clone/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-02-01 22:48:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(ci): Update release to use github env variables. (#11068)

Browse Source
This commit is contained in:
Richie Foreman
2025-10-15 09:48:03 -04:00
committed by GitHub
parent 203bad7c06
commit 984415f6c7
13 changed files with 394 additions and 152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
.github/actions/npm-auth-token/action.yml vendored Normal file
View File

@@ -0,0 +1,45 @@
name: 'NPM Auth Token'
description: 'Generates an NPM auth token for publishing a specific package'
inputs:
package-name:
description: 'The name of the package to publish'
required: true
github-token:
description: 'the github token'
required: true
wombat-token-core:
description: 'The npm token for the cli-core package.'
required: true
wombat-token-cli:
description: 'The npm token for the cli package.'
required: true
wombat-token-a2a-server:
description: 'The npm token for the a2a package.'
required: true
outputs:
auth-token:
description: 'The generated NPM auth token'
value: '${{ steps.npm_auth_token.outputs.auth-token }}'
runs:
using: 'composite'
steps:
- name: 'Generate NPM Auth Token'
id: 'npm_auth_token'
shell: 'bash'
run: |
AUTH_TOKEN="${{ inputs.github-token }}"
PACKAGE_NAME="${{ inputs.package-name }}"
PRIVATE_REPO="@google-gemini/"
if [[ "$PACKAGE_NAME" == "$PRIVATE_REPO"* ]]; then
AUTH_TOKEN="${{ inputs.github-token }}"
elif [[ "$PACKAGE_NAME" == "@google/gemini-cli" ]]; then
AUTH_TOKEN="${{ inputs.wombat-token-cli }}"
elif [[ "$PACKAGE_NAME" == "@google/gemini-cli-core" ]]; then
AUTH_TOKEN="${{ inputs.wombat-token-core }}"
elif [[ "$PACKAGE_NAME" == "@google/gemini-cli-a2a-server" ]]; then
AUTH_TOKEN="${{ inputs.wombat-token-a2a-server }}"
fi
echo "auth-token=$AUTH_TOKEN" >> $GITHUB_OUTPUT

