release-please #72

Workflow file for this run

.github/workflows/release-please.yml at bfee6c9

	# This workflow handles both automated and manual package publishing:
	#
	# AUTOMATED PUBLISHING (on push to main):
	# - Triggered automatically when changes are pushed to the main branch
	# - Uses release-please to create releases based on conventional commits
	# - Publishes packages to PyPI automatically when release PRs are merged
	#
	# MANUAL PUBLISHING (via workflow_dispatch):
	# - Can be triggered manually from the Actions tab
	# - Allows publishing a specific package to PyPI
	# - Supports dry-run mode
	#
	name: release-please

	on:
	push:
	branches:
	- main
	workflow_dispatch:
	inputs:
	workspace_path:
	description: 'The workspace to publish'
	required: true
	default: 'packages/sdk/server-ai'
	type: choice
	options:
	- packages/sdk/server-ai
	- packages/ai-providers/server-ai-langchain
	dry_run:
	description: 'Is this a dry run. If so no package will be published.'
	type: boolean
	required: true

	jobs:
	release-please:
	runs-on: ubuntu-latest
	permissions:
	contents: write # Needed for release-please to create releases.
	pull-requests: write # Needed for release-please to create/update PRs.
	if: github.event_name == 'push'
	outputs:
	package-server-ai-released: ${{ steps.release.outputs['packages/sdk/server-ai--release_created'] }}
	package-server-ai-tag-name: ${{ steps.release.outputs['packages/sdk/server-ai--tag_name'] }}
	package-server-ai-langchain-released: ${{ steps.release.outputs['packages/ai-providers/server-ai-langchain--release_created'] }}
	package-server-ai-langchain-tag-name: ${{ steps.release.outputs['packages/ai-providers/server-ai-langchain--tag_name'] }}
	steps:
	- uses: googleapis/release-please-action@v4
	id: release

	release-server-ai:
	runs-on: ubuntu-latest
	needs: ['release-please']
	permissions:
	id-token: write # Needed for OIDC to get release secrets from AWS.
	if: ${{ needs.release-please.outputs.package-server-ai-released == 'true' }}
	outputs:
	package-hashes: ${{ steps.build.outputs.package-hashes }}
	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- uses: actions/setup-python@v5
	with:
	python-version: '3.11'

	- name: Install poetry
	uses: abatilo/actions-poetry@7b6d33e44b4f08d7021a1dee3c044e9c253d6439

	- uses: ./.github/actions/ci
	with:
	workspace_path: packages/sdk/server-ai

	- uses: ./.github/actions/build
	id: build
	with:
	workspace_path: packages/sdk/server-ai

	- uses: launchdarkly/gh-actions/actions/[email protected]
	name: 'Get PyPI token'
	with:
	aws_assume_role: ${{ vars.AWS_ROLE_ARN }}
	ssm_parameter_pairs: '/production/common/releasing/pypi/token = PYPI_AUTH_TOKEN'

	- name: Publish to PyPI
	uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0
	with:
	password: ${{ env.PYPI_AUTH_TOKEN }}
	packages-dir: packages/sdk/server-ai/dist/

	release-server-ai-langchain:
	runs-on: ubuntu-latest
	needs: ['release-please']
	permissions:
	id-token: write # Needed for OIDC to get release secrets from AWS.
	if: ${{ needs.release-please.outputs.package-server-ai-langchain-released == 'true' }}
	outputs:
	package-hashes: ${{ steps.build.outputs.package-hashes }}
	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- uses: actions/setup-python@v5
	with:
	python-version: '3.11'

	- name: Install poetry
	uses: abatilo/actions-poetry@7b6d33e44b4f08d7021a1dee3c044e9c253d6439

	- uses: ./.github/actions/ci
	with:
	workspace_path: packages/ai-providers/server-ai-langchain

	- uses: ./.github/actions/build
	id: build
	with:
	workspace_path: packages/ai-providers/server-ai-langchain

	- uses: launchdarkly/gh-actions/actions/[email protected]
	name: 'Get PyPI token'
	with:
	aws_assume_role: ${{ vars.AWS_ROLE_ARN }}
	ssm_parameter_pairs: '/production/common/releasing/pypi/token = PYPI_AUTH_TOKEN'

	- name: Publish to PyPI
	uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0
	with:
	password: ${{ env.PYPI_AUTH_TOKEN }}
	packages-dir: packages/ai-providers/server-ai-langchain/dist/

	manual-publish:
	runs-on: ubuntu-latest
	if: github.event_name == 'workflow_dispatch'
	permissions:
	id-token: write # Needed for OIDC to get release secrets from AWS.
	contents: read # Needed for actions/checkout.
	steps:
	- uses: actions/checkout@v4

	- uses: actions/setup-python@v5
	with:
	python-version: '3.11'

	- name: Install poetry
	uses: abatilo/actions-poetry@7b6d33e44b4f08d7021a1dee3c044e9c253d6439

	- uses: ./.github/actions/ci
	with:
	workspace_path: ${{ inputs.workspace_path }}

	- uses: ./.github/actions/build
	id: build
	with:
	workspace_path: ${{ inputs.workspace_path }}

	- uses: launchdarkly/gh-actions/actions/[email protected]
	if: ${{ inputs.dry_run != true }}
	name: 'Get PyPI token'
	with:
	aws_assume_role: ${{ vars.AWS_ROLE_ARN }}
	ssm_parameter_pairs: '/production/common/releasing/pypi/token = PYPI_AUTH_TOKEN'

	- name: Publish to PyPI
	if: ${{ inputs.dry_run != true }}
	uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0
	with:
	password: ${{ env.PYPI_AUTH_TOKEN }}
	packages-dir: ${{ inputs.workspace_path }}/dist/

	release-server-ai-provenance:
	needs: ['release-please', 'release-server-ai']
	if: ${{ needs.release-please.outputs.package-server-ai-released == 'true' }}
	permissions:
	actions: read # Needed for detecting the GitHub Actions environment.
	id-token: write # Needed for provenance signing.
	contents: write # Needed for uploading assets to the release.
	uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
	with:
	base64-subjects: "${{ needs.release-server-ai.outputs.package-hashes }}"
	upload-assets: true
	upload-tag-name: ${{ needs.release-please.outputs.package-server-ai-tag-name }}

	release-server-ai-langchain-provenance:
	needs: ['release-please', 'release-server-ai-langchain']
	if: ${{ needs.release-please.outputs.package-server-ai-langchain-released == 'true' }}
	permissions:
	actions: read # Needed for detecting the GitHub Actions environment.
	id-token: write # Needed for provenance signing.
	contents: write # Needed for uploading assets to the release.
	uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
	with:
	base64-subjects: "${{ needs.release-server-ai-langchain.outputs.package-hashes }}"
	upload-assets: true
	upload-tag-name: ${{ needs.release-please.outputs.package-server-ai-langchain-tag-name }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

release-please #72

Workflow file

release-please #72

Uh oh!

Workflow file for this run