finch ps -a | grep 'test-ctr1'; then - echo "ERROR: The container test-ctr1 shoudn't exist in the installed finch VM" - exit 1 - fi - # clean up the VMs - ./_output/bin/finch vm stop && ./_output/bin/finch vm remove - finch vm stop && finch vm remove - - name: Clean up multiple instance test - run: | - sudo rm -rf ./_output - echo 'y' | sudo bash /Applications/Finch/uninstall.sh - # Need to reinstall because there were errors on arm64 11.7 and arm64 12.6 hosts after running multiple instances tests, - # that caused the VM initialization failure in the e2e test. - # Example workflow run https://github.com/runfinch/finch/actions/runs/4367457552/jobs/7638794529 - sudo installer -pkg Finch-${{ needs.get-tag-name.outputs.tag }}-aarch64.pkg -target / - - name: Run VM e2e tests - uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0 - with: - timeout_minutes: 180 - max_attempts: 3 - command: | - git status - git clean -f -d - INSTALLED=true make test-e2e-vm - - name: Run container e2e tests - uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0 - with: - timeout_minutes: 180 - max_attempts: 3 - command: | - git status - git clean -f -d - INSTALLED=true make test-e2e-container - - name: Silently uninstall - run: echo 'y' | sudo bash /Applications/Finch/uninstall.sh - - name: Delete installer - run: rm -rf Finch-${{ needs.get-tag-name.outputs.tag }}-aarch64.pkg + uses: ./.github/workflows/test-pkg.yaml + secrets: inherit + with: + os: macos + arch: arm64 + output_arch: aarch64 + version: ${{ matrix.version }} + tag: ${{ needs.get-tag-name.outputs.tag }} macos-x86-64-pkg-test: strategy: fail-fast: false matrix: - os: [ - [self-hosted, macos, amd64, 11, release], - [self-hosted, macos, amd64, 14, release], - [self-hosted, macos, amd64, 13, release] - ] - runs-on: ${{ matrix.os }} + version: [11, 13, 14] needs: - get-tag-name - macos-x86-64-pkg-build - timeout-minutes: 180 - env: - ACCESS_TOKEN: ${{ secrets.FINCH_BOT_TOKEN }} - steps: - - name: Checkout the tag - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - with: - ref: ${{ needs.get-tag-name.outputs.tag }} - fetch-depth: 0 - persist-credentials: false - submodules: true - - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 - with: - go-version-file: go.mod - cache: true - - name: Clean up previous files - run: | - sudo rm -rf /opt/finch - sudo rm -rf ~/.finch - sudo rm -rf ./_output - if pgrep '^qemu-system'; then - sudo pkill '^qemu-system' - fi - if pgrep '^socket_vmnet'; then - sudo pkill '^socket_vmnet' - fi - - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 - with: - role-to-assume: ${{ secrets.ROLE }} - role-session-name: download-installer-session - aws-region: ${{ secrets.REGION }} - - name: Download from S3 - run: | - aws s3 cp s3://${{ secrets.INSTALLER_PRIVATE_BUCKET_NAME }}/Finch-${{ needs.get-tag-name.outputs.tag }}-x86_64.pkg Finch-${{ needs.get-tag-name.outputs.tag }}-x86_64.pkg - shell: zsh {0} - - name: Silently install - run: | - sudo installer -pkg Finch-${{ needs.get-tag-name.outputs.tag }}-x86_64.pkg -target / - - name: Install Rosetta 2 - run: echo "A" | softwareupdate --install-rosetta || true - - name: Build project - run: | - brew install lz4 automake autoconf libtool yq - export PATH="/opt/homebrew/opt/libtool/libexec/gnubin:$PATH" - make - shell: zsh {0} - - name: Multiple instances of Finch test - run: | - # start two Finch VM instances - ./_output/bin/finch vm init - finch vm init - # start a container in each VM instance - ./_output/bin/finch pull alpine - finch pull alpine - ./_output/bin/finch run --name test-ctr1 alpine - finch run --name test-ctr2 alpine - # check whether containers exist - if ! ./_output/bin/finch ps -a | grep 'test-ctr1'; then - echo "ERROR: The container test-ctr1 doesn't exist in the built finch VM" - exit 1 - fi - if ./_output/bin/finch ps -a | grep 'test-ctr2'; then - echo "ERROR: The container test-ctr2 shoudn't exist in the built finch VM" - exit 1 - fi - if ! finch ps -a | grep 'test-ctr2'; then - echo "ERROR: The container test-ctr2 doesn't exist in the installed finch VM" - exit 1 - fi - if finch ps -a | grep 'test-ctr1'; then - echo "ERROR: The container test-ctr1 shoudn't exist in the installed finch VM" - exit 1 - fi - # clean up the VMs - ./_output/bin/finch vm stop && ./_output/bin/finch vm remove - finch vm stop && finch vm remove - - name: Clean up multiple instance test - run: | - sudo rm -rf ./_output - echo 'y' | sudo bash /Applications/Finch/uninstall.sh - sudo installer -pkg Finch-${{ needs.get-tag-name.outputs.tag }}-x86_64.pkg -target / - - name: Run VM e2e tests - uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0 - with: - timeout_minutes: 180 - max_attempts: 3 - command: | - git status - git clean -f -d - INSTALLED=true make test-e2e-vm - - name: Run container e2e tests - uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0 - with: - timeout_minutes: 180 - max_attempts: 3 - command: | - git status - git clean -f -d - INSTALLED=true make test-e2e-container - - name: Silently uninstall - run: echo 'y' | sudo bash /Applications/Finch/uninstall.sh - - name: Delete installer - run: rm -rf Finch-${{ needs.get-tag-name.outputs.tag }}-x86_64.pkg + uses: ./.github/workflows/test-pkg.yaml + secrets: inherit + with: + os: macos + arch: amd64 + output_arch: x86_64 + version: ${{ matrix.version }} + tag: ${{ needs.get-tag-name.outputs.tag }} diff --git a/.github/workflows/build-pkg.yaml b/.github/workflows/build-pkg.yaml new file mode 100644 index 000000000..a714fb8cb --- /dev/null +++ b/.github/workflows/build-pkg.yaml @@ -0,0 +1,78 @@ +name: build-pkg +on: + workflow_call: + inputs: + os: + type: string + required: true + arch: + type: string + required: true + output_arch: + type: string + required: true + version: + type: string + required: true + tag: + type: string + required: true + +permissions: + # This is required for configure-aws-credentials to request an OIDC JWT ID token to access AWS resources later on. + # More info: https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#adding-permissions-settings + id-token: write + # This is required for actions/checkout + contents: read + +jobs: + build: + runs-on: + [ + self-hosted, + release, + '${{ inputs.os }}', + '${{ inputs.arch }}', + '${{ inputs.version }}', + ] + timeout-minutes: 60 + steps: + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + with: + ref: ${{ inputs.tag }} + fetch-depth: 0 + persist-credentials: false + submodules: true + - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 + with: + go-version-file: go.mod + cache: true + - name: Build for macOS ${{ inputs.version }} (${{ inputs.output_arch }}) + run: | + brew install lz4 automake autoconf libtool yq + git status + git clean -f -d + make clean + make download-licenses + make FINCH_OS_IMAGE_LOCATION_ROOT=/Applications/Finch + shell: zsh {0} + + - name: configure aws credentials + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 + with: + role-to-assume: ${{ secrets.ROLE }} + role-session-name: dependency-upload-session + aws-region: ${{ secrets.REGION }} + + - id: final + name: generate pkg + run: | + ./installer-builder/tools/release-installer.sh \ + ${{ inputs.output_arch }} \ + ${{ inputs.tag }} \ + ${{ secrets.INSTALLER_PRIVATE_BUCKET_NAME }} \ + ${{ secrets.EXECUTABLE_BUCKET }} \ + ${{ secrets.PKG_BUCKET }} \ + ${{ secrets.NOTARIZATION_ACCOUNT }} \ + ${{ secrets.NOTARIZATION_CREDENTIAL }} + shell: zsh {0} diff --git a/.github/workflows/pkg-output-arch.yaml b/.github/workflows/pkg-output-arch.yaml new file mode 100644 index 000000000..b65226acf --- /dev/null +++ b/.github/workflows/pkg-output-arch.yaml @@ -0,0 +1,23 @@ +name: get-output-arch +on: + workflow_call: + inputs: + arch: + type: string + required: true + +jobs: + get-output-arch: + outputs: + arch: ${{ steps.output-arch.arch }} + runs-on: ubuntu-latest + steps: + - name: 'get output arch' + id: output-arch + run: | + shopt -s nocasematch + if [[ ${{ inputs.arch }} == "amd64" ]]; then + echo "arch=x86_64" >> "$GITHUB_OUTPUT" + elif [[ ${{ inputs.arch }} == "arm64" ]]; then + echo "arch=aarch64" >> "$GITHUB_OUTPUT" + fi diff --git a/.github/workflows/test-pkg.yaml b/.github/workflows/test-pkg.yaml new file mode 100644 index 000000000..55d2305b4 --- /dev/null +++ b/.github/workflows/test-pkg.yaml @@ -0,0 +1,157 @@ +name: test-pkg +on: + workflow_call: + inputs: + os: + type: string + required: true + arch: + type: string + required: true + output_arch: + type: string + required: true + version: + type: string + required: true + tag: + type: string + required: true + +permissions: + # This is required for configure-aws-credentials to request an OIDC JWT ID token to access