d73a73d7f3
- Replace fileURLToPath(import.meta.url) with import.meta.dirname across
scripts and extensions
- Rename parsers-legacy.ts → parsers.ts
- Remove deleted plan/spec docs (cicd-pipeline)
- Update package.json engines and deps across workspace packages
- Update web/package-lock.json
💘 Generated with Crush
Assisted-by: GLM-5.1 via Crush <crush@charm.land>
151 lines
5.3 KiB
YAML
151 lines
5.3 KiB
YAML
# singularity-forge + CI: manual @dev channel publish with approval gate
|
|
name: Dev Publish
|
|
|
|
# Manual pre-release. Click "Run workflow" in the Actions tab to stamp a
|
|
# version and publish @dev to npm. Gated by the `dev` GitHub Environment
|
|
# (configure reviewers in repo Settings -> Environments).
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
ref:
|
|
description: 'Branch or SHA to publish as @dev'
|
|
required: false
|
|
default: 'main'
|
|
|
|
concurrency:
|
|
group: dev-publish-${{ github.event.inputs.ref }}
|
|
cancel-in-progress: false
|
|
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
|
|
jobs:
|
|
dev-publish:
|
|
name: Dev Publish
|
|
runs-on: ubuntu-latest
|
|
environment: dev
|
|
outputs:
|
|
dev-version: ${{ steps.stamp.outputs.version }}
|
|
steps:
|
|
- uses: actions/checkout@v6
|
|
with:
|
|
ref: ${{ github.event.inputs.ref }}
|
|
token: ${{ secrets.RELEASE_PAT }}
|
|
fetch-depth: 0
|
|
|
|
- name: Mark workspace safe for git
|
|
run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
|
|
|
|
- uses: actions/setup-node@v6
|
|
with:
|
|
node-version: 24
|
|
registry-url: https://registry.npmjs.org
|
|
cache: 'npm'
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Install web host dependencies
|
|
run: npm --prefix web ci
|
|
|
|
- name: Cache Next.js build
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: web/.next/cache
|
|
key: nextjs-${{ runner.os }}-${{ hashFiles('web/package-lock.json') }}-${{ hashFiles('web/app/**', 'web/components/**', 'web/lib/**', 'web/hooks/**') }}
|
|
restore-keys: |
|
|
nextjs-${{ runner.os }}-${{ hashFiles('web/package-lock.json') }}-
|
|
nextjs-${{ runner.os }}-
|
|
|
|
- name: Build core
|
|
run: npm run build:core
|
|
|
|
- name: Build web host
|
|
run: npm run build:web-host
|
|
|
|
- name: Stamp dev version and sync platform packages
|
|
id: stamp
|
|
env:
|
|
VERSION_CHANNEL: dev
|
|
run: |
|
|
npm run pipeline:version-stamp
|
|
npm run sync-platform-versions
|
|
echo "version=$(node -e 'process.stdout.write(require("./package.json").version)')" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Smoke test
|
|
run: |
|
|
chmod +x dist/loader.js
|
|
export SF_SMOKE_BINARY="$(pwd)/dist/loader.js"
|
|
npm run test:smoke
|
|
|
|
- name: Publish @dev
|
|
env:
|
|
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
|
run: |
|
|
VERSION=$(node -e 'process.stdout.write(require("./package.json").version)')
|
|
if npm view "singularity-forge@${VERSION}" version 2>/dev/null; then
|
|
echo "Version ${VERSION} already published — moving @dev tag"
|
|
npm dist-tag add "singularity-forge@${VERSION}" dev
|
|
else
|
|
npm publish --tag dev
|
|
fi
|
|
echo "Verifying singularity-forge@${VERSION} is reachable on npm..."
|
|
for i in 1 2 3 4 5; do
|
|
npm view "singularity-forge@${VERSION}" version 2>/dev/null && echo "Confirmed: singularity-forge@${VERSION} is live." && exit 0
|
|
echo "Attempt $i: not yet visible — waiting 10s..."
|
|
sleep 10
|
|
done
|
|
echo "::error::Publish step succeeded but singularity-forge@${VERSION} is not reachable on npm after 50s. Check NPM_TOKEN permissions and registry config."
|
|
exit 1
|
|
|
|
dev-verify:
|
|
name: Dev Verify (installed package)
|
|
needs: dev-publish
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v6
|
|
with:
|
|
ref: ${{ github.event.inputs.ref }}
|
|
|
|
- uses: actions/setup-node@v6
|
|
with:
|
|
node-version: 24
|
|
registry-url: https://registry.npmjs.org
|
|
cache: 'npm'
|
|
|
|
- name: Install published singularity-forge@dev globally (with registry propagation retry)
|
|
env:
|
|
DEV_VERSION: ${{ needs.dev-publish.outputs.dev-version }}
|
|
run: |
|
|
for i in 1 2 3 4 5 6; do
|
|
npm install -g "singularity-forge@${DEV_VERSION}" && exit 0
|
|
echo "Attempt $i failed — waiting 10s for npm registry propagation..."
|
|
sleep 10
|
|
done
|
|
echo "::error::Failed to install singularity-forge@${DEV_VERSION} after 6 attempts."
|
|
echo "::error::Recommended actions: (1) investigate the failing step above, (2) if the version exists on npm, deprecate it with 'npm deprecate singularity-forge@${DEV_VERSION} \"broken build; see Actions run\"', (3) cut a fix and re-run Dev Publish."
|
|
exit 1
|
|
|
|
- name: Run smoke tests (against installed binary)
|
|
run: |
|
|
export SF_SMOKE_BINARY=$(which sf)
|
|
npm run test:smoke
|
|
|
|
- name: Install repo dependencies (for regression harness)
|
|
run: npm ci
|
|
|
|
- name: Run live regression tests (against installed binary)
|
|
run: |
|
|
export SF_SMOKE_BINARY=$(which sf)
|
|
npm run test:live-regression
|
|
|
|
- name: Warn on verify failure
|
|
if: failure()
|
|
env:
|
|
DEV_VERSION: ${{ needs.dev-publish.outputs.dev-version }}
|
|
run: |
|
|
echo "::error::Post-publish verification failed for singularity-forge@${DEV_VERSION}."
|
|
echo "::error::Recommended actions: (1) investigate the failing step above, (2) if the version exists on npm, deprecate it with 'npm deprecate singularity-forge@${DEV_VERSION} \"broken build; see Actions run\"', (3) cut a fix and re-run Dev Publish."
|
|
exit 1
|