fix: allow YOLO when starting swarm tasks (#645) #285
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - main | |
| concurrency: ${{ github.workflow }}-${{ github.ref }} | |
| jobs: | |
| release: | |
| name: Release | |
| runs-on: ubuntu-latest | |
| if: github.repository_owner == 'MoonshotAI' | |
| outputs: | |
| packages_published: ${{ steps.changesets.outputs.published }} | |
| kimi_native_release: ${{ steps.kimi-release.outputs.should_publish }} | |
| kimi_release_tag: ${{ steps.kimi-release.outputs.tag }} | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| id-token: write # Required for NPM Trusted Publishing (OIDC) | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@v6 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version-file: .nvmrc | |
| cache: "pnpm" | |
| registry-url: "https://registry.npmjs.org" | |
| - name: Upgrade npm for Trusted Publishing | |
| run: npm install -g npm@latest | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Generate Kimi Code built-in catalog | |
| shell: bash | |
| run: | | |
| CATALOG_FILE="$RUNNER_TEMP/kimi-code-built-in-catalog.json" | |
| node apps/kimi-code/scripts/update-catalog.mjs --out "$CATALOG_FILE" | |
| echo "KIMI_CODE_BUILT_IN_CATALOG_FILE=$CATALOG_FILE" >> "$GITHUB_ENV" | |
| - name: Build packages | |
| run: pnpm build | |
| - name: Create Release Pull Request or Publish to npm | |
| id: changesets | |
| uses: changesets/action@v1 | |
| with: | |
| publish: pnpm changeset publish | |
| version: pnpm run version:release | |
| commit: "ci: release packages" | |
| title: "ci: release packages" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # NPM_TOKEN is not needed with Trusted Publishing (OIDC) | |
| - name: Resolve Kimi Code native release | |
| if: steps.changesets.outputs.published == 'true' | |
| id: kimi-release | |
| run: node apps/kimi-code/scripts/native/resolve-release.mjs | |
| env: | |
| CHANGESETS_PUBLISHED_PACKAGES: ${{ steps.changesets.outputs.publishedPackages }} | |
| deploy-docs: | |
| name: Deploy docs | |
| needs: release | |
| if: needs.release.outputs.packages_published == 'true' | |
| uses: ./.github/workflows/docs-deploy.yml | |
| permissions: | |
| contents: read | |
| pages: write | |
| id-token: write | |
| native-artifacts: | |
| name: Native release artifact | |
| needs: release | |
| if: needs.release.outputs.kimi_native_release == 'true' | |
| uses: ./.github/workflows/_native-build.yml | |
| with: | |
| upload-artifact-prefix: kimi-code-native | |
| retention-days: 7 | |
| sign-macos: true | |
| secrets: | |
| APPLE_CERTIFICATE_P12: ${{ secrets.APPLE_CERTIFICATE_P12 }} | |
| APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| APPLE_NOTARIZATION_KEY_P8: ${{ secrets.APPLE_NOTARIZATION_KEY_P8 }} | |
| APPLE_NOTARIZATION_KEY_ID: ${{ secrets.APPLE_NOTARIZATION_KEY_ID }} | |
| APPLE_NOTARIZATION_ISSUER_ID: ${{ secrets.APPLE_NOTARIZATION_ISSUER_ID }} | |
| publish-native-assets: | |
| name: Publish native release assets | |
| needs: | |
| - release | |
| - native-artifacts | |
| if: needs.release.outputs.kimi_native_release == 'true' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| - name: Download native artifacts | |
| uses: actions/download-artifact@v8 | |
| with: | |
| pattern: kimi-code-native-* | |
| path: dist-native-release | