From fb91ffb0951561ac338602df33a113435900c990 Mon Sep 17 00:00:00 2001 From: telagod Date: Sat, 16 May 2026 03:14:39 +0800 Subject: [PATCH] ci: add npm publish automation + OpenClaw smoke MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Two CI changes: 1. release.yml — subscribe to 'release: published' events: - Re-runs npm test + npm run verify:skills before publish - Gates publish on tag == package.json version (prevents drift between 'git tag v2.1.x' and an out-of-sync package.json) - Uses npm provenance (requires id-token: write OIDC permission) - Reads NPM_TOKEN from repository secret Future flow: 'gh release create v2.1.x' triggers automatic npm publish. 2. ci.yml — add smoke-openclaw matrix job: - Mirrors smoke-claude / smoke-codex / smoke-gemini structure - Covers ubuntu / macos / windows installer paths - Asserts: ~/.openclaw/skills, workspace/{AGENTS,SOUL}.md, .sage-uninstall.js - Smoke matrix was missing openclaw target since v2.1.8 Verified locally against pristine $HOME: install creates expected paths, uninstall removes them. --- .github/workflows/ci.yml | 42 +++++++++++++++++++++++++++++ .github/workflows/release.yml | 50 +++++++++++++++++++++++++++++++++++ 2 files changed, 92 insertions(+) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8e79428..171277b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -162,3 +162,45 @@ jobs: test ! -e "$abyss_home/.gemini/GEMINI.md" test ! -e "$abyss_home/.gemini/skills" test ! -e "$abyss_home/.gemini/.sage-backup" + + smoke-openclaw: + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + os: [ubuntu-latest, macos-latest, windows-latest] + steps: + - uses: actions/checkout@v5 + - uses: actions/setup-node@v5 + with: + node-version: 20 + - run: npm ci + - name: Pack npm tarball + shell: bash + run: npm pack + - name: Smoke install/uninstall OpenClaw target + shell: bash + run: | + set -euo pipefail + + pkg_tgz="$(ls code-abyss-*.tgz | head -n 1)" + abyss_home="$RUNNER_TEMP/abyss-home" + rm -rf "$abyss_home" + mkdir -p "$abyss_home" + + export HOME="$abyss_home" + export USERPROFILE="$abyss_home" + + npx --yes --package "./$pkg_tgz" code-abyss --target openclaw -y + + test -d "$abyss_home/.openclaw/skills" + test -f "$abyss_home/.openclaw/workspace/AGENTS.md" + test -f "$abyss_home/.openclaw/workspace/SOUL.md" + test -f "$abyss_home/.openclaw/.sage-uninstall.js" + test ! -e "$abyss_home/.openclaw/commands" + test ! -e "$abyss_home/.openclaw/skills/gstack" + + npx --yes --package "./$pkg_tgz" code-abyss --uninstall openclaw + + test ! -e "$abyss_home/.openclaw/skills" + test ! -e "$abyss_home/.openclaw/.sage-backup" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..6b09076 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,50 @@ +name: Release + +on: + release: + types: [published] + +permissions: + contents: read + id-token: write + +jobs: + publish: + runs-on: ubuntu-latest + env: + FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true + steps: + - name: Checkout release tag + uses: actions/checkout@v5 + with: + ref: ${{ github.event.release.tag_name }} + + - name: Setup Node + uses: actions/setup-node@v5 + with: + node-version: 20 + registry-url: https://registry.npmjs.org + + - name: Install dependencies + run: npm ci + + - name: Verify tag matches package.json version + run: | + tag="${GITHUB_REF_NAME#v}" + pkg=$(node -p "require('./package.json').version") + if [ "$tag" != "$pkg" ]; then + echo "::error::Tag ${GITHUB_REF_NAME} (=$tag) does not match package.json version $pkg" + exit 1 + fi + echo "Tag and package.json both at $pkg" + + - name: Run tests + run: npm test + + - name: Verify skills contract + run: npm run verify:skills + + - name: Publish to npm + run: npm publish --access public --provenance + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}