Merge remote-tracking branch 'origin/main' #61
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release-switcher | |
| # Core CLI release only (GoReleaser, R2 CLI, npm) — v* tags or manual dispatch. | |
| # Desktop shell: release-desktop.yml | Landing site: deploy-landing.yml | |
| on: | |
| push: | |
| tags: | |
| - "v*" | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: "Release version without leading v (for npm only)" | |
| required: false | |
| type: string | |
| permissions: | |
| contents: write | |
| env: | |
| R2_PUBLIC_BASE_URL: https://downloads.clovapi.com | |
| jobs: | |
| goreleaser: | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: core | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Check existing CLI release | |
| id: existing_cli_release | |
| working-directory: . | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| set -euo pipefail | |
| echo "complete=false" >> "$GITHUB_OUTPUT" | |
| if [[ "${GITHUB_REF_NAME:-}" != v* ]]; then | |
| exit 0 | |
| fi | |
| version="${GITHUB_REF_NAME#v}" | |
| required_assets=( | |
| "checksums.txt" | |
| "clovapi_${version}_darwin_amd64.tar.gz" | |
| "clovapi_${version}_darwin_arm64.tar.gz" | |
| "clovapi_${version}_linux_amd64.tar.gz" | |
| "clovapi_${version}_linux_arm64.tar.gz" | |
| "clovapi_${version}_windows_amd64.zip" | |
| "clovapi_${version}_windows_arm64.zip" | |
| ) | |
| if ! gh release view "$GITHUB_REF_NAME" --repo "$GITHUB_REPOSITORY" --json assets > /tmp/clovapi-release.json 2>/dev/null; then | |
| exit 0 | |
| fi | |
| for asset in "${required_assets[@]}"; do | |
| if ! jq -e --arg name "$asset" '.assets | any(.name == $name)' /tmp/clovapi-release.json >/dev/null; then | |
| exit 0 | |
| fi | |
| done | |
| echo "complete=true" >> "$GITHUB_OUTPUT" | |
| echo "Release $GITHUB_REF_NAME already has all CLI assets; skipping GoReleaser publish." | |
| - name: Setup Go | |
| if: steps.existing_cli_release.outputs.complete != 'true' | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: core/go.mod | |
| - name: Run tests | |
| if: steps.existing_cli_release.outputs.complete != 'true' | |
| run: go test ./... | |
| - name: Setup GoReleaser | |
| if: steps.existing_cli_release.outputs.complete != 'true' | |
| uses: goreleaser/goreleaser-action@v6 | |
| with: | |
| version: "~> v2" | |
| install-only: true | |
| - name: GoReleaser release | |
| if: steps.existing_cli_release.outputs.complete != 'true' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: goreleaser release --clean --config .goreleaser.yaml | |
| - name: Decide R2 publish | |
| id: r2_gate | |
| if: steps.existing_cli_release.outputs.complete != 'true' | |
| working-directory: . | |
| run: | | |
| if [ -n "${{ secrets.R2_ACCOUNT_ID }}" ] && [ -n "${{ secrets.R2_ACCESS_KEY_ID }}" ] && [ -n "${{ secrets.R2_SECRET_ACCESS_KEY }}" ] && [ -n "${{ secrets.R2_BUCKET }}" ]; then | |
| echo "publish=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "publish=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Resolve release tag | |
| id: release_tag | |
| if: ${{ steps.r2_gate.outputs.publish == 'true' }} | |
| working-directory: . | |
| env: | |
| RELEASE_INPUT_VERSION: ${{ github.event.inputs.version }} | |
| run: | | |
| set -euo pipefail | |
| if [[ "${GITHUB_REF_NAME:-}" == v* ]]; then | |
| echo "tag=${GITHUB_REF_NAME}" >> "$GITHUB_OUTPUT" | |
| elif [[ -n "${RELEASE_INPUT_VERSION:-}" ]]; then | |
| echo "tag=v${RELEASE_INPUT_VERSION}" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "tag=" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Setup Python | |
