refactor(agent-runtime): adopt tseng — layered skills, protected tRPC, GitHub port, Result #482
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish | |
| on: | |
| push: | |
| tags: ["v*"] | |
| pull_request: | |
| workflow_dispatch: | |
| concurrency: | |
| group: images-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| packages: write | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_PREFIX: ghcr.io/kagenti/humr | |
| jobs: | |
| build-images: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| strategy: | |
| matrix: | |
| include: | |
| - component: controller | |
| dockerfile: packages/controller/Dockerfile | |
| context: packages/controller | |
| - component: api-server | |
| dockerfile: packages/api-server/Dockerfile | |
| context: . | |
| - component: ui | |
| dockerfile: packages/ui/Dockerfile | |
| context: . | |
| - component: humr-base | |
| dockerfile: packages/humr-base/Dockerfile | |
| context: . | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-qemu-action@v3 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| if: github.event_name != 'pull_request' | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.IMAGE_PREFIX }}/${{ matrix.component }} | |
| tags: | | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=raw,value=latest | |
| - uses: docker/build-push-action@v6 | |
| with: | |
| context: ${{ matrix.context }} | |
| file: ${{ matrix.dockerfile }} | |
| platforms: linux/amd64,linux/arm64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha,scope=${{ matrix.component }} | |
| cache-to: type=gha,mode=max,scope=${{ matrix.component }} | |
| build-claude-code: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| needs: build-images | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-qemu-action@v3 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.IMAGE_PREFIX }}/claude-code | |
| tags: | | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=raw,value=latest | |
| - uses: docker/build-push-action@v6 | |
| with: | |
| context: packages/agents/claude-code | |
| file: packages/agents/claude-code/Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| build-args: | | |
| BASE_IMAGE=${{ env.IMAGE_PREFIX }}/humr-base:${{ steps.meta.outputs.version }} | |
| cache-from: type=gha,scope=claude-code | |
| cache-to: type=gha,mode=max,scope=claude-code | |
| build-google-workspace-agent: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| needs: build-images | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-qemu-action@v3 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.IMAGE_PREFIX }}/google-workspace-agent | |
| tags: | | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=raw,value=latest | |
| - uses: docker/build-push-action@v6 | |
| with: | |
| context: packages/agents/google-workspace | |
| file: packages/agents/google-workspace/Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| build-args: | | |
| BASE_IMAGE=${{ env.IMAGE_PREFIX }}/humr-base:${{ steps.meta.outputs.version }} | |
| cache-from: type=gha,scope=google-workspace-agent | |
| cache-to: type=gha,mode=max,scope=google-workspace-agent | |
| build-code-guardian: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| needs: build-images | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-qemu-action@v3 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.IMAGE_PREFIX }}/code-guardian | |
| tags: | | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=raw,value=latest | |
| - uses: docker/build-push-action@v6 | |
| with: | |
| context: packages/agents/code-guardian | |
| file: packages/agents/code-guardian/Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| build-args: | | |
| BASE_IMAGE=${{ env.IMAGE_PREFIX }}/humr-base:${{ steps.meta.outputs.version }} | |
| cache-from: type=gha,scope=code-guardian | |
| cache-to: type=gha,mode=max,scope=code-guardian | |
| build-pi-agent: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| needs: build-images | |
| if: startsWith(github.ref, 'refs/tags/v') || github.event_name == 'workflow_dispatch' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-qemu-action@v3 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.IMAGE_PREFIX }}/pi-agent | |
| tags: | | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=raw,value=latest | |
| - uses: docker/build-push-action@v6 | |
| with: | |
| context: packages/agents/pi-agent | |
| file: packages/agents/pi-agent/Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| build-args: | | |
| BASE_IMAGE=${{ env.IMAGE_PREFIX }}/humr-base:${{ steps.meta.outputs.version }} | |
| cache-from: type=gha,scope=pi-agent | |
| cache-to: type=gha,mode=max,scope=pi-agent | |
| helm-package: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| needs: [build-images, build-claude-code, build-google-workspace-agent, build-code-guardian, build-pi-agent] | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: azure/setup-helm@v4 | |
| - name: Extract version from tag | |
| id: version | |
| run: echo "version=${GITHUB_REF_NAME#v}" >> "$GITHUB_OUTPUT" | |
| - name: Log in to GHCR OCI | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | helm registry login ghcr.io --username ${{ github.actor }} --password-stdin | |
| - name: Package Helm chart | |
| run: helm package deploy/helm/humr --version ${{ steps.version.outputs.version }} --app-version ${{ steps.version.outputs.version }} | |
| - name: Push to OCI registry | |
| run: helm push humr-${{ steps.version.outputs.version }}.tgz oci://ghcr.io/kagenti/humr/charts | |