Release #30
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| bump_type: | |
| description: 'Version bump type' | |
| required: true | |
| type: choice | |
| options: | |
| - preview | |
| - preview-major | |
| - patch | |
| - minor | |
| - major | |
| - prerelease | |
| changelog: | |
| description: 'Custom changelog entry (optional - leave empty to auto-generate)' | |
| required: false | |
| type: string | |
| prerelease_tag: | |
| description: 'Prerelease tag (e.g., alpha, beta, rc) - only used with "prerelease" bump type' | |
| required: false | |
| type: string | |
| default: '' | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| prepare-release: | |
| name: Prepare Release | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.bump.outputs.version }} | |
| branch: ${{ steps.bump.outputs.branch }} | |
| steps: | |
| - name: Validate running from main | |
| run: | | |
| if [[ "${{ github.ref }}" != "refs/heads/main" ]]; then | |
| echo "⚠️ WARNING: Running from ${{ github.ref }}" | |
| echo "⚠️ Production releases should only run from main branch" | |
| fi | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: 20.x | |
| - name: Configure git | |
| run: | | |
| git config --global user.name "github-actions[bot]" | |
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Get current version | |
| id: current | |
| run: | | |
| VERSION=$(node -p "require('./package.json').version") | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| echo "Current version: $VERSION" | |
| - name: Bump version | |
| id: bump | |
| env: | |
| CHANGELOG_INPUT: ${{ github.event.inputs.changelog }} | |
| BUMP_TYPE: ${{ github.event.inputs.bump_type }} | |
| PRERELEASE_TAG: ${{ github.event.inputs.prerelease_tag }} | |
| run: | | |
| # If no custom changelog, provide guidance | |
| if [ -z "$CHANGELOG_INPUT" ]; then | |
| echo "ℹ️ No custom changelog provided. Will auto-generate from commits." | |
| echo "💡 Tip: Provide a meaningful changelog message for better release notes" | |
| fi | |
| # Build version bump command | |
| BUMP_CMD="npx tsx scripts/bump-version.ts $BUMP_TYPE" | |
| # Add changelog if provided | |
| if [ -n "$CHANGELOG_INPUT" ]; then | |
| BUMP_CMD="$BUMP_CMD --changelog \"$CHANGELOG_INPUT\"" | |
| fi | |
| # Add prerelease-tag if provided and bump_type is prerelease | |
| if [ "$BUMP_TYPE" = "prerelease" ]; then | |
| if [ -n "$PRERELEASE_TAG" ]; then | |
| BUMP_CMD="$BUMP_CMD --prerelease-tag \"$PRERELEASE_TAG\"" | |
| else | |
| # Default to beta if prerelease but no tag specified | |
| BUMP_CMD="$BUMP_CMD --prerelease-tag \"beta\"" | |
| fi | |
| fi | |
| # Run the bump command | |
| eval $BUMP_CMD | |
| NEW_VERSION=$(node -p "require('./package.json').version") | |
| echo "version=$NEW_VERSION" >> $GITHUB_OUTPUT | |
| echo "branch=release/v$NEW_VERSION" >> $GITHUB_OUTPUT | |
| echo "New version: $NEW_VERSION" | |
| - name: Regenerate JSON schema | |
| run: | | |
| npm run build | |
| node scripts/generate-schema.mjs | |
| echo "✓ JSON schema regenerated" | |
| - name: Create release branch and PR | |
| env: | |
| NEW_VERSION: ${{ steps.bump.outputs.version }} | |
| run: | | |
| BRANCH_NAME="release/v$NEW_VERSION" | |
| # Delete remote branch if exists | |
| if git ls-remote --exit-code --heads origin $BRANCH_NAME; then | |
| echo "⚠️ Branch $BRANCH_NAME already exists. Deleting it first..." | |
| git push origin --delete $BRANCH_NAME | |
| fi | |
| # Delete local branch if exists | |
| if git show-ref --verify --quiet refs/heads/$BRANCH_NAME; then | |
| git branch -D $BRANCH_NAME | |
| fi | |
| git checkout -b $BRANCH_NAME | |
| git add -A | |
| git commit -m "chore: bump version to $NEW_VERSION | |
| Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>" | |
| git push origin $BRANCH_NAME | |
| # Verify version was committed correctly | |
| COMMITTED_VERSION=$(git show HEAD:package.json | node -p "JSON.parse(require('fs').readFileSync('/dev/stdin', 'utf8')).version") | |
| if [ "$COMMITTED_VERSION" != "$NEW_VERSION" ]; then | |
| echo "❌ ERROR: Version not committed correctly!" | |
| exit 1 | |
| fi | |
| - name: Create Pull Request | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| NEW_VERSION: ${{ steps.bump.outputs.version }} | |
| GITHUB_REF: ${{ github.ref }} | |
| GITHUB_ACTOR: ${{ github.actor }} | |
| run: | | |
| BRANCH_NAME="release/v$NEW_VERSION" | |
| WARNING_TEXT="" | |
| if [ "$GITHUB_REF" != "refs/heads/main" ]; then | |
| WARNING_TEXT="**WARNING**: Not running from main branch!" | |
| else | |
| WARNING_TEXT="✅ Running from main branch" | |
| fi | |
| gh pr create \ | |
| --base main \ | |
| --head "$BRANCH_NAME" \ | |
| --title "Release v$NEW_VERSION" \ | |
| --body "## 🚀 Release v$NEW_VERSION | |
| This PR was automatically created by the release workflow. | |
| ### ⚠️ Pre-merge Checklist | |
| - [ ] Review CHANGELOG.md - ensure it has meaningful release notes | |
| - [ ] Verify version numbers are correct in all files | |
| - [ ] All CI checks are passing | |
| ### 📝 How to improve changelog | |
| If the auto-generated changelog isn't good enough: | |
| 1. Edit CHANGELOG.md in this PR | |
| 2. Commit the changes | |
| 3. Then approve and merge | |
| ### 🔄 Release Process | |
| After merging this PR: | |
| 1. Package will be built and tested | |
| 2. **Manual approval required** before publishing to npm | |
| 3. GitHub release and tag created after publication | |
| ### 🚨 Running from: $GITHUB_REF | |
| $WARNING_TEXT | |
| --- | |
| *Triggered by @$GITHUB_ACTOR*" | |
| test-and-build: | |
| name: Test and Build | |
| needs: prepare-release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: release/v${{ needs.prepare-release.outputs.version }} | |
| - name: Verify version before build | |
| env: | |
| EXPECTED_VERSION: ${{ needs.prepare-release.outputs.version }} | |
| run: | | |
| ACTUAL_VERSION=$(node -p "require('./package.json').version") | |
| echo "Expected version: $EXPECTED_VERSION" | |
| echo "Actual version: $ACTUAL_VERSION" | |
| if [ "$ACTUAL_VERSION" != "$EXPECTED_VERSION" ]; then | |
| echo "❌ ERROR: Version mismatch!" | |
| exit 1 | |
| fi | |
| echo "✓ Version verified: $ACTUAL_VERSION" | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: 20.x | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Configure git for tests | |
| run: | | |
| git config --global user.name "github-actions[bot]" | |
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
| - name: Install uv for Python tests | |
| run: curl -LsSf https://astral.sh/uv/install.sh | sh | |
| - name: Run linter | |
| run: npm run lint | |
| - name: Run type check | |
| run: npm run typecheck | |
| - name: Build package | |
| run: npm run build | |
| - name: Run tests | |
| run: npm run test:unit | |
| - name: Pack for verification | |
| run: npm pack | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| name: dist | |
| path: | | |
| dist/ | |
| *.tgz | |
| release-approval: | |
| name: Release Approval | |
| needs: test-and-build | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: npm-publish-approval | |
| steps: | |
| - name: Approval checkpoint | |
| run: | | |
| echo "✅ Build and tests successful" | |
| echo "📦 Package ready for npm publication" | |
| echo "" | |
| echo "⚠️ MANUAL APPROVAL REQUIRED" | |
| echo "" | |
| echo "Before approving:" | |