AWS resources later on. + # More info: https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#adding-permissions-settings + id-token: write + # This is required for actions/checkout + contents: read + +jobs: + test: + runs-on: + [ + self-hosted, + release, + '${{ inputs.os }}', + '${{ inputs.arch }}', + '${{ inputs.version }}', + ] + timeout-minutes: 180 + env: + ACCESS_TOKEN: ${{ secrets.FINCH_BOT_TOKEN }} + steps: + - name: Checkout the tag + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + with: + ref: ${{ inputs.tag }} + fetch-depth: 0 + persist-credentials: false + submodules: true + - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 + with: + go-version-file: go.mod + cache: true + - name: Clean up previous files + run: | + sudo rm -rf /opt/finch + sudo rm -rf ~/.finch + sudo rm -rf ./_output + if pgrep '^qemu-system'; then + sudo pkill '^qemu-system' + fi + if pgrep '^socket_vmnet'; then + sudo pkill '^socket_vmnet' + fi + - name: configure aws credentials + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 + with: + role-to-assume: ${{ secrets.ROLE }} + role-session-name: download-installer-session + aws-region: ${{ secrets.REGION }} + - name: Download from S3 + run: | + aws s3 cp \ + s3://${{ secrets.INSTALLER_PRIVATE_BUCKET_NAME }}/Finch-${{ inputs.tag }}-${{ inputs.output_arch }}.pkg \ + Finch-${{ inputs.tag }}-${{ inputs.output_arch }}.pkg + shell: zsh {0} + - name: Silently install + run: sudo installer -pkg Finch-${{ inputs.tag }}-${{ inputs.output_arch }}.pkg -target / + - name: Install Rosetta 2 + run: echo "A" | softwareupdate --install-rosetta || true + - name: Install build dependencies + run: | + pkgs=("lz4" "automake" "autoconf" "libtool") + if [[ ${{ inputs.version }} != "11" ]]; then + pkgs+="yq" + else + # install yq manually + curl -OL https://github.com/mikefarah/yq/releases/download/v4.44.1/yq_darwin_${{ inputs.arch }} + chmod +x yq_darwin_${{ inputs.arch }} + sudo mv yq_darwin_${{ inputs.arch }} /usr/local/bin/yq + fi + brew install $(printf " %s" "${pkgs[@]}") + shell: zsh {0} + - name: Build project + run: | + export PATH="/opt/homebrew/opt/libtool/libexec/gnubin:$PATH" + make + shell: zsh {0} + - name: Multiple instances of Finch test + run: | + # start two Finch VM instances + ./_output/bin/finch vm init + finch vm init + # start a container in each VM instance + ./_output/bin/finch pull alpine + finch pull alpine + ./_output/bin/finch run --name test-ctr1 alpine + finch run --name test-ctr2 alpine + # check whether containers exist + if ! ./_output/bin/finch ps -a | grep 'test-ctr1'; then + echo "ERROR: The container test-ctr1 doesn't exist in the built finch VM" + exit 1 + fi + if ./_output/bin/finch ps -a | grep 'test-ctr2'; then + echo "ERROR: The container test-ctr2 shoudn't exist in the built finch VM" + exit 1 + fi + if ! finch ps -a | grep 'test-ctr2'; then + echo "ERROR: The container test-ctr2 doesn't exist in the installed finch VM" + exit 1 + fi + if finch ps -a | grep 'test-ctr1'; then + echo "ERROR: The container test-ctr1 shoudn't exist in the installed finch VM" + exit 1 + fi + # clean up the VMs + ./_output/bin/finch vm stop && ./_output/bin/finch vm remove + finch vm stop && finch vm remove + - name: Clean up multiple instance test + run: | + sudo rm -rf ./_output + echo 'y' | sudo bash /Applications/Finch/uninstall.sh + # Need to reinstall because there were errors on arm64 11.7 and arm64 12.6 hosts after running multiple instances tests, + # that caused the VM initialization failure in the e2e test. + # Example workflow run https://github.com/runfinch/finch/actions/runs/4367457552/jobs/7638794529 + sudo installer -pkg Finch-${{ inputs.tag }}-${{ inputs.output_arch }}.pkg -target / + - name: Run VM e2e tests + uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0 + with: + timeout_minutes: 180 + max_attempts: 3 + command: | + git status + git clean -f -d + INSTALLED=true make test-e2e-vm + - name: Run container e2e tests + uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0 + with: + timeout_minutes: 180 + max_attempts: 3 + command: | + git status + git clean -f -d + INSTALLED=true make test-e2e-container + - name: Silently uninstall + run: echo 'y' | sudo bash /Applications/Finch/uninstall.sh + - name: Delete installer + run: rm -rf Finch-${{ inputs.tag }}-${{ inputs.output_arch }}.pkg