name: 'Release: Promote' on: workflow_dispatch: inputs: dry_run: description: 'Run a dry-run of the release process; no branches, npm packages or GitHub releases will be created.' required: true type: 'boolean' default: true force_skip_tests: description: 'Select to skip the "Run Tests" step in testing. Prod releases should run tests' required: false type: 'boolean' default: false ref: description: 'The branch, tag, or SHA to release from.' required: false type: 'string' default: 'main' stable_version_override: description: 'Manually override the stable version number.' required: false type: 'string' preview_version_override: description: 'Manually override the preview version number.' required: false type: 'string' environment: description: 'Environment' required: false type: 'choice' options: - 'prod' - 'dev' default: 'prod' jobs: calculate-versions: name: 'Calculate Versions and Plan' runs-on: 'ubuntu-latest' environment: "${{ github.event.inputs.environment || 'prod' }}" outputs: STABLE_VERSION: '${{ steps.versions.outputs.STABLE_VERSION }}' STABLE_SHA: '${{ steps.versions.outputs.STABLE_SHA }}' PREVIOUS_STABLE_TAG: '${{ steps.versions.outputs.PREVIOUS_STABLE_TAG }}' PREVIEW_VERSION: '${{ steps.versions.outputs.PREVIEW_VERSION }}' PREVIEW_SHA: '${{ steps.versions.outputs.PREVIEW_SHA }}' PREVIOUS_PREVIEW_TAG: '${{ steps.versions.outputs.PREVIOUS_PREVIEW_TAG }}' NEXT_NIGHTLY_VERSION: '${{ steps.versions.outputs.NEXT_NIGHTLY_VERSION }}' PREVIOUS_NIGHTLY_TAG: '${{ steps.versions.outputs.PREVIOUS_NIGHTLY_TAG }}' steps: - name: 'Checkout' uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' with: fetch-depth: 0 fetch-tags: true - name: 'Setup Node.js' uses: 'actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020' with: node-version-file: '.nvmrc' cache: 'npm' - name: 'Install Dependencies' run: 'npm ci' - name: 'Print Inputs' shell: 'bash' env: JSON_INPUTS: '${{ toJSON(inputs) }}' run: 'echo "$JSON_INPUTS"' - name: 'Calculate Versions and SHAs' id: 'versions' env: GH_TOKEN: '${{ secrets.GITHUB_TOKEN }}' STABLE_OVERRIDE: '${{ github.event.inputs.stable_version_override }}' PREVIEW_OVERRIDE: '${{ github.event.inputs.preview_version_override }}' REF_INPUT: '${{ github.event.inputs.ref }}' run: | set -e STABLE_COMMAND="node scripts/get-release-version.js --type=stable" if [[ -n "${STABLE_OVERRIDE}" ]]; then STABLE_COMMAND+=" --stable_version_override=${STABLE_OVERRIDE}" fi PREVIEW_COMMAND="node scripts/get-release-version.js --type=preview" if [[ -n "${PREVIEW_OVERRIDE}" ]]; then PREVIEW_COMMAND+=" --preview_version_override=${PREVIEW_OVERRIDE}" fi NIGHTLY_COMMAND="node scripts/get-release-version.js --type=promote-nightly" STABLE_JSON=$(${STABLE_COMMAND}) STABLE_VERSION=$(echo "${STABLE_JSON}" | jq -r .releaseVersion) PREVIEW_COMMAND+=" --stable-base-version=${STABLE_VERSION}" NIGHTLY_COMMAND+=" --stable-base-version=${STABLE_VERSION}" PREVIEW_JSON=$(${PREVIEW_COMMAND}) NIGHTLY_JSON=$(${NIGHTLY_COMMAND}) echo "STABLE_JSON_COMMAND=${STABLE_COMMAND}" echo "PREVIEW_JSON_COMMAND=${PREVIEW_COMMAND}" echo "NIGHTLY_JSON_COMMAND=${NIGHTLY_COMMAND}" echo "STABLE_JSON: ${STABLE_JSON}" echo "PREVIEW_JSON: ${PREVIEW_JSON}" echo "NIGHTLY_JSON: ${NIGHTLY_JSON}" echo "STABLE_VERSION=${STABLE_VERSION}" >> "${GITHUB_OUTPUT}" # shellcheck disable=SC1083 echo "STABLE_SHA=$(git rev-parse "$(echo "${PREVIEW_JSON}" | jq -r .previousReleaseTag)"^{commit})" >> "${GITHUB_OUTPUT}" echo "PREVIOUS_STABLE_TAG=$(echo "${STABLE_JSON}" | jq -r .previousReleaseTag)" >> "${GITHUB_OUTPUT}" echo "PREVIEW_VERSION=$(echo "${PREVIEW_JSON}" | jq -r .releaseVersion)" >> "${GITHUB_OUTPUT}" # shellcheck