chore(ci): fix live-smoke test vars #57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Packages | |
| on: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| id-token: write | |
| concurrency: | |
| group: publish-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| verify: | |
| name: Lint, typecheck and test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v4 | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: 10.31.0 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "24" | |
| registry-url: "https://registry.npmjs.org" | |
| cache: "pnpm" | |
| - name: Enable Corepack | |
| run: corepack enable | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Build packages | |
| run: pnpm build | |
| - name: Lint | |
| run: pnpm run lint:check | |
| - name: Typecheck | |
| run: pnpm run typecheck | |
| - name: Test | |
| run: pnpm test | |
| - name: Integration test | |
| run: pnpm run test:integration | |
| live-smoke: | |
| name: Live production smoke test | |
| runs-on: ubuntu-latest | |
| needs: verify | |
| env: | |
| RYZOME_ENABLE_LIVE_SMOKE: "1" | |
| RYZOME_LIVE_SMOKE_API_KEY: ${{ secrets.RYZOME_LIVE_SMOKE_API_KEY }} | |
| RYZOME_LIVE_SMOKE_API_URL: ${{ vars.RYZOME_LIVE_SMOKE_API_URL }} | |
| RYZOME_LIVE_SMOKE_APP_URL: ${{ vars.RYZOME_LIVE_SMOKE_APP_URL }} | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v4 | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: 10.31.0 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "24" | |
| cache: "pnpm" | |
| - name: Enable Corepack | |
| run: corepack enable | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Build packages | |
| run: pnpm build | |
| - name: Validate live smoke configuration | |
| run: | | |
| test -n "$RYZOME_LIVE_SMOKE_API_KEY" || { | |
| echo "RYZOME_LIVE_SMOKE_API_KEY is required for publish workflow live smoke checks." | |
| exit 1 | |
| } | |
| - name: Run live smoke integration test | |
| run: pnpm run test:integration | |
| release: | |
| name: Release | |
| runs-on: ubuntu-latest | |
| needs: | |
| - verify | |
| - live-smoke | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v4 | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: 10.31.0 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "24" | |
| registry-url: "https://registry.npmjs.org" | |
| cache: "pnpm" | |
| - name: Enable Corepack | |
| run: corepack enable | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Build packages | |
| run: pnpm build | |
| - name: Create Release PR or Publish | |
| id: changesets | |
| uses: changesets/action@v1 | |
| with: | |
| version: pnpm version-packages | |
| publish: pnpm release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_CONFIG_PROVENANCE: "true" | |
| - name: Create GitHub Release | |
| if: steps.changesets.outputs.published == 'true' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| # Build release body from published packages | |
| BODY="## Published packages\n\n" | |
| for pkg in $(echo '${{ steps.changesets.outputs.publishedPackages }}' | jq -r '.[] | "\(.name)@\(.version)"'); do | |
| BODY="${BODY}- \`${pkg}\`\n" | |
| done | |
| # Use the highest non-snapshot version as the tag | |
| VERSION=$(echo '${{ steps.changesets.outputs.publishedPackages }}' | jq -r '.[0].version') | |
| TAG="v${VERSION}" | |
| gh release create "$TAG" \ | |
| --title "$TAG" \ | |
| --notes "$(echo -e "$BODY")" \ | |
| --latest | |
| dev-snapshot: | |
| name: Publish dev snapshots | |
| runs-on: ubuntu-latest | |
| needs: | |
| - verify | |
| - live-smoke | |
| # Only publish dev snapshots when changesets/action would create a version PR | |
| # (i.e. there are pending changesets). When it publishes stable, skip snapshots. | |
| if: ${{ !contains(github.event.head_commit.message, 'Version Packages') }} | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v4 | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: 10.31.0 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "24" | |
| registry-url: "https://registry.npmjs.org" | |
| cache: "pnpm" | |
| - name: Enable Corepack | |
| run: corepack enable | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Build packages | |
| run: pnpm build | |
| - name: Check for pending changesets | |
| id: check | |
| run: | | |
| if ls .changeset/*.md 1>/dev/null 2>&1 && [ "$(ls .changeset/*.md 2>/dev/null | grep -v README.md | wc -l)" -gt 0 ]; then | |
| echo "has_changesets=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "has_changesets=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Publish dev snapshot | |
| if: steps.check.outputs.has_changesets == 'true' | |
| # Mirrors `pnpm version-packages` so dev tarballs do not ship with a | |
| # stale openclaw.plugin.json relative to package.json. The Hermes | |
| # plugin is private (PyPI-only) and is skipped by `changeset publish`; | |
| # the sync script keeps its metadata aligned for local/dev builds. | |
| run: | | |
| pnpm changeset version --snapshot dev | |
| node scripts/sync-plugin-version.mjs | |
| node scripts/sync-hermes-plugin-version.mjs | |
| pnpm changeset publish --tag dev | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_CONFIG_PROVENANCE: "true" |