231
.github/actions/publish-release/action.yml vendored
View File

@@ -9,13 +9,13 @@ inputs:
description: 'The npm tag to publish with (e.g., latest, preview, nightly).'
required: true
wombat-token-core:
description: 'The npm token for the @google/gemini-cli-core package.'
description: 'The npm token for the cli-core package.'
required: true
wombat-token-cli:
description: 'The npm token for the @google/gemini-cli package.'
description: 'The npm token for the cli package.'
required: true
wombat-token-a2a-server:
description: 'The npm token for the @google/gemini-cli-a2a-server package.'
description: 'The npm token for the a2a package.'
required: true
github-token:
description: 'The GitHub token for creating the release.'
@@ -51,10 +51,24 @@ inputs:
gemini_api_key:
description: 'The API key for running integration tests.'
required: true
registry:
description: 'The registry to publish to.'
required: false
default: 'npm-wombat'
npm-registry-publish-url:
description: 'npm registry publish url'
required: true
npm-registry-url:
description: 'npm registry url'
required: true
npm-registry-scope:
description: 'npm registry scope'
required: true
cli-package-name:
description: 'The name of the cli package.'
required: true
core-package-name:
description: 'The name of the core package.'
required: true
a2a-package-name:
description: 'The name of the a2a package.'
required: true
runs:
using: 'composite'
steps:
@@ -117,126 +131,125 @@ runs:
run: |
npm run bundle
# TODO: Refactor this github specific publishing script to be generalized based upon inputs.
- name: '📦 Prepare for GitHub release'
if: "inputs.registry == 'github'"
if: "inputs.npm-registry-url == 'https://npm.pkg.github.com/'"
working-directory: '${{ inputs.working-directory }}'
shell: 'bash'
run: |
node ${{ github.workspace }}/scripts/prepare-github-release.js
- name: 'Configure npm for publishing to npm'
if: "inputs.registry != 'github'"
uses: 'actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020'
with:
node-version-file: '${{ inputs.working-directory }}/.nvmrc'
registry-url: 'https://wombat-dressing-room.appspot.com'
scope: '@google'
registry-url: '${{inputs.npm-registry-publish-url}}'
scope: '${{inputs.npm-registry-scope}}'
- name: 'Configure npm for publishing to GitHub'
if: "inputs.registry == 'github'"
uses: 'actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020'
- name: 'Get core Token'
uses: './.github/actions/npm-auth-token'
id: 'core-token'
with:
node-version-file: '${{ inputs.working-directory }}/.nvmrc'
registry-url: 'https://npm.pkg.github.com'
scope: '@google-gemini'
- name: '📦 Publish @google/gemini-cli-core to npm'
if: "inputs.registry != 'github'"
working-directory: '${{ inputs.working-directory }}'
env:
NODE_AUTH_TOKEN: '${{ inputs.wombat-token-core }}'
shell: 'bash'
run: |
if [ "${{ inputs.dry-run }}" == "true" ]; then
npm publish --dry-run --workspace="@google/gemini-cli-core" --no-tag
else
npm publish --workspace="@google/gemini-cli-core" --no-tag
fi
- name: '📦 Publish @google-gemini/gemini-cli-core to GitHub'
if: "inputs.registry == 'github'"