| echo "1. Verify the PR has been merged to main" | |
| echo "2. Check that version number is correct" | |
| echo "3. Ensure no duplicate version exists on npm" | |
| echo "" | |
| echo "🚨 Only approve if everything is correct!" | |
| publish-npm: | |
| name: Publish to npm | |
| needs: [prepare-release, release-approval] | |
| runs-on: ubuntu-latest | |
| if: github.ref == 'refs/heads/main' | |
| environment: | |
| name: npm-publish | |
| url: https://www.npmjs.com/package/@aws/agentcore | |
| permissions: | |
| id-token: write # Required for OIDC trusted publishing | |
| contents: write # Required to push git tags | |
| steps: | |
| - name: Checkout latest main (AFTER PR merge) | |
| uses: actions/checkout@v6 | |
| with: | |
| ref: main | |
| fetch-depth: 0 | |
| - name: Verify we have the merged code | |
| run: | | |
| echo "Current version in package.json:" | |
| cat package.json | grep '"version"' | |
| echo "" | |
| echo "Latest commit:" | |
| git log -1 --oneline | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: 22.x | |
| registry-url: 'https://registry.npmjs.org' | |
| - name: Ensure npm 11.5.1+ for trusted publishing | |
| run: | | |
| echo "Current npm version: $(npm --version)" | |
| npm install -g npm@latest | |
| echo "Updated npm version: $(npm --version)" | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v8 | |
| with: | |
| name: dist | |
| path: . | |
| - name: Get version | |
| id: version | |
| run: | | |
| VERSION=$(node -p "require('./package.json').version") | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| - name: Verify release PR was merged | |
| env: | |
| VERSION: ${{ steps.version.outputs.version }} | |
| EXPECTED_VERSION: ${{ needs.prepare-release.outputs.version }} | |
| run: | | |
| echo "Version in main branch: $VERSION" | |
| echo "Expected version from PR: $EXPECTED_VERSION" | |
| if [ "$VERSION" != "$EXPECTED_VERSION" ]; then | |
| echo "" | |
| echo "❌ ERROR: Version mismatch!" | |
| echo "" | |
| echo "The release PR has NOT been merged yet." | |
| echo "Main branch has: $VERSION" | |
| echo "Release PR has: $EXPECTED_VERSION" | |
| echo "" | |
| echo "👉 Please MERGE the release PR first, then approve this deployment." | |
| echo "" | |
| exit 1 | |
| fi | |
| echo "✅ Version matches - PR was merged correctly" | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Build package | |
| run: npm run build | |
| - name: Publish to npm (using OIDC trusted publishing) | |
| run: | | |
| echo "Publishing with OIDC trusted publishing..." | |
| echo "No NPM_TOKEN needed - using GitHub OIDC" | |
| npm publish --access public --provenance --tag latest | |
| - name: Create and push tag | |
| env: | |
| VERSION: ${{ steps.version.outputs.version }} | |
| run: | | |
| git config --global user.name "github-actions[bot]" | |
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
| git tag -a "v$VERSION" -m "Release v$VERSION" | |
| git push origin "v$VERSION" | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v2 | |
| env: | |
| VERSION: ${{ steps.version.outputs.version }} | |
| GITHUB_REPOSITORY: ${{ github.repository }} | |
| with: | |
| tag_name: v${{ steps.version.outputs.version }} | |
| name: AgentCore CLI v${{ steps.version.outputs.version }} | |
| files: '*.tgz' | |
| generate_release_notes: true | |
| prerelease: ${{ contains(steps.version.outputs.version, '-') }} | |
| body: | | |
| ## Installation | |
| ```bash | |
| npm install -g @aws/agentcore@${{ steps.version.outputs.version }} | |
| ``` | |
| ## What's Changed | |
| See the [full changelog](https://github.com/${{ github.repository }}/compare/v${{ steps.version.outputs.version }}...main) for details. |