docs: add jarvis prompt tests, agent tests, templates, company keys, … #147
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: [main] | |
| workflow_dispatch: | |
| inputs: | |
| dry_run: | |
| description: 'Perform a dry run (no actual publish)' | |
| required: false | |
| default: 'false' | |
| type: boolean | |
| # Workflow-level permissions for OIDC | |
| permissions: | |
| id-token: write | |
| contents: write | |
| attestations: write | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: false | |
| jobs: | |
| release: | |
| name: Release | |
| runs-on: ubuntu-latest | |
| # Only run if commit message doesn't start with "chore(release)" | |
| if: ${{ !startsWith(github.event.head_commit.message, 'chore(release)') }} | |
| # Job-level permissions (must include id-token for OIDC) | |
| permissions: | |
| id-token: write | |
| contents: write | |
| attestations: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| cache: 'npm' | |
| # Note: Do NOT set registry-url here - it creates token-based auth | |
| # which interferes with npm Trusted Publishing (OIDC) | |
| - name: Configure Git | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| - name: Upgrade npm for OIDC Trusted Publishing | |
| run: npm install -g npm@latest | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Build all packages | |
| run: npm run build | |
| - name: Validate package entry points | |
| run: | | |
| for pkg in packages/*/; do | |
| if [ -f "$pkg/package.json" ]; then | |
| node -e " | |
| const pkg = require('./$pkg/package.json'); | |
| const path = require('path'); | |
| const fs = require('fs'); | |
| const base = './$pkg'; | |
| const checks = [ | |
| pkg.main && path.join(base, pkg.main), | |
| pkg.types && path.join(base, pkg.types), | |
| ].filter(Boolean); | |
| for (const f of checks) { | |
| if (!fs.existsSync(f)) { | |
| console.error('MISSING: ' + f + ' (from ' + pkg.name + ')'); | |
| process.exit(1); | |
| } | |
| } | |
| console.log(pkg.name + ': entry points OK'); | |
| " | |
| fi | |
| done | |
| - name: Validate meta-package dependency ranges | |
| run: | | |
| FAILED=0 | |
| for meta in packages/sdk packages/react packages/angular; do | |
| if [ -f "$meta/package.json" ]; then | |
| STARS=$(node -e " | |
| const deps = require('./$meta/package.json').dependencies || {}; | |
| Object.entries(deps).forEach(([k, v]) => { | |
| if (k.startsWith('@23blocks/') && v === '*') { | |
| console.log(k + ': ' + v); | |
| } | |
| }); | |
| ") | |
| if [ -n "$STARS" ]; then | |
| echo "ERROR: $meta/package.json has wildcard (*) @23blocks dependencies:" | |
| echo "$STARS" | |
| echo "These MUST use >= ranges (e.g. >=2.3.0) so consumers get correct versions." | |
| FAILED=1 | |
| else | |
| echo "$meta: dependency ranges OK" | |
| fi | |
| fi | |
| done | |
| if [ "$FAILED" -eq 1 ]; then exit 1; fi | |
| - name: Run tests | |
| run: npm run test | |
| - name: Release (Dry Run) | |
| if: ${{ github.event.inputs.dry_run == 'true' }} | |
| run: npx nx release --dry-run | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Release | |
| if: ${{ github.event.inputs.dry_run != 'true' }} | |
| run: npx nx release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # Debug OIDC and publish info | |
| - name: Debug OIDC | |
| run: | | |
| echo "=== OIDC Environment ===" | |
| echo "ACTIONS_ID_TOKEN_REQUEST_URL: ${ACTIONS_ID_TOKEN_REQUEST_URL:-NOT SET}" | |
| echo "ACTIONS_ID_TOKEN_REQUEST_TOKEN: ${ACTIONS_ID_TOKEN_REQUEST_TOKEN:+SET}" | |
| echo "" | |
| echo "=== GitHub Context ===" | |
| echo "Repository: ${{ github.repository }}" | |
| echo "Repository Owner: ${{ github.repository_owner }}" | |
| echo "Workflow: ${{ github.workflow }}" | |
| echo "Workflow Ref: ${{ github.workflow_ref }}" | |
| echo "" | |
| echo "=== npm info ===" | |
| echo "npm version: $(npm -v)" | |
| npm whoami 2>&1 || echo "Not logged in (expected for OIDC)" | |
| # Uses npm Trusted Publishing (OIDC) | |
| # Each package must have Trusted Publisher configured on npm | |
| - name: Publish to NPM | |
| if: ${{ github.event.inputs.dry_run != 'true' }} | |
| run: | | |
| for pkg in packages/*/; do | |
| if [ -f "$pkg/package.json" ]; then | |
| pkgname=$(node -p "require('./$pkg/package.json').name") | |
| pkgver=$(node -p "require('./$pkg/package.json').version") | |
| echo "" | |
| echo "=== Publishing $pkgname@$pkgver ===" | |
| npm publish "$pkg" --access public --provenance 2>&1 || echo ">> Failed or already published" | |
| fi | |
| done |