working-directory: '${{ inputs.working-directory }}'
env:
NODE_AUTH_TOKEN: '${{ inputs.github-token }}'
shell: 'bash'
run: |
npm publish \
--dry-run="${{ inputs.dry-run }}" \
--workspace="@google-gemini/gemini-cli-core" \
--no-tag
- name: '🔗 Install latest core package'
working-directory: '${{ inputs.working-directory }}'
if: "${{ inputs.dry-run != 'true' && inputs.registry != 'github' }}"
shell: 'bash'
run: |
npm install "@google/gemini-cli-core@${{ inputs.release-version }}" \
--workspace="@google/gemini-cli" \
--workspace="@google/gemini-cli-a2a-server" \
--save-exact
- name: '📦 Publish @google/gemini-cli to npm'
if: "inputs.registry != 'github'"
working-directory: '${{ inputs.working-directory }}'
env:
NODE_AUTH_TOKEN: '${{ inputs.wombat-token-cli }}'
shell: 'bash'
run: |
if [ "${{ inputs.dry-run }}" == "true" ]; then
npm publish --dry-run --workspace="@google/gemini-cli" --no-tag
else
npm publish --workspace="@google/gemini-cli" --no-tag
fi
- name: '📦 Publish @google-gemini/gemini-cli to GitHub'
if: "inputs.registry == 'github'"
working-directory: '${{ inputs.working-directory }}'
env:
NODE_AUTH_TOKEN: '${{ inputs.github-token }}'
shell: 'bash'
run: |
npm publish \
--dry-run="${{ inputs.dry-run }}" \
--workspace="@google-gemini/gemini-cli" \
--no-tag
- name: '📦 Publish @google/gemini-cli-a2a-server'
if: "inputs.registry != 'github'"
working-directory: '${{ inputs.working-directory }}'
env:
NODE_AUTH_TOKEN: '${{ inputs.wombat-token-a2a-server }}'
shell: 'bash'
# Tag staging for initial release
run: |
if [ "${{ inputs.dry-run }}" == "true" ]; then
npm publish --dry-run --workspace="@google/gemini-cli-a2a-server" --no-tag
else
npm publish --workspace="@google/gemini-cli-a2a-server" --no-tag
fi
- name: '🔬 Verify NPM release by version'
uses: './.github/actions/verify-release'
if: "${{ inputs.dry-run != 'true' && inputs.force-skip-tests != 'true' && inputs.registry != 'github' }}"
with:
npm-package: '@google/gemini-cli@${{ inputs.release-version }}'
expected-version: '${{ inputs.release-version }}'
ref: '${{ steps.release_branch.outputs.BRANCH_NAME }}'
gemini_api_key: '${{ inputs.gemini_api_key }}'
- name: '🏷️ Tag release'
uses: './.github/actions/tag-npm-release'
if: "${{ inputs.dry-run != 'true' && inputs.registry != 'github' }}"
with:
channel: '${{ inputs.npm-tag }}'
version: '${{ inputs.release-version }}'
dry-run: '${{ inputs.dry-run }}'
package-name: '${{ inputs.core-package-name }}'
github-token: '${{ inputs.github-token }}'
wombat-token-core: '${{ inputs.wombat-token-core }}'
wombat-token-cli: '${{ inputs.wombat-token-cli }}'
wombat-token-a2a-server: '${{ inputs.wombat-token-a2a-server }}'
- name: '📦 Publish CORE to NPM'
working-directory: '${{ inputs.working-directory }}'
env:
NODE_AUTH_TOKEN: '${{ steps.core-token.outputs.auth-token }}'
shell: 'bash'
run: |
npm publish \
--dry-run="${{ inputs.dry-run }}" \
--workspace="${{ inputs.core-package-name }}" \
--no-tag
- name: '🔗 Install latest core package'
working-directory: '${{ inputs.working-directory }}'
if: "${{ inputs.dry-run != 'true' }}"
