Skip to content

feat(agent): add file uploads (chat attachments + workspace files) (#10) #17

feat(agent): add file uploads (chat attachments + workspace files) (#10)

feat(agent): add file uploads (chat attachments + workspace files) (#10) #17

name: release-please
on:
push:
branches: [main]
# Only one release run at a time; never cancel an in-progress publish.
concurrency:
group: release-please-${{ github.ref }}
cancel-in-progress: false
permissions: {}
jobs:
release-please:
runs-on: ubuntu-latest
permissions:
contents: write # create release tags, GitHub releases, and the release PR
pull-requests: write # open/update the release PR
outputs:
# Per-package outputs. The path contains a '/', so it MUST be read with
# JS-style bracket+quote indexing, not dot access.
sandbox_released: ${{ steps.release.outputs['packages/sandbox--release_created'] }}
agent_released: ${{ steps.release.outputs['packages/agent--release_created'] }}
provider_released: ${{ steps.release.outputs['packages/provider--release_created'] }}
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
with:
persist-credentials: false
- name: Install node and pnpm via mise
uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4
- run: pnpm install --frozen-lockfile
# Runs release-please as a library with our AI changelog-notes hook
# registered (changelog-type: "ai" in the config). release-please itself
# writes the CHANGELOG, the release PR, and the GitHub Release — nothing
# downstream overwrites its output. The harness emits the same per-path
# outputs the stock action did, so the publish jobs below are unchanged.
- name: Run release-please (AI changelog notes)
id: release
run: pnpm --filter @coder/release-please-ai exec tsx src/cli.ts
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_REPOSITORY: ${{ github.repository }}
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
# Publish jobs authenticate to npm via OIDC trusted publishing (no NPM_TOKEN).
# Requires a trusted publisher configured per package on npmjs.com pointing at
# this repo + workflow file. Provenance is attested via the OIDC id-token.
publish-sandbox:
needs: release-please
if: ${{ needs.release-please.outputs.sandbox_released == 'true' }}
runs-on: ubuntu-latest
permissions:
contents: read # checkout only
id-token: write # OIDC: trusted-publishing auth + provenance
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
with:
persist-credentials: false
- name: Install node and pnpm via mise
uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4
- run: pnpm install --frozen-lockfile
- run: pnpm --filter @coder/ai-sdk-sandbox build
- name: Publish @coder/ai-sdk-sandbox
run: pnpm --filter @coder/ai-sdk-sandbox publish --provenance --access public --no-git-checks
publish-agent:
needs: release-please
if: ${{ needs.release-please.outputs.agent_released == 'true' }}
runs-on: ubuntu-latest
permissions:
contents: read # checkout only
id-token: write # OIDC: trusted-publishing auth + provenance
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
with:
persist-credentials: false
- name: Install node and pnpm via mise
uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4
- run: pnpm install --frozen-lockfile
- run: pnpm --filter @coder/ai-sdk-agent build
- name: Publish @coder/ai-sdk-agent
run: pnpm --filter @coder/ai-sdk-agent publish --provenance --access public --no-git-checks
publish-provider:
needs: release-please
if: ${{ needs.release-please.outputs.provider_released == 'true' }}
runs-on: ubuntu-latest
permissions:
contents: read # checkout only
id-token: write # OIDC: trusted-publishing auth + provenance
steps:
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
with:
persist-credentials: false
- name: Install node and pnpm via mise
uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4
- run: pnpm install --frozen-lockfile
- run: pnpm --filter @coder/ai-sdk-provider build
- name: Publish @coder/ai-sdk-provider
run: pnpm --filter @coder/ai-sdk-provider publish --provenance --access public --no-git-checks