altk-evolve/.github/workflows/release-github.yaml at main · AgentToolkit/altk-evolve · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
name: Tag and release to Github

env:
  UV_FROZEN: "1"

permissions:
  contents: read

on:
  workflow_dispatch:
    inputs:
      bump-version:
        description: 'What bump level?'
        type: choice
        options: ['major', 'minor', 'patch', 'prerelease']
        required: true
      as-prerelease:
        description: 'As pre-release?'
        type: boolean
        required: true
        default: false

jobs:
  check-code:
    uses: ./.github/workflows/check-code.yaml
  run-tests:
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        python-version: ['3.12', '3.13'] # drop 3.14 because of arize-phoenix not supporting it
    env:
      OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
    steps:
      - name: Checkout Code
        uses: actions/checkout@v5
      - name: Set up Python ${{ matrix.python-version }}
        uses: actions/setup-python@v5
        with:
          python-version: ${{ matrix.python-version }}
      - name: Install uv
        uses: astral-sh/setup-uv@v6
        with:
          enable-cache: true
          python-version: ${{ matrix.python-version }}
      - uses: ./.github/actions/run-tests
  release:
    runs-on: ubuntu-latest
    needs:
      - check-code
      - run-tests
    permissions:
      contents: write
    steps:
      # Note: We checkout the repository at the branch that triggered the workflow
      # with the entire history to ensure to match PSR's release branch detection
      # and history evaluation.
      # However, we forcefully reset the branch to the workflow sha because it is
      # possible that the branch was updated while the workflow was running. This
      # prevents accidentally releasing un-evaluated changes.
      - name: Checkout code on release branch
        uses: actions/checkout@v5
        with:
          ref: ${{ github.ref_name }}
          fetch-depth: 0
          token: ${{ secrets.CI_PUSH_TOKEN }}

      - name: Force release branch to be at workflow sha
        run: |
          git reset --hard ${{ github.sha }}

      - name: Verify upstream has NOT changed
        # Last chance to abort before causing an error as another PR/push was applied to
        # the upstream branch while this workflow was running. This is important
        # because we are committing a version change (--commit). You may omit this step
        # if you have 'commit: false' in your configuration.
        #
        # You may consider moving this to a repo script and call it from this step instead
        # of writing it in-line.
        shell: bash
        run: bash .github/scripts/verify_upstream.sh

      - name: Set up Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '24'
          cache: 'npm'
          cache-dependency-path: 'altk_evolve/frontend/ui/package-lock.json'

      - name: Build UI
        working-directory: altk_evolve/frontend/ui
        run: npm ci && npm run build

      - name: Verify UI build
        run: |
          if [ ! -s "altk_evolve/frontend/ui/dist/index.html" ]; then
            echo "UI build failed: dist/index.html missing or empty"
            exit 1
          fi

      - name: Run semantic version release
        id: release
        # Adjust tag with desired version if applicable.
        uses: python-semantic-release/python-semantic-release@v10.4.1
        with:
          verbosity: 2
          github_token: ${{ secrets.CI_PUSH_TOKEN }}
          git_committer_name: ${{ vars.CI_BOT_NAME }}
          git_committer_email: ${{ vars.CI_BOT_EMAIL }}
          force: ${{ github.event.inputs.bump-version }}
          prerelease: ${{ github.event.inputs.as-prerelease }}

      - name: Upload to GitHub release assets
        uses: python-semantic-release/publish-action@v10.4.1
        if: steps.release.outputs.released == 'true'
        with:
          github_token: ${{ secrets.CI_PUSH_TOKEN }}
          tag: ${{ steps.release.outputs.tag }}

      - name: Upload install.sh to GitHub release assets
        if: steps.release.outputs.released == 'true'
        env:
          GH_TOKEN: ${{ secrets.CI_PUSH_TOKEN }}
        run: |
          sed 's/^SCRIPT_VERSION="main"/SCRIPT_VERSION="${{ steps.release.outputs.tag }}"/' \
            platform-integrations/install.sh > /tmp/install.sh
          gh release upload ${{ steps.release.outputs.tag }} \
            /tmp/install.sh#install.sh \
            --clobber