Add server auth sync and refresh OAuth tokens #8
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - "v*" | |
| workflow_dispatch: | |
| inputs: | |
| create_github_release: | |
| description: "Create or update the GitHub release" | |
| required: true | |
| type: boolean | |
| default: false | |
| publish_npm: | |
| description: "Publish to npm through trusted publishing" | |
| required: true | |
| type: boolean | |
| default: false | |
| publish_pypi: | |
| description: "Publish to PyPI through trusted publishing" | |
| required: true | |
| type: boolean | |
| default: true | |
| permissions: | |
| contents: read | |
| env: | |
| FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true | |
| jobs: | |
| build: | |
| name: Build and verify artifacts | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.version.outputs.version }} | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v6 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: "24" | |
| registry-url: "https://registry.npmjs.org" | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: "3.12" | |
| - name: Determine release version | |
| id: version | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then | |
| version="${GITHUB_REF_NAME#v}" | |
| else | |
| version="$(python -c 'import tomllib; print(tomllib.load(open("pyproject.toml", "rb"))["project"]["version"])')" | |
| fi | |
| package_version="$(node -p "require('./package.json').version")" | |
| python_version="$(python -c 'import tomllib; print(tomllib.load(open("pyproject.toml", "rb"))["project"]["version"])')" | |
| if [[ "${version}" != "${package_version}" || "${version}" != "${python_version}" ]]; then | |
| echo "version mismatch: release=${version} package.json=${package_version} pyproject.toml=${python_version}" >&2 | |
| exit 1 | |
| fi | |
| echo "version=${version}" >> "${GITHUB_OUTPUT}" | |
| - name: Test Go packages | |
| run: CGO_ENABLED=0 go test ./... | |
| - name: Build Go release binaries | |
| run: scripts/build-release.sh "${{ steps.version.outputs.version }}" | |
| - name: Copy shell installer into release assets | |
| run: cp install.sh dist/release/install.sh | |
| - name: Check npm package | |
| run: npm pack --dry-run | |
| - name: Build Python package | |
| run: | | |
| python -m pip install --upgrade build twine | |
| python -m build | |
| python -m twine check dist/subrouter-*.tar.gz dist/subrouter-*.whl | |
| - name: Upload Go release artifacts | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| name: release-assets | |
| path: dist/release/* | |
| if-no-files-found: error | |
| - name: Upload Python distributions | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| name: python-dist | |
| path: | | |
| dist/subrouter-*.tar.gz | |
| dist/subrouter-*.whl | |
| if-no-files-found: error | |
| github-release: | |
| name: Publish GitHub release | |
| needs: build | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name == 'push' || github.event.inputs.create_github_release == 'true' }} | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Download Go release artifacts | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: release-assets | |
| path: dist/release | |
| - name: Create or update GitHub release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| GH_REPO: ${{ github.repository }} | |
| TAG_NAME: v${{ needs.build.outputs.version }} | |
| run: | | |
| set -euo pipefail | |
| if gh release view "${TAG_NAME}" >/dev/null 2>&1; then | |
| gh release upload "${TAG_NAME}" dist/release/* --clobber | |
| else | |
| gh release create "${TAG_NAME}" dist/release/* \ | |
| --title "Subrouter ${TAG_NAME}" \ | |
| --notes "Subrouter ${TAG_NAME}" | |
| fi | |
| npm-publish: | |
| name: Publish npm package | |
| needs: build | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name == 'push' || github.event.inputs.publish_npm == 'true' }} | |
| environment: npm | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v6 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: "24" | |
| registry-url: "https://registry.npmjs.org" | |
| - name: Publish to npm | |
| run: npm publish --access public | |
| pypi-publish: | |
| name: Publish PyPI package | |
| needs: build | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name == 'push' || github.event.inputs.publish_pypi == 'true' }} | |
| environment: pypi | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: Download Python distributions | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: python-dist | |
| path: dist | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 |