shell: 'bash'
run: |
npm install "${{ inputs.core-package-name }}@${{ inputs.release-version }}" \
--workspace="${{ inputs.cli-package-name }}" \
--workspace="${{ inputs.a2a-package-name }}" \
--save-exact
- name: 'Get CLI Token'
uses: './.github/actions/npm-auth-token'
id: 'cli-token'
with:
package-name: '${{ inputs.cli-package-name }}'
github-token: '${{ inputs.github-token }}'
wombat-token-core: '${{ inputs.wombat-token-core }}'
wombat-token-cli: '${{ inputs.wombat-token-cli }}'
wombat-token-a2a-server: '${{ inputs.wombat-token-a2a-server }}'
- name: '📦 Publish CLI'
working-directory: '${{ inputs.working-directory }}'
env:
NODE_AUTH_TOKEN: '${{ steps.cli-token.outputs.auth-token }}'
shell: 'bash'
run: |
npm publish \
--dry-run="${{ inputs.dry-run }}" \
--workspace="${{ inputs.cli-package-name }}" \
--no-tag
- name: 'Get a2a-server Token'
uses: './.github/actions/npm-auth-token'
id: 'a2a-token'
with:
package-name: '${{ inputs.a2a-package-name }}'
github-token: '${{ inputs.github-token }}'
wombat-token-core: '${{ inputs.wombat-token-core }}'
wombat-token-cli: '${{ inputs.wombat-token-cli }}'
wombat-token-a2a-server: '${{ inputs.wombat-token-a2a-server }}'
- name: '📦 Publish a2a'
working-directory: '${{ inputs.working-directory }}'
env:
NODE_AUTH_TOKEN: '${{ steps.a2a-token.outputs.auth-token }}'
shell: 'bash'
# Tag staging for initial release
run: |
npm publish \
--dry-run="${{ inputs.dry-run }}" \
--workspace="${{ inputs.a2a-package-name }}" \
--no-TARGET_TAG
- name: '🔬 Verify NPM release by version'
uses: './.github/actions/verify-release'
if: "${{ inputs.dry-run != 'true' && inputs.force-skip-tests != 'true' }}"
with:
npm-package: '${{ inputs.cli-package-name }}@${{ inputs.release-version }}'
expected-version: '${{ inputs.release-version }}'
ref: '${{ steps.release_branch.outputs.BRANCH_NAME }}'
gemini_api_key: '${{ inputs.gemini_api_key }}'
github-token: '${{ inputs.github-token }}'
npm-registry-url: '${{ inputs.npm-registry-url }}'
npm-registry-scope: '${{ inputs.npm-registry-scope }}'
- name: '🏷️ Tag release'
uses: './.github/actions/tag-npm-release'
if: "${{ inputs.dry-run != 'true' }}"
with:
channel: '${{ inputs.npm-tag }}'
version: '${{ inputs.release-version }}'
dry-run: '${{ inputs.dry-run }}'
github-token: '${{ inputs.github-token }}'
wombat-token-core: '${{ inputs.wombat-token-core }}'
wombat-token-cli: '${{ inputs.wombat-token-cli }}'
wombat-token-a2a-server: '${{ inputs.wombat-token-a2a-server }}'
cli-package-name: '${{ inputs.cli-package-name }}'
core-package-name: '${{ inputs.core-package-name }}'
a2a-package-name: '${{ inputs.a2a-package-name }}'
- name: '🎉 Create GitHub Release'
working-directory: '${{ inputs.working-directory }}'
if: "${{ inputs.dry-run != 'true' && inputs.skip-github-release != 'true' && inputs.npm-tag != 'dev' && inputs.registry != 'github' }}"
if: "${{ inputs.dry-run != 'true' && inputs.skip-github-release != 'true' && inputs.npm-tag != 'dev' && inputs.npm-registry-url != 'https://npm.pkg.github.com/' }}"
env:
GITHUB_TOKEN: '${{ inputs.github-token }}'
shell: 'bash'

