name: Auto Release on: push: branches: - main concurrency: group: auto-release-${{ github.ref }} cancel-in-progress: false jobs: release-please: if: ${{ github.repository == 'Gitlawb/openclaude' }} name: Release Please runs-on: ubuntu-latest permissions: contents: write pull-requests: write outputs: release_created: ${{ steps.release.outputs.release_created }} tag_name: ${{ steps.release.outputs.tag_name }} version: ${{ steps.release.outputs.version }} steps: - name: Run release-please id: release uses: googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 with: token: ${{ secrets.GITHUB_TOKEN }} release-type: node publish-npm: name: Publish to npm needs: release-please if: ${{ needs.release-please.outputs.release_created == 'true' }} runs-on: ubuntu-latest environment: release permissions: contents: read id-token: write steps: - name: Checkout release tag uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: ref: ${{ needs.release-please.outputs.tag_name }} fetch-depth: 0 - name: Set up Node.js uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 with: node-version: 24 registry-url: https://registry.npmjs.org - name: Set up Bun uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 with: bun-version: 1.3.11 - name: Install dependencies run: bun install --frozen-lockfile - name: Run unit tests run: bun test --max-concurrency=1 - name: Smoke test run: bun run smoke - name: Build run: bun run build - name: Dry-run package run: npm pack --dry-run - name: Clear token auth for trusted publishing run: | unset NODE_AUTH_TOKEN echo "NODE_AUTH_TOKEN=" >> "$GITHUB_ENV" - name: Publish to npm run: npm publish --access public --provenance - name: Release summary run: | { echo "## Released ${{ needs.release-please.outputs.tag_name }}" echo echo "- npm: https://www.npmjs.com/package/@gitlawb/openclaude" echo "- GitHub: https://github.com/Gitlawb/openclaude/releases/tag/${{ needs.release-please.outputs.tag_name }}" } >> "$GITHUB_STEP_SUMMARY" docker: name: Build & Push Docker Image needs: release-please if: ${{ needs.release-please.outputs.release_created == 'true' }} runs-on: ubuntu-latest permissions: contents: read packages: write steps: - name: Checkout release tag uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ needs.release-please.outputs.tag_name }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0 - name: Log in to GitHub Container Registry uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata id: meta uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0 with: images: ghcr.io/${{ github.repository }} tags: | type=semver,pattern={{version}},value=${{ needs.release-please.outputs.version }} type=semver,pattern={{major}}.{{minor}},value=${{ needs.release-please.outputs.version }} type=raw,value=latest - name: Build and load locally uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0 with: context: . load: true tags: openclaude:smoke cache-from: type=gha - name: Smoke test run: docker run --rm openclaude:smoke --version - name: Build and push uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0 with: context: . push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=max