Skip to content
Release

build: update bundled dist files #185

Sign in to view logs

build: update bundled dist files

build: update bundled dist files #185

Workflow file for this run

.github/workflows/release.yml at 1e0341f
name: Release
on:
# Manual trigger with version input
workflow_dispatch:
inputs:
version:
description: 'Version to release (e.g., 0.1.3)'
required: true
type: string
prerelease:
description: 'Mark as pre-release'
required: false
type: boolean
default: false
# Still support tag-based releases for automation
push:
tags:
- 'v*.*.*' # Trigger on version tags like v1.0.0
jobs:
release-npm:
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write # For npm provenance
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: "24"
registry-url: "https://registry.npmjs.org"
- name: Install dependencies
run: npm install
- name: Run tests
run: npm test
env:
CI: true
NODE_OPTIONS: --max-old-space-size=6144
- name: Build package
run: npm run build
- name: Verify package files
run: |
echo "📦 Package contents:"
npm pack --dry-run
echo "✅ Package verification complete"
- name: Set version
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
VERSION="${{ github.event.inputs.version }}"
TAG_NAME="v$VERSION"
else
VERSION=${GITHUB_REF#refs/tags/v}
TAG_NAME=${GITHUB_REF##*/}
fi
echo "VERSION=$VERSION" >> $GITHUB_ENV
echo "TAG_NAME=$TAG_NAME" >> $GITHUB_ENV
echo "Setting package version to $VERSION"
npm version $VERSION --no-git-tag-version
- name: Publish to npm
shell: bash
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
run: |
# Publish alpha/beta as 'next', rc as both 'latest' and 'rc', stable as 'latest'
# Note: npm requires explicit --tag for prerelease versions
if [[ "$VERSION" == *-alpha* ]] || [[ "$VERSION" == *-beta* ]]; then
npm publish --access public --provenance --tag next
elif [[ "$VERSION" == *-rc* ]]; then
npm publish --access public --provenance --tag latest
npm dist-tag add "@probelabs/visor@$VERSION" rc || true
else
npm publish --access public --provenance --tag latest
fi
- name: Post-release notification
if: success()
run: |
echo "🎉 Successfully published @probelabs/visor@$VERSION to npm!"
echo "📦 Install with: npx -y @probelabs/visor"
# Publish Enterprise Edition with -ee version suffix
release-npm-ee:
runs-on: ubuntu-latest
needs: release-npm # Publish EE after OSS succeeds
permissions:
contents: read
id-token: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: "24"
registry-url: "https://registry.npmjs.org"
- name: Install dependencies
run: npm install
- name: Set version
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
VERSION="${{ github.event.inputs.version }}"
else
VERSION=${GITHUB_REF#refs/tags/v}
fi
echo "VERSION=$VERSION" >> $GITHUB_ENV
echo "EE_VERSION=${VERSION}-ee" >> $GITHUB_ENV
- name: Build EE package
run: npm run build:ee
- name: Verify enterprise code in bundle
run: |
if grep -q "OpaPolicyEngine" dist/index.js && grep -q "LicenseValidator" dist/index.js; then
echo "✅ EE bundle contains enterprise code"
else
echo "❌ EE bundle is missing enterprise code"
exit 1
fi
- name: Set EE version
run: npm version "$EE_VERSION" --no-git-tag-version
- name: Publish EE to npm
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
run: |
npm publish --access public --provenance --tag ee --ignore-scripts
- name: Post-release notification
if: success()
run: |
echo "🎉 Successfully published @probelabs/visor@$EE_VERSION to npm!"
echo "📦 Install with: npm install @probelabs/visor@ee"
# GitHub Release creation with AI-generated notes
create-release:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0 # Need full history for git log