22
.github/actions/setup-npmrc/action.yml vendored Normal file
View File

@@ -0,0 +1,22 @@
name: 'Setup NPMRC'
description: 'Sets up NPMRC with all the correct repos for readonly access.'
inputs:
github-token:
description: 'the github token'
required: true
outputs:
auth-token:
description: 'The generated NPM auth token'
value: '${{ steps.npm_auth_token.outputs.auth-token }}'
runs:
using: 'composite'
steps:
- name: 'Configure .npmrc'
shell: 'bash'
run: |-
echo ""@google-gemini:registry=https://npm.pkg.github.com"" > ~/.npmrc
echo ""//npm.pkg.github.com/:_authToken=${{ inputs.github-token }}"" >> ~/.npmrc
echo ""@google:registry=https://wombat-dressing-room.appspot.com"" >> ~/.npmrc

64
.github/actions/tag-npm-release/action.yml vendored
View File

@@ -11,6 +11,9 @@ inputs:
dry-run:
description: 'Whether to run in dry-run mode.'
required: true
github-token:
description: 'The GitHub token for creating the release.'
required: true
wombat-token-core:
description: 'The npm token for the wombat @google/gemini-cli-core'
required: true
@@ -20,6 +23,20 @@ inputs:
wombat-token-a2a-server:
description: 'The npm token for the @google/gemini-cli-a2a-server package.'
required: true
cli-package-name:
description: 'The name of the cli package.'
required: true
core-package-name:
description: 'The name of the core package.'
required: true
a2a-package-name:
description: 'The name of the a2a package.'
required: true
ref:
description: 'The branch, tag, or SHA to release from.'
required: false
type: 'string'
default: 'main'
runs:
using: 'composite'
@@ -30,30 +47,59 @@ runs:
JSON_INPUTS: '${{ toJSON(inputs) }}'
run: 'echo "$JSON_INPUTS"'
- name: 'Checkout'
uses: 'actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955' # ratchet:actions/checkout@v4
with:
ref: '${{ github.event.inputs.ref }}'
fetch-depth: 0
- name: 'Setup Node.js'
uses: 'actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020'
with:
node-version-file: '.nvmrc'
registry-url: 'https://wombat-dressing-room.appspot.com'
scope: '@google'
- name: 'Change tag for @google/gemini-cli-core'
- name: 'configure .npmrc'
uses: './.github/actions/setup-npmrc'
with:
github-token: '${{ inputs.github-token }}'
- name: 'Get core Token'
uses: './.github/actions/npm-auth-token'
id: 'core-token'
with:
package-name: '${{ inputs.core-package-name }}'
github-token: '${{ inputs.github-token }}'
wombat-token-core: '${{ inputs.wombat-token-core }}'
wombat-token-cli: '${{ inputs.wombat-token-cli }}'
wombat-token-a2a-server: '${{ inputs.wombat-token-a2a-server }}'
- name: 'Change tag for CORE'
if: |-
${{ inputs.dry-run != 'true' }}
env:
NODE_AUTH_TOKEN: '${{ inputs.wombat-token-core }}'
NODE_AUTH_TOKEN: '${{ steps.core-token.outputs.auth-token }}'
shell: 'bash'
run: |
npm dist-tag add @google/gemini-cli-core@${{ inputs.version }} ${{ inputs.channel }}
npm dist-tag add ${{ inputs.core-package-name }}@${{ inputs.version }} ${{ inputs.channel }}
- name: 'Change tag for @google/gemini-cli'
- name: 'Get cli Token'
uses: './.github/actions/npm-auth-token'
id: 'cli-token'
with:
package-name: '${{ inputs.cli-package-name }}'
github-token: '${{ inputs.github-token }}'
wombat-token-core: '${{ inputs.wombat-token-core }}'
wombat-token-cli: '${{ inputs.wombat-token-cli }}'
wombat-token-a2a-server: '${{ inputs.wombat-token-a2a-server }}'
- name: 'Change tag for CLI'
if: |-
${{ inputs.dry-run != 'true' }}
env:
NODE_AUTH_TOKEN: '${{ inputs.wombat-token-cli }}'
NODE_AUTH_TOKEN: '${{ steps.cli-token.outputs.auth-token }}'
shell: 'bash'
run: |
npm dist-tag add @google/gemini-cli@${{ inputs.version }} ${{ inputs.channel }}
npm dist-tag add ${{ inputs.cli-package-name }}@${{ inputs.version }} ${{ inputs.channel }}
- name: 'Change tag for @google/gemini-cli-a2a-server'
if: |-
@@ -69,4 +115,4 @@ runs:
${{ inputs.dry-run == 'true' }}
shell: 'bash'
run: |
echo "Dry run: Would have added tag '${{ inputs.channel }}' to version '${{ inputs.version }}' for @google/gemini-cli, @google/gemini-cli-core, and @google/gemini-cli-a2a-server."
echo "Dry run: Would have added tag '${{ inputs.channel }}' to version '${{ inputs.version }}' for @google/gemini-cli and @google/gemini-cli-core."

23
.github/actions/verify-release/action.yml vendored
View File

@@ -6,12 +6,21 @@ inputs:
description: 'NPM Package'
required: true
default: '@google/gemini-cli@latest'
npm-registry-url:
description: 'NPM Registry URL'
required: true
npm-registry-scope:
description: 'NPM Registry Scope'
required: true
expected-version:
description: 'Expected version'
required: true
gemini_api_key:
description: 'The API key for running integration tests.'
required: true
github-token:
description: 'The GitHub token for running integration tests.'
required: true
ref:
description: 'The branch, tag, or SHA to release from.'
required: false
@@ -34,6 +43,16 @@ runs:
ref: '${{ github.event.inputs.ref }}'
fetch-depth: 0
- name: 'setup node'
uses: 'actions/setup-node@v4'
with:
node-version: '20'
- name: 'configure .npmrc'
uses: './.github/actions/setup-npmrc'
with:
github-token: '${{ inputs.github-token }}'
- name: 'Clear npm cache'
shell: 'bash'
run: 'npm cache clean --force'
@@ -44,7 +63,9 @@ runs:
timeout_seconds: 900
retry_wait_seconds: 30
max_attempts: 10
command: 'cd ./verify && pkg="${{ inputs.npm-package }}" && npm install --prefer-online --no-cache -g "$pkg"'
command: |-
cd ./verify
npm install --prefer-online --no-cache -g "${{ inputs.npm-package }}"
- name: 'Smoke test - NPM Install'
shell: 'bash'