Merge pull request #43 from MythologIQ/hotfix/v4.9.7-skill-validation #50
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Pipeline | |
| on: | |
| push: | |
| tags: ["v*"] | |
| workflow_dispatch: | |
| inputs: | |
| diff_category: | |
| description: "Change category for SemVer bump validation" | |
| required: false | |
| default: "none" | |
| type: choice | |
| options: | |
| - none | |
| - fix | |
| - feature | |
| - breaking | |
| jobs: | |
| validate: | |
| name: SemVer 2.0.0 Gate | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # Full history needed for tag comparison | |
| - name: Verify tag is on main branch | |
| run: | | |
| TAG_COMMIT=$(git rev-list -n 1 ${{ github.ref_name }}) | |
| if ! git merge-base --is-ancestor $TAG_COMMIT origin/main; then | |
| echo "::error::Tag ${{ github.ref_name }} is not on main branch. Merge your release/hotfix branch to main first, then tag." | |
| exit 1 | |
| fi | |
| echo "✅ Tag ${{ github.ref_name }} verified on main branch" | |
| - name: Validate SemVer 2.0.0 compliance | |
| shell: pwsh | |
| run: | | |
| tools/validate-release-version.ps1 ` | |
| -Version '${{ github.ref_name }}' ` | |
| -DiffCategory '${{ inputs.diff_category || 'none' }}' | |
| build: | |
| name: Build & Test | |
| needs: validate | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Repository validation gate | |
| shell: pwsh | |
| run: ./scripts/validate.ps1 -Version ${{ github.ref_name }} | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| - run: npm ci | |
| working-directory: FailSafe/extension | |
| - run: npx playwright install --with-deps chromium | |
| working-directory: FailSafe/extension | |
| - run: npm run compile | |
| working-directory: FailSafe/extension | |
| - run: xvfb-run -a npm run test:all | |
| working-directory: FailSafe/extension | |
| - name: Export governance context | |
| if: always() | |
| continue-on-error: true | |
| run: bash tools/export-governance-context.sh .failsafe-ci-context | |
| - name: Upload governance context | |
| if: ${{ always() && hashFiles('.failsafe-ci-context/**') != '' }} | |
| continue-on-error: true | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: governance-context | |
| path: .failsafe-ci-context/ | |
| if-no-files-found: ignore | |
| retention-days: 30 | |
| - name: Release metadata preflight | |
| run: node ./scripts/validate-vsix.cjs --source-only | |
| working-directory: FailSafe/extension | |
| - name: Derive release version from tag | |
| run: echo "VSIX_VERSION=${GITHUB_REF_NAME#v}" >> "$GITHUB_ENV" | |
| - name: Clean stale VSIX artifacts | |
| run: rm -f *.vsix | |
| working-directory: FailSafe/extension | |
| - run: npx @vscode/vsce package | |
| working-directory: FailSafe/extension | |
| - name: Assert expected VSIX exists | |
| run: test -f "mythologiq-failsafe-${VSIX_VERSION}.vsix" | |
| working-directory: FailSafe/extension | |
| - run: npm run validate:vsix | |
| working-directory: FailSafe/extension | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: vsix | |
| path: FailSafe/extension/mythologiq-failsafe-${{ env.VSIX_VERSION }}.vsix | |
| publish-vscode: | |
| name: Publish to VS Code Marketplace | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Derive release version from tag | |
| run: echo "VSIX_VERSION=${GITHUB_REF_NAME#v}" >> "$GITHUB_ENV" | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: vsix | |
| - run: npx @vscode/vsce publish --packagePath "mythologiq-failsafe-${VSIX_VERSION}.vsix" | |
| env: | |
| VSCE_PAT: ${{ secrets.VSCE_PAT }} | |
| publish-openvsx: | |
| name: Publish to Open VSX | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Derive release version from tag | |
| run: echo "VSIX_VERSION=${GITHUB_REF_NAME#v}" >> "$GITHUB_ENV" | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: vsix | |
| - run: npx ovsx publish "mythologiq-failsafe-${VSIX_VERSION}.vsix" | |
| env: | |
| OVSX_PAT: ${{ secrets.OVSX_TOKEN }} |