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: "24"
- name: Install dependencies and build
run: |
npm install
npm run build
- name: Set version variables
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
VERSION="${{ github.event.inputs.version }}"
TAG_NAME="v$VERSION"
else
VERSION=${GITHUB_REF#refs/tags/v}
TAG_NAME=${GITHUB_REF##*/}
fi
echo "VERSION=$VERSION" >> $GITHUB_ENV
echo "TAG_NAME=$TAG_NAME" >> $GITHUB_ENV
echo "📋 Processing release for ${TAG_NAME}"
- name: Generate AI release notes
id: release-notes
run: |
echo "🤖 Generating AI-powered release notes..."
# Get previous tag for comparison
PREV_TAG=$(git describe --tags --abbrev=0 ${TAG_NAME}^ 2>/dev/null || echo "")
# Get commits and diff stats since last tag
if [ -n "$PREV_TAG" ]; then
GIT_LOG=$(git log --oneline --no-merges ${PREV_TAG}..${TAG_NAME} 2>/dev/null || git log --oneline --no-merges ${TAG_NAME})
GIT_DIFF_STAT=$(git diff --stat ${PREV_TAG}..${TAG_NAME} 2>/dev/null || git diff --stat $(git hash-object -t tree /dev/null)..${TAG_NAME})
echo "📊 Found $(echo "$GIT_LOG" | wc -l) commits since ${PREV_TAG}"
else
GIT_LOG=$(git log --oneline --no-merges ${TAG_NAME})
GIT_DIFF_STAT=$(git diff --stat $(git hash-object -t tree /dev/null)..${TAG_NAME})
echo "📊 Found $(echo "$GIT_LOG" | wc -l) commits (first release)"
fi
# Generate release notes with Visor AI
echo "🔍 Running Visor AI to generate release notes..."
VISOR_OUTPUT=$(TAG_NAME=${{ env.TAG_NAME }} \
GIT_LOG="$GIT_LOG" \
GIT_DIFF_STAT="$GIT_DIFF_STAT" \
timeout 300 ./dist/index.js --cli --check release-notes --config .visor.yaml --output json 2>&1 || true)
echo "📋 Visor output:"
echo "$VISOR_OUTPUT"
# Extract release notes from JSON output
# The JSON structure is grouped by group name (e.g., "release": [...])
# We need to flatten all groups and find the release-notes check
RELEASE_NOTES=$(echo "$VISOR_OUTPUT" | jq -r '
to_entries[]
| .value[]
| select(.checkName == "release-notes")
| .output // .content // empty
' 2>/dev/null | head -1 || echo "")
# Track if we need GitHub to auto-generate notes
USE_GITHUB_NOTES="false"
# Fallback if AI generation fails
if [ -z "$RELEASE_NOTES" ] || [ "$RELEASE_NOTES" = "null" ]; then
echo "⚠️ AI release notes generation failed, using GitHub auto-generated notes"
RELEASE_NOTES=""
USE_GITHUB_NOTES="true"
else
echo "✅ Successfully generated AI release notes"
fi
# Save to GitHub output (handle multiline properly)
echo "RELEASE_NOTES<<EOF" >> $GITHUB_OUTPUT
echo "$RELEASE_NOTES" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
echo "USE_GITHUB_NOTES=$USE_GITHUB_NOTES" >> $GITHUB_OUTPUT
env:
GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
- name: Create GitHub Release
uses: softprops/action-gh-release@v2.3.3
with:
tag_name: ${{ env.TAG_NAME }}
name: Release ${{ env.TAG_NAME }}
# Only use GitHub auto-generated notes when AI generation failed
generate_release_notes: ${{ steps.release-notes.outputs.USE_GITHUB_NOTES == 'true' }}
draft: false
prerelease: ${{ github.event.inputs.prerelease || contains(env.VERSION, '-beta') || contains(env.VERSION, '-alpha') || contains(env.VERSION, '-rc') }}
body: |
${{ steps.release-notes.outputs.RELEASE_NOTES }}
---
## 📋 Installation & Usage
### Using Visor as a GitHub Action
```yaml
- uses: ${{ github.repository }}@${{ env.TAG_NAME }}
```
### Using Visor CLI
```bash
npx -y @probelabs/visor --check all
```
### Installation Options
**NPM (Global)**
```bash
npm install -g @probelabs/visor
visor --check all
```
**NPX (No installation)**
```bash
npx -y @probelabs/visor --check security --output json
```
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}