Skip to content

Merge remote-tracking branch 'origin/main' #61

Merge remote-tracking branch 'origin/main'

Merge remote-tracking branch 'origin/main' #61

name: release-switcher
# Core CLI release only (GoReleaser, R2 CLI, npm) — v* tags or manual dispatch.
# Desktop shell: release-desktop.yml | Landing site: deploy-landing.yml
on:
push:
tags:
- "v*"
workflow_dispatch:
inputs:
version:
description: "Release version without leading v (for npm only)"
required: false
type: string
permissions:
contents: write
env:
R2_PUBLIC_BASE_URL: https://downloads.clovapi.com
jobs:
goreleaser:
runs-on: ubuntu-latest
defaults:
run:
working-directory: core
steps:
- name: Checkout
uses: actions/checkout@v5
with:
fetch-depth: 0
- name: Check existing CLI release
id: existing_cli_release
working-directory: .
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
set -euo pipefail
echo "complete=false" >> "$GITHUB_OUTPUT"
if [[ "${GITHUB_REF_NAME:-}" != v* ]]; then
exit 0
fi
version="${GITHUB_REF_NAME#v}"
required_assets=(
"checksums.txt"
"clovapi_${version}_darwin_amd64.tar.gz"
"clovapi_${version}_darwin_arm64.tar.gz"
"clovapi_${version}_linux_amd64.tar.gz"
"clovapi_${version}_linux_arm64.tar.gz"
"clovapi_${version}_windows_amd64.zip"
"clovapi_${version}_windows_arm64.zip"
)
if ! gh release view "$GITHUB_REF_NAME" --repo "$GITHUB_REPOSITORY" --json assets > /tmp/clovapi-release.json 2>/dev/null; then
exit 0
fi
for asset in "${required_assets[@]}"; do
if ! jq -e --arg name "$asset" '.assets | any(.name == $name)' /tmp/clovapi-release.json >/dev/null; then
exit 0
fi
done
echo "complete=true" >> "$GITHUB_OUTPUT"
echo "Release $GITHUB_REF_NAME already has all CLI assets; skipping GoReleaser publish."
- name: Setup Go
if: steps.existing_cli_release.outputs.complete != 'true'
uses: actions/setup-go@v5
with:
go-version-file: core/go.mod
- name: Run tests
if: steps.existing_cli_release.outputs.complete != 'true'
run: go test ./...
- name: Setup GoReleaser
if: steps.existing_cli_release.outputs.complete != 'true'
uses: goreleaser/goreleaser-action@v6
with:
version: "~> v2"
install-only: true
- name: GoReleaser release
if: steps.existing_cli_release.outputs.complete != 'true'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: goreleaser release --clean --config .goreleaser.yaml
- name: Decide R2 publish
id: r2_gate
if: steps.existing_cli_release.outputs.complete != 'true'
working-directory: .
run: |
if [ -n "${{ secrets.R2_ACCOUNT_ID }}" ] && [ -n "${{ secrets.R2_ACCESS_KEY_ID }}" ] && [ -n "${{ secrets.R2_SECRET_ACCESS_KEY }}" ] && [ -n "${{ secrets.R2_BUCKET }}" ]; then
echo "publish=true" >> "$GITHUB_OUTPUT"
else
echo "publish=false" >> "$GITHUB_OUTPUT"
fi
- name: Resolve release tag
id: release_tag
if: ${{ steps.r2_gate.outputs.publish == 'true' }}
working-directory: .
env:
RELEASE_INPUT_VERSION: ${{ github.event.inputs.version }}
run: |
set -euo pipefail
if [[ "${GITHUB_REF_NAME:-}" == v* ]]; then
echo "tag=${GITHUB_REF_NAME}" >> "$GITHUB_OUTPUT"
elif [[ -n "${RELEASE_INPUT_VERSION:-}" ]]; then
echo "tag=v${RELEASE_INPUT_VERSION}" >> "$GITHUB_OUTPUT"
else
echo "tag=" >> "$GITHUB_OUTPUT"
fi
- name: Setup Python
if: ${{ steps.r2_gate.outputs.publish == 'true' && steps.release_tag.outputs.tag != '' }}
uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Install awscli
if: ${{ steps.r2_gate.outputs.publish == 'true' && steps.release_tag.outputs.tag != '' }}
run: pip install --upgrade awscli
- name: Upload CLI artifacts to Cloudflare R2
if: ${{ steps.r2_gate.outputs.publish == 'true' && steps.release_tag.outputs.tag != '' }}
working-directory: .
env:
R2_ACCOUNT_ID: ${{ secrets.R2_ACCOUNT_ID }}
R2_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }}
R2_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }}
R2_SESSION_TOKEN: ${{ secrets.R2_SESSION_TOKEN }}
R2_BUCKET: ${{ secrets.R2_BUCKET }}
R2_ARTIFACT_PREFIX: ${{ secrets.R2_ARTIFACT_PREFIX }}
run: |
set -euo pipefail
chmod +x scripts/r2-publish.sh
./scripts/r2-publish.sh cli --tag "${{ steps.release_tag.outputs.tag }}" --dist core/dist
./scripts/r2-publish.sh install-sh --file landing/public/install.sh
npm:
runs-on: ubuntu-latest
needs: goreleaser
if: ${{ startsWith(github.ref, 'refs/tags/v') || github.event_name == 'workflow_dispatch' }}
steps:
- name: Checkout
uses: actions/checkout@v5
- name: Decide npm publish
id: npm_gate
working-directory: .
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
run: |
if [ -n "$NPM_TOKEN" ]; then
echo "publish=true" >> "$GITHUB_OUTPUT"
else
echo "publish=false" >> "$GITHUB_OUTPUT"
fi
- name: Setup Node
if: ${{ steps.npm_gate.outputs.publish == 'true' }}
uses: actions/setup-node@v5
with:
node-version: "22"
registry-url: "https://registry.npmjs.org"
- name: Sync package version from tag
if: ${{ steps.npm_gate.outputs.publish == 'true' && startsWith(github.ref, 'refs/tags/v') }}
working-directory: npm
run: |
target_version="${GITHUB_REF_NAME#v}"
current_version="$(node -p "require('./package.json').version")"
if [ "$current_version" != "$target_version" ]; then
npm version "$target_version" --no-git-tag-version
else
echo "package.json version already $target_version, skip npm version"
fi
- name: Sync package version from input
if: ${{ steps.npm_gate.outputs.publish == 'true' && github.event_name == 'workflow_dispatch' && github.event.inputs.version != '' }}
working-directory: npm
run: |
target_version="${{ github.event.inputs.version }}"
current_version="$(node -p "require('./package.json').version")"
if [ "$current_version" != "$target_version" ]; then
npm version "$target_version" --no-git-tag-version
else
echo "package.json version already $target_version, skip npm version"
fi
- name: Check published npm version
id: npm_version
if: ${{ steps.npm_gate.outputs.publish == 'true' }}
working-directory: npm
run: |
version="$(node -p "require('./package.json').version")"
if npm view "@clovapi/cli@${version}" version >/dev/null 2>&1; then
echo "exists=true" >> "$GITHUB_OUTPUT"
echo "@clovapi/cli ${version} is already published; skipping npm publish."
else
echo "exists=false" >> "$GITHUB_OUTPUT"
fi
- name: Publish npm package
if: ${{ steps.npm_gate.outputs.publish == 'true' && steps.npm_version.outputs.exists != 'true' }}
working-directory: npm
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
run: npm publish --access public