forked from tinyhumansai/openhuman
-
Notifications
You must be signed in to change notification settings - Fork 0
328 lines (320 loc) · 15.8 KB
/
release-packages.yml
File metadata and controls
328 lines (320 loc) · 15.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
---
name: Release Packages
# DISABLED while core distribution is Docker-only — see PR #1061.
#
# This workflow built standalone CLI tarballs / .deb / Homebrew / npm
# packages that wrapped the `openhuman-core` binary. Now that the core is
# linked into the Tauri shell as a path dep and shipped via the desktop
# bundle (with Docker as the only headless channel), there is no separate
# CLI binary to redistribute. Re-enable by switching the trigger back to
# `on: release: types: [published]` once a standalone CLI binary is
# re-introduced — every job below still references `package-cli-tarball.sh`
# and the `openhuman-core` cargo bin, so they will resume working then.
on:
workflow_dispatch:
permissions:
contents: write
pages: write
id-token: write
issues: write
concurrency:
group: release-packages-${{ github.event.release.tag_name }}
cancel-in-progress: false
jobs:
# ────────────────────────────────────────────────────────────────────────────
# 1. Build Linux arm64 CLI tarball (native runner)
# Requires: ubuntu-24.04-arm GitHub-hosted runner (free for public repos).
# If this runner type is unavailable on your plan, replace runs-on with
# ubuntu-22.04 and add: uses: taiki-e/install-action@cross + use
# `cross build --target aarch64-unknown-linux-gnu` instead of plain cargo.
# ────────────────────────────────────────────────────────────────────────────
build-cli-linux-arm64:
name: Build Linux arm64 CLI tarball
runs-on: ubuntu-24.04-arm
steps:
- name: Checkout tag
uses: actions/checkout@v5
with:
ref: ${{ github.event.release.tag_name }}
fetch-depth: 1
submodules: true
- name: Install Rust
uses: dtolnay/rust-toolchain@1.93.0
- name: Cache Cargo
uses: Swatinem/rust-cache@v2
with:
key: linux-arm64-release
- name: Install system dependencies
run: |
sudo apt-get update -qq
sudo apt-get install -y --no-install-recommends \
pkg-config libssl-dev build-essential cmake
- name: Verify Sentry DSN is present
shell: bash
env:
# Prefer the namespaced GH var; fall back to the legacy unprefixed
# one so the workflow keeps working until the org-level variable
# is renamed.
OPENHUMAN_CORE_SENTRY_DSN: ${{ vars.OPENHUMAN_CORE_SENTRY_DSN || vars.OPENHUMAN_SENTRY_DSN }}
run: |
# Sentry DSN is baked into the binary at compile time via
# `option_env!`. Missing DSN here means the arm64 CLI silently
# ships without error reporting — fail the job instead.
if [ -z "${OPENHUMAN_CORE_SENTRY_DSN}" ]; then
echo "::error::vars.OPENHUMAN_CORE_SENTRY_DSN (or legacy vars.OPENHUMAN_SENTRY_DSN) is empty — the Linux arm64 CLI would ship without error reporting."
echo "Configure the repository / environment variable before re-running the release."
exit 1
fi
echo "OPENHUMAN_CORE_SENTRY_DSN is set (length=${#OPENHUMAN_CORE_SENTRY_DSN})"