| if: ${{ steps.r2_gate.outputs.publish == 'true' && steps.release_tag.outputs.tag != '' }} | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.x" | |
| - name: Install awscli | |
| if: ${{ steps.r2_gate.outputs.publish == 'true' && steps.release_tag.outputs.tag != '' }} | |
| run: pip install --upgrade awscli | |
| - name: Upload CLI artifacts to Cloudflare R2 | |
| if: ${{ steps.r2_gate.outputs.publish == 'true' && steps.release_tag.outputs.tag != '' }} | |
| working-directory: . | |
| env: | |
| R2_ACCOUNT_ID: ${{ secrets.R2_ACCOUNT_ID }} | |
| R2_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }} | |
| R2_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }} | |
| R2_SESSION_TOKEN: ${{ secrets.R2_SESSION_TOKEN }} | |
| R2_BUCKET: ${{ secrets.R2_BUCKET }} | |
| R2_ARTIFACT_PREFIX: ${{ secrets.R2_ARTIFACT_PREFIX }} | |
| run: | | |
| set -euo pipefail | |
| chmod +x scripts/r2-publish.sh | |
| ./scripts/r2-publish.sh cli --tag "${{ steps.release_tag.outputs.tag }}" --dist core/dist | |
| ./scripts/r2-publish.sh install-sh --file landing/public/install.sh | |
| npm: | |
| runs-on: ubuntu-latest | |
| needs: goreleaser | |
| if: ${{ startsWith(github.ref, 'refs/tags/v') || github.event_name == 'workflow_dispatch' }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| - name: Decide npm publish | |
| id: npm_gate | |
| working-directory: . | |
| env: | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| run: | | |
| if [ -n "$NPM_TOKEN" ]; then | |
| echo "publish=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "publish=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Setup Node | |
| if: ${{ steps.npm_gate.outputs.publish == 'true' }} | |
| uses: actions/setup-node@v5 | |
| with: | |
| node-version: "22" | |
| registry-url: "https://registry.npmjs.org" | |
| - name: Sync package version from tag | |
| if: ${{ steps.npm_gate.outputs.publish == 'true' && startsWith(github.ref, 'refs/tags/v') }} | |
| working-directory: npm | |
| run: | | |
| target_version="${GITHUB_REF_NAME#v}" | |
| current_version="$(node -p "require('./package.json').version")" | |
| if [ "$current_version" != "$target_version" ]; then | |
| npm version "$target_version" --no-git-tag-version | |
| else | |
| echo "package.json version already $target_version, skip npm version" | |
| fi | |
| - name: Sync package version from input | |
| if: ${{ steps.npm_gate.outputs.publish == 'true' && github.event_name == 'workflow_dispatch' && github.event.inputs.version != '' }} | |
| working-directory: npm | |
| run: | | |
| target_version="${{ github.event.inputs.version }}" | |
| current_version="$(node -p "require('./package.json').version")" | |
| if [ "$current_version" != "$target_version" ]; then | |
| npm version "$target_version" --no-git-tag-version | |
| else | |
| echo "package.json version already $target_version, skip npm version" | |
| fi | |
| - name: Check published npm version | |
| id: npm_version | |
| if: ${{ steps.npm_gate.outputs.publish == 'true' }} | |
| working-directory: npm | |
| run: | | |
| version="$(node -p "require('./package.json').version")" | |
| if npm view "@clovapi/cli@${version}" version >/dev/null 2>&1; then | |
| echo "exists=true" >> "$GITHUB_OUTPUT" | |
| echo "@clovapi/cli ${version} is already published; skipping npm publish." | |
| else | |
| echo "exists=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Publish npm package | |
| if: ${{ steps.npm_gate.outputs.publish == 'true' && steps.npm_version.outputs.exists != 'true' }} | |
| working-directory: npm | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| run: npm publish --access public |