Skip to content
Release Pipeline

Merge pull request #43 from MythologIQ/hotfix/v4.9.7-skill-validation #50

Sign in to view logs

Merge pull request #43 from MythologIQ/hotfix/v4.9.7-skill-validation

Merge pull request #43 from MythologIQ/hotfix/v4.9.7-skill-validation #50

Workflow file for this run

.github/workflows/release.yml at 79b838e
name: Release Pipeline
on:
push:
tags: ["v*"]
workflow_dispatch:
inputs:
diff_category:
description: "Change category for SemVer bump validation"
required: false
default: "none"
type: choice
options:
- none
- fix
- feature
- breaking
jobs:
validate:
name: SemVer 2.0.0 Gate
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Full history needed for tag comparison
- name: Verify tag is on main branch
run: |
TAG_COMMIT=$(git rev-list -n 1 ${{ github.ref_name }})
if ! git merge-base --is-ancestor $TAG_COMMIT origin/main; then
echo "::error::Tag ${{ github.ref_name }} is not on main branch. Merge your release/hotfix branch to main first, then tag."
exit 1
fi
echo "✅ Tag ${{ github.ref_name }} verified on main branch"
- name: Validate SemVer 2.0.0 compliance
shell: pwsh
run: |
tools/validate-release-version.ps1 `
-Version '${{ github.ref_name }}' `
-DiffCategory '${{ inputs.diff_category || 'none' }}'
build:
name: Build & Test
needs: validate
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Repository validation gate
shell: pwsh
run: ./scripts/validate.ps1 -Version ${{ github.ref_name }}
- uses: actions/setup-node@v4
with:
node-version: "20"
- run: npm ci
working-directory: FailSafe/extension
- run: npx playwright install --with-deps chromium
working-directory: FailSafe/extension
- run: npm run compile
working-directory: FailSafe/extension
- run: xvfb-run -a npm run test:all
working-directory: FailSafe/extension
- name: Export governance context
if: always()
continue-on-error: true
run: bash tools/export-governance-context.sh .failsafe-ci-context
- name: Upload governance context
if: ${{ always() && hashFiles('.failsafe-ci-context/**') != '' }}
continue-on-error: true
uses: actions/upload-artifact@v4
with:
name: governance-context
path: .failsafe-ci-context/
if-no-files-found: ignore
retention-days: 30
- name: Release metadata preflight
run: node ./scripts/validate-vsix.cjs --source-only
working-directory: FailSafe/extension
- name: Derive release version from tag
run: echo "VSIX_VERSION=${GITHUB_REF_NAME#v}" >> "$GITHUB_ENV"
- name: Clean stale VSIX artifacts
run: rm -f *.vsix
working-directory: FailSafe/extension
- run: npx @vscode/vsce package
working-directory: FailSafe/extension
- name: Assert expected VSIX exists
run: test -f "mythologiq-failsafe-${VSIX_VERSION}.vsix"
working-directory: FailSafe/extension
- run: npm run validate:vsix
working-directory: FailSafe/extension
- uses: actions/upload-artifact@v4
with:
name: vsix
path: FailSafe/extension/mythologiq-failsafe-${{ env.VSIX_VERSION }}.vsix
publish-vscode:
name: Publish to VS Code Marketplace
needs: build
runs-on: ubuntu-latest
steps:
- name: Derive release version from tag
run: echo "VSIX_VERSION=${GITHUB_REF_NAME#v}" >> "$GITHUB_ENV"
- uses: actions/download-artifact@v4
with:
name: vsix
- run: npx @vscode/vsce publish --packagePath "mythologiq-failsafe-${VSIX_VERSION}.vsix"
env:
VSCE_PAT: ${{ secrets.VSCE_PAT }}
publish-openvsx:
name: Publish to Open VSX
needs: build
runs-on: ubuntu-latest
steps:
- name: Derive release version from tag
run: echo "VSIX_VERSION=${GITHUB_REF_NAME#v}" >> "$GITHUB_ENV"
- uses: actions/download-artifact@v4
with:
name: vsix
- run: npx ovsx publish "mythologiq-failsafe-${VSIX_VERSION}.vsix"
env:
OVSX_PAT: ${{ secrets.OVSX_TOKEN }}