- name: Build CLI binary and package tarball
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
OPENHUMAN_CORE_SENTRY_DSN: ${{ vars.OPENHUMAN_CORE_SENTRY_DSN || vars.OPENHUMAN_SENTRY_DSN }}
# Sentry release tracking (#405): keep the arm64 CLI tag in sync
# with the desktop build (`openhuman@<version>+<short_sha>`).
OPENHUMAN_BUILD_SHA: ${{ github.sha }}
OPENHUMAN_APP_ENV: production
run: |
cargo build --release --bin openhuman-core
VERSION="${{ github.event.release.tag_name }}"
bash scripts/release/package-cli-tarball.sh \
target/release/openhuman-core \
"${VERSION#v}" \
aarch64-unknown-linux-gnu
# ────────────────────────────────────────────────────────────────────────────
# 2. Update Homebrew tap
# Requires secret: HOMEBREW_TAP_TOKEN (PAT or App token with contents:write
# on tinyhumansai/homebrew-openhuman)
# ────────────────────────────────────────────────────────────────────────────
update-homebrew:
name: Update Homebrew tap formula
runs-on: ubuntu-latest
needs: [build-cli-linux-arm64]
steps:
- name: Checkout main repo (for formula template)
uses: actions/checkout@v5
with:
ref: ${{ github.event.release.tag_name }}
path: src
- name: Checkout Homebrew tap
uses: actions/checkout@v5
with:
repository: tinyhumansai/homebrew-openhuman
token: ${{ secrets.HOMEBREW_TAP_TOKEN }}
path: tap
- name: Update Homebrew formula
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
bash src/scripts/release/update-homebrew.sh \
"${{ github.event.release.tag_name }}" \
src/packages/homebrew/openhuman.rb \
tap
# ────────────────────────────────────────────────────────────────────────────
# 3. Build Debian apt repository and deploy to GitHub Pages
# Requires: APT_SIGNING_KEY (ASCII-armor GPG private key secret)
# APT_SIGNING_KEY_ID (key fingerprint / ID)
# GitHub Pages must be enabled (Settings → Pages → Source: gh-pages branch)
# ────────────────────────────────────────────────────────────────────────────
build-apt-repo:
name: Build apt repository
runs-on: ubuntu-22.04
needs: [build-cli-linux-arm64]
steps:
- name: Checkout tag
uses: actions/checkout@v5
with:
ref: ${{ github.event.release.tag_name }}
fetch-depth: 1
- name: Install apt-repo build tools
run: |
sudo apt-get update -qq
sudo apt-get install -y --no-install-recommends \
dpkg-dev apt-utils gnupg2
- name: Import GPG signing key
env:
APT_SIGNING_KEY: ${{ secrets.APT_SIGNING_KEY }}
run: |
echo "$APT_SIGNING_KEY" | gpg --batch --import
gpg --list-secret-keys
- name: Checkout gh-pages branch
uses: actions/checkout@v5
with:
ref: gh-pages
path: gh-pages
fetch-depth: 0
- name: Build .deb packages, apt repo, and deploy to gh-pages
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APT_SIGNING_KEY_ID: ${{ secrets.APT_SIGNING_KEY_ID }}
run: |
bash scripts/release/build-apt-packages.sh \
"${{ github.event.release.tag_name }}" \
--deploy-gh-pages gh-pages
# ────────────────────────────────────────────────────────────────────────────
# 4. Publish npm package
# Requires secret: NPM_TOKEN (automation token from npmjs.com)
# ────────────────────────────────────────────────────────────────────────────
publish-npm:
name: Publish npm package
runs-on: ubuntu-latest
steps:
- name: Checkout tag
uses: actions/checkout@v5
with:
ref: ${{ github.event.release.tag_name }}
fetch-depth: 1
- name: Setup pnpm
uses: pnpm/action-setup@v5
- name: Setup Node.js
uses: actions/setup-node@v5
with:
node-version: 24.x
registry-url: https://registry.npmjs.org
package-manager-cache: false
- name: Set version and publish
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
run: bash scripts/release/publish-npm.sh "${{ github.event.release.tag_name }}"
# ────────────────────────────────────────────────────────────────────────────
# 5. Smoke test: Homebrew
# ────────────────────────────────────────────────────────────────────────────
smoke-homebrew:
name: Smoke — Homebrew (${{ matrix.os }})
runs-on: ${{ matrix.os }}
needs: [update-homebrew]
continue-on-error: true
strategy:
fail-fast: false
matrix:
os: [macos-latest, ubuntu-22.04]
steps:
- name: Install Homebrew (Linux)
if: runner.os == 'Linux'
run: |
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
echo "/home/linuxbrew/.linuxbrew/bin" >> "$GITHUB_PATH"
- name: Tap and install