disable=SC1083 REF="${REF_INPUT}" SHA=$(git ls-remote origin "$REF" | awk -v ref="$REF" '$2 == "refs/heads/"ref || $2 == "refs/tags/"ref || $2 == ref {print $1}' | head -n 1) if [ -z "$SHA" ]; then if [[ "$REF" =~ ^[0-9a-f]{7,40}$ ]]; then SHA="$REF" else echo "::error::Could not resolve ref '$REF' to a commit SHA." exit 1 fi fi echo "PREVIEW_SHA=$SHA" >> "${GITHUB_OUTPUT}" echo "PREVIOUS_PREVIEW_TAG=$(echo "${PREVIEW_JSON}" | jq -r .previousReleaseTag)" >> "${GITHUB_OUTPUT}" echo "NEXT_NIGHTLY_VERSION=$(echo "${NIGHTLY_JSON}" | jq -r .releaseVersion)" >> "${GITHUB_OUTPUT}" echo "PREVIOUS_NIGHTLY_TAG=$(echo "${NIGHTLY_JSON}" | jq -r .previousReleaseTag)" >> "${GITHUB_OUTPUT}" CURRENT_NIGHTLY_TAG=$(git describe --tags --abbrev=0 --match="*nightly*") echo "CURRENT_NIGHTLY_TAG=${CURRENT_NIGHTLY_TAG}" >> "${GITHUB_OUTPUT}" echo "NEXT_SHA=$SHA" >> "${GITHUB_OUTPUT}" - name: 'Display Pending Updates' env: STABLE_VERSION: '${{ steps.versions.outputs.STABLE_VERSION }}' STABLE_SHA: '${{ steps.versions.outputs.STABLE_SHA }}' PREVIOUS_STABLE_TAG: '${{ steps.versions.outputs.PREVIOUS_STABLE_TAG }}' PREVIEW_VERSION: '${{ steps.versions.outputs.PREVIEW_VERSION }}' PREVIEW_SHA: '${{ steps.versions.outputs.PREVIEW_SHA }}' PREVIOUS_PREVIEW_TAG: '${{ steps.versions.outputs.PREVIOUS_PREVIEW_TAG }}' NEXT_NIGHTLY_VERSION: '${{ steps.versions.outputs.NEXT_NIGHTLY_VERSION }}' PREVIOUS_NIGHTLY_TAG: '${{ steps.versions.outputs.PREVIOUS_NIGHTLY_TAG }}' INPUT_REF: '${{ github.event.inputs.ref }}' run: | echo "Release Plan:" echo "-----------" echo "Stable Release: ${STABLE_VERSION}" echo " - Commit: ${STABLE_SHA}" echo " - Previous Tag: ${PREVIOUS_STABLE_TAG}" echo "" echo "Preview Release: ${PREVIEW_VERSION}" echo " - Commit: ${PREVIEW_SHA} (${INPUT_REF})" echo " - Previous Tag: ${PREVIOUS_PREVIEW_TAG}" echo "" echo "Preparing Next Nightly Release: ${NEXT_NIGHTLY_VERSION}" echo " - Merging Version Update PR to Branch: ${INPUT_REF}" echo " - Previous Tag: ${PREVIOUS_NIGHTLY_TAG}" test: name: 'Test ${{ matrix.channel }}' needs: 'calculate-versions' runs-on: 'ubuntu-latest' strategy: fail-fast: false matrix: include: - channel: 'stable' sha: '${{ needs.calculate-versions.outputs.STABLE_SHA }}' - channel: 'preview' sha: '${{ needs.calculate-versions.outputs.PREVIEW_SHA }}' - channel: 'nightly' sha: '${{ github.event.inputs.ref }}' steps: - name: 'Checkout Ref' uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' with: ref: '${{ github.event.inputs.ref }}' - name: 'Checkout correct SHA' uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' with: ref: '${{ matrix.sha }}' path: 'release' fetch-depth: 0 - name: 'Setup Node.js' uses: 'actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020' with: node-version-file: '.nvmrc' cache: 'npm' - name: 'Install Dependencies' working-directory: './release' run: 'npm ci' - name: 'Run Tests' if: "${{github.event.inputs.force_skip_tests != 'true'}}" uses: './.github/actions/run-tests' with: gemini_api_key: '${{ secrets.GEMINI_API_KEY }}' working-directory: './release' publish-preview: name: 'Publish preview' needs: ['calculate-versions', 'test'] runs-on: 'ubuntu-latest' environment: "${{ github.event.inputs.environment || 'prod' }}" permissions: contents: 'write' packages: 'write' issues: 'write' steps: - name: 'Checkout Ref' uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' with: ref: '${{ github.event.inputs.ref }}' - name: 'Checkout correct SHA' uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' with: ref: '${{ needs.calculate-versions.outputs.PREVIEW_SHA }}' path: 'release' fetch-depth: 0 - name: 'Setup Node.js' uses: 'actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020' with: node-version-file: '.nvmrc' cache: 'npm' - name: 'Install Dependencies' working-directory: './release' run: 'npm ci' - name: 'Publish Release' uses: './.github/actions/publish-release' with: release-version: '${{ needs.calculate-versions.outputs.PREVIEW_VERSION }}' release-tag: 'v${{ needs.calculate-versions.outputs.PREVIEW_VERSION }}' npm-tag: 'preview' wombat-token-core: '${{ secrets.WOMBAT_TOKEN_CORE }}' wombat-token-cli: '${{ secrets.WOMBAT_TOKEN_CLI }}' wombat-token-a2a-server: '${{ secrets.WOMBAT_TOKEN_A2A_SERVER }}' github-token: '${{ secrets.GITHUB_TOKEN }}' github-release-token: '${{ secrets.GEMINI_CLI_ROBOT_GITHUB_PAT }}' dry-run: '${{ github.event.inputs.dry_run }}' previous-tag: '${{ needs.calculate-versions.outputs.PREVIOUS_PREVIEW_TAG }}' working-directory: './release' gemini_api_key: '${{ secrets.GEMINI_API_KEY }}' force-skip-tests: '${{ github.event.inputs.force_skip_tests }}' npm-registry-publish-url: '${{ vars.NPM_REGISTRY_PUBLISH_URL }}' npm-registry-url: '${{ vars.NPM_REGISTRY_URL }}' npm-registry-scope: '${{ vars.NPM_REGISTRY_SCOPE }}' cli-package-name: '${{ vars.CLI_PACKAGE_NAME }}' core-package-name: '${{ vars.CORE_PACKAGE_NAME }}' a2a-package-name: '${{ vars.A2A_PACKAGE_NAME }}' - name: 'Create Issue on Failure' if: '${{ failure() && github.event.inputs.dry_run == false }}' env: GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}' RELEASE_TAG: 'v${{ needs.calculate-versions.outputs.PREVIEW_VERSION }}' DETAILS_URL: '${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}' run: | gh issue create \ --title 'Promote Release Failed for ${RELEASE_TAG} on $(date +'%Y-%m-%d')' \ --body 'The promote-release workflow failed during preview publish. See the full run for details: ${DETAILS_URL}' \ --label 'release-failure,priority/p0' publish-stable: name: 'Publish stable' needs: ['calculate-versions', 'test', 'publish-preview'] runs-on: 'ubuntu-latest' environment: "${{ github.event.inputs.environment || 'prod' }}" permissions: contents: 'write' packages: 'write' issues: 'write' steps: - name: 'Checkout Ref' uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' with: ref: '${{ github.event.inputs.ref }}' - name: 'Checkout correct SHA' uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' with: ref: '${{ needs.calculate-versions.outputs.STABLE_SHA }}' path: 'release' fetch-depth: 0 - name: 'Setup Node.js' uses: 'actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020' with: node-version-file: '.nvmrc' cache: 'npm' - name: 'Install Dependencies' working-directory: './release' run: 'npm ci' - name: 'Publish Release' uses: './.github/actions/publish-release' with: release-version: '${{ needs.calculate-versions.outputs.STABLE_VERSION }}' release-tag: 'v${{ needs.calculate-versions.outputs.STABLE_VERSION }}' npm-tag: 'latest' wombat-token-core: '${{ secrets.WOMBAT_TOKEN_CORE }}' wombat-token-cli: '${{ secrets.WOMBAT_TOKEN_CLI }}' wombat-token-a2a-server: '${{ secrets.WOMBAT_TOKEN_A2A_SERVER }}' github-token: '${{ secrets.GITHUB_TOKEN }}' github-release-token: '${{ secrets.GEMINI_CLI_ROBOT_GITHUB_PAT }}' dry-run: '${{ github.event.inputs.dry_run }}' previous-tag: '${{ needs.calculate-versions.outputs.PREVIOUS_STABLE_TAG }}' working-directory: './release' gemini_api_key: '${{ secrets.GEMINI_API_KEY }}' force-skip-tests: '${{ github.event.inputs.force_skip_tests }}' npm-registry-publish-url: '${{ vars.NPM_REGISTRY_PUBLISH_URL }}' npm-registry-url: '${{ vars.NPM_REGISTRY_URL }}' npm-registry-scope: '${{ vars.NPM_REGISTRY_SCOPE }}' cli-package-name: '${{ vars.CLI_PACKAGE_NAME }}' core-package-name: '${{ vars.CORE_PACKAGE_NAME }}' a2a-package-name: '${{ vars.A2A_PACKAGE_NAME }}' - name: 'Create Issue on Failure' if: '${{ failure() && github.event.inputs.dry_run == false }}' env: GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}' RELEASE_TAG: 'v${{ needs.calculate-versions.outputs.STABLE_VERSION }}' DETAILS_URL: '${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}' run: | gh issue create \ --title 'Promote Release Failed for ${RELEASE_TAG} on $(date +'%Y-%m-%d')' \ --body 'The promote-release workflow failed during stable publish. See the full run for details: ${DETAILS_URL}' \ --label 'release-failure,priority/p0' nightly-pr: name: 'Create Nightly PR' needs: ['publish-stable', 'calculate-versions'] runs-on: 'ubuntu-latest' environment: "${{ github.event.inputs.environment || 'prod' }}" permissions: contents: 'write' pull-requests: 'write' issues: 'write' steps: - name: 'Checkout Ref' uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' with: ref: '${{ github.event.inputs.ref }}' - name: 'Setup Node.js' uses: 'actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020' with: node-version-file: '.nvmrc' cache: 'npm' - name: 'Install Dependencies' run: 'npm ci' - name: 'Configure Git User' run: |- git config user.name "gemini-cli-robot" git config user.email "gemini-cli-robot@google.com" - name: 'Create and switch to a new branch' id: 'release_branch' run: | BRANCH_NAME="chore/nightly-version-bump-${NEEDS_CALCULATE_VERSIONS_OUTPUTS_NEXT_NIGHTLY_VERSION}" git switch -c "${BRANCH_NAME}" echo "BRANCH_NAME=${BRANCH_NAME}" >> "${GITHUB_OUTPUT}" env: NEEDS_CALCULATE_VERSIONS_OUTPUTS_NEXT_NIGHTLY_VERSION: '${{ needs.calculate-versions.outputs.NEXT_NIGHTLY_VERSION }}' - name: 'Update package versions' run: 'npm run release:version "${NEEDS_CALCULATE_VERSIONS_OUTPUTS_NEXT_NIGHTLY_VERSION}"' env: NEEDS_CALCULATE_VERSIONS_OUTPUTS_NEXT_NIGHTLY_VERSION: '${{ needs.calculate-versions.outputs.NEXT_NIGHTLY_VERSION }}' - name: 'Commit and Push package versions' env: BRANCH_NAME: '${{ steps.release_branch.outputs.BRANCH_NAME }}' DRY_RUN: '${{ github.event.inputs.dry_run }}' NEEDS_CALCULATE_VERSIONS_OUTPUTS_NEXT_NIGHTLY_VERSION: '${{ needs.calculate-versions.outputs.NEXT_NIGHTLY_VERSION }}' run: |- git add package.json packages/*/package.json if [ -f package-lock.json ]; then git add package-lock.json fi git commit -m "chore(release): bump version to ${NEEDS_CALCULATE_VERSIONS_OUTPUTS_NEXT_NIGHTLY_VERSION}" if [[ "${DRY_RUN}" == "false" ]]; then echo "Pushing release branch to remote..." git push --set-upstream origin "${BRANCH_NAME}" else echo "Dry run enabled. Skipping push." fi - name: 'Create and Merge Pull Request' uses: './.github/actions/create-pull-request' with: branch-name: '${{ steps.release_branch.outputs.BRANCH_NAME }}' pr-title: 'chore(release): bump version to ${{ needs.calculate-versions.outputs.NEXT_NIGHTLY_VERSION }}' pr-body: 'Automated version bump to prepare for the next nightly release.' github-token: '${{ secrets.GEMINI_CLI_ROBOT_GITHUB_PAT }}' dry-run: '${{ github.event.inputs.dry_run }}' - name: 'Create Issue on Failure' if: '${{ failure() && github.event.inputs.dry_run == false }}' env: GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}' RELEASE_TAG: 'v${{ needs.calculate-versions.outputs.NEXT_NIGHTLY_VERSION }}' DETAILS_URL: '${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}' run: | gh issue create \ --title 'Promote Release Failed for ${RELEASE_TAG} on $(date +'%Y-%m-%d')' \ --body 'The promote-release workflow failed during nightly PR creation. See the full run for details: ${DETAILS_URL}' \ --label 'release-failure,priority/p0'