chore: gitignore beads pid lock file #30
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: SDK Publish | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| permissions: | |
| contents: read | |
| packages: write | |
| env: | |
| CARGO_TERM_COLOR: always | |
| RUST_VERSION: "1.89" | |
| jobs: | |
| test: | |
| name: Test Gate | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: ${{ env.RUST_VERSION }} | |
| components: rustfmt, clippy | |
| - uses: Swatinem/rust-cache@v2 | |
| - run: cargo fmt --all -- --check | |
| - run: cargo clippy -- -D warnings | |
| - run: cargo test | |
| # ── Node.js: npm (OIDC trusted publisher) + GitHub Packages ───────── | |
| publish-nodejs: | |
| needs: test | |
| name: Publish Node.js SDK | |
| runs-on: ubuntu-latest | |
| environment: npm | |
| permissions: | |
| id-token: write | |
| contents: read | |
| packages: write | |
| defaults: | |
| run: | |
| working-directory: sdk/nodejs | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| registry-url: https://registry.npmjs.org | |
| # Trusted publishers require npm >= 11.5.1 | |
| - name: Update npm | |
| run: npm install -g npm@latest | |
| - run: npm ci | |
| - run: npm run build | |
| - run: npm test | |
| # Extract version from tag | |
| - name: Set version from tag | |
| env: | |
| TAG_NAME: ${{ github.ref_name }} | |
| run: npm version "${TAG_NAME#v}" --no-git-tag-version | |
| # Publish to npm via OIDC trusted publisher (no token needed) | |
| # Skip if version already exists on npm | |
| - name: Publish to npm | |
| run: | | |
| VERSION=$(node -p "require('./package.json').version") | |
| if npm view "agentkernel@${VERSION}" version 2>/dev/null; then | |
| echo "Version ${VERSION} already published to npm, skipping" | |
| else | |
| npm publish --access public | |
| fi | |
| # Publish to GitHub Packages | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| registry-url: https://npm.pkg.github.com | |
| - name: Publish to GitHub Packages | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| # GitHub Packages requires scoped name | |
| node -e " | |
| const pkg = require('./package.json'); | |
| pkg.name = '@thrashr888/agentkernel'; | |
| require('fs').writeFileSync('package.json', JSON.stringify(pkg, null, 2)); | |
| " | |
| VERSION=$(node -p "require('./package.json').version") | |
| if npm view "@thrashr888/agentkernel@${VERSION}" version --registry https://npm.pkg.github.com 2>/dev/null; then | |
| echo "Version ${VERSION} already published to GitHub Packages, skipping" | |
| else | |
| npm publish --access public | |
| fi | |
| git checkout package.json | |
| # ── Python: PyPI via OIDC trusted publisher ───────────────────────── | |
| publish-python: | |
| needs: test | |
| name: Publish Python SDK | |
| runs-on: ubuntu-latest | |
| environment: pypi | |
| permissions: | |
| id-token: write | |
| defaults: | |
| run: | |
| working-directory: sdk/python | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Install build tools | |
| run: pip install build | |
| - name: Set version from tag | |
| env: | |
| TAG_NAME: ${{ github.ref_name }} | |
| run: | | |
| VERSION="${TAG_NAME#v}" | |
| sed -i "s/^version = .*/version = \"$VERSION\"/" pyproject.toml | |
| - name: Build package | |
| run: python -m build | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| packages-dir: sdk/python/dist/ | |
| # ── Rust: crates.io (OIDC trusted publisher) ─────────────────────── | |
| publish-rust: | |
| needs: test | |
| name: Publish Rust SDK | |
| runs-on: ubuntu-latest | |
| environment: crates | |
| permissions: | |
| id-token: write | |
| contents: read | |
| defaults: | |
| run: | |
| working-directory: sdk/rust | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: dtolnay/rust-toolchain@stable | |
| - name: Set version from tag | |
| env: | |
| TAG_NAME: ${{ github.ref_name }} | |
| run: | | |
| VERSION="${TAG_NAME#v}" | |
| sed -i "s/^version = .*/version = \"$VERSION\"/" Cargo.toml | |
| - run: cargo test | |
| - name: Authenticate with crates.io | |
| id: crates-auth | |
| uses: rust-lang/crates-io-auth-action@v1 | |
| - name: Publish to crates.io | |
| env: | |
| CARGO_REGISTRY_TOKEN: ${{ steps.crates-auth.outputs.token }} | |
| run: | | |
| VERSION=$(grep '^version' Cargo.toml | head -1 | sed 's/.*"\(.*\)"/\1/') | |
| # Use crates.io API directly (cargo search has index lag) | |
| HTTP_STATUS=$(curl -s -o /dev/null -w "%{http_code}" "https://crates.io/api/v1/crates/agentkernel-sdk/${VERSION}") | |
| if [ "$HTTP_STATUS" = "200" ]; then | |
| echo "Version ${VERSION} already published to crates.io, skipping" | |
| else | |
| cargo publish --allow-dirty | |
| fi | |
| # ── Swift: verify only (SPM uses Git tags) ────────────────────────── | |
| verify-swift: | |
| needs: test | |
| name: Verify Swift SDK | |
| runs-on: macos-latest | |
| defaults: | |
| run: | |
| working-directory: sdk/swift | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Build | |
| run: swift build | |
| - name: Test | |
| run: swift test |