run: |
brew tap tinyhumansai/openhuman
brew install openhuman
- name: Smoke test
run: openhuman --version
# ────────────────────────────────────────────────────────────────────────────
# 6. Smoke test: apt
# ────────────────────────────────────────────────────────────────────────────
smoke-apt:
name: Smoke — apt (ubuntu-22.04)
runs-on: ubuntu-22.04
needs: [build-apt-repo]
continue-on-error: true
steps:
- name: Add apt repository
run: |
sudo apt-get install -y --no-install-recommends gnupg2 curl ca-certificates
curl -fsSL https://tinyhumansai.github.io/openhuman/apt/KEY.gpg \
| sudo gpg --dearmor -o /etc/apt/keyrings/openhuman.gpg
echo "deb [signed-by=/etc/apt/keyrings/openhuman.gpg arch=amd64] \
https://tinyhumansai.github.io/openhuman/apt stable main" \
| sudo tee /etc/apt/sources.list.d/openhuman.list
- name: Install and smoke test
run: |
sudo apt-get update
sudo apt-get install -y openhuman
openhuman --version
# ────────────────────────────────────────────────────────────────────────────
# 7. Smoke test: npm
# ────────────────────────────────────────────────────────────────────────────
smoke-npm:
name: Smoke — npm (${{ matrix.os }})
runs-on: ${{ matrix.os }}
needs: [publish-npm]
continue-on-error: true
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest]
steps:
- name: Setup Node.js
uses: actions/setup-node@v5
with:
node-version: 24.x
- name: Wait for npm propagation, then install
run: |
VERSION="${{ github.event.release.tag_name }}"
VERSION="${VERSION#v}"
# npm can take up to ~2 min to propagate a new publish
for i in 1 2 3 4 5; do
npm install -g "openhuman@${VERSION}" && break || sleep 30
done
- name: Smoke test
run: openhuman --version
# ────────────────────────────────────────────────────────────────────────────
# 8. File the "future package managers" backlog issue (once ever)
# ────────────────────────────────────────────────────────────────────────────
create-backlog-issue:
name: Create backlog issue (once)
runs-on: ubuntu-latest
steps:
- name: Create issue if it doesn't exist
uses: actions/github-script@v8
with:
script: |-
const { owner, repo } = context.repo;
const label = 'distribution-backlog';
const title = '[Backlog] Package manager distribution — next tiers';
// Check for existing open or closed issue with this exact title
const { data: existing } = await github.rest.issues.listForRepo({
owner, repo,
state: 'all',
labels: label,
per_page: 10,
});
if (existing.some(i => i.title === title)) {
core.info('Backlog issue already exists — skipping.');
return;
}
// Ensure the label exists
try {
await github.rest.issues.createLabel({
owner, repo,
name: label,
color: '0075ca',
description: 'Package distribution backlog',
});
} catch (_) { /* label may already exist */ }
const body = [
'## Summary',
'',
'Track remaining package manager channels. Each tier reflects expected maintenance commitment from the core team.',
'',
'## Tier 1 — Official (core team maintains)',
'',
'- [ ] **npx / pnpm dlx** — zero-install via the npm package already published; document the one-liner: `npx openhuman@latest`',
'- [ ] **Scoop (Windows)** — needs a Windows binary (un-comment the Windows matrix in `release.yml` first); add a `tinyhumansai/scoop-openhuman` bucket',
'',
'## Tier 2 — Community-supported (PRs welcome, core team reviews)',
'',
'- [ ] **AUR (Arch Linux)** — add `PKGBUILD` pointing at the GitHub release tarball; list in `packages/`',
'- [ ] **Nix / nixpkgs** — upstream a `pkgs/tools/openhuman/default.nix` derivation; document local flake overlay as interim',
'',
'## Tier 3 — Planned (no timeline)',
'',
'- [ ] **Snap / Snapcraft** — `snapcraft.yaml`, publish to Snap Store',
'- [ ] **Flatpak** — `org.tinyhumans.Openhuman.yaml`, publish to Flathub',
'- [ ] **WinGet** — manifest in `microsoft/winget-pkgs` once Windows binary is stable',
'',
'## Acceptance criteria',
'',
'- [ ] Each official channel has a CI smoke test (install + `openhuman --version`)',
'- [ ] Install commands appear in `gitbooks/overview/install.md`',
'- [ ] Checksums shipped for all artifacts',
'',
].join('\n');
const issue = await github.rest.issues.create({
owner, repo,
title,
body,
labels: [label],
});
core.info(`Created backlog issue: ${issue.data.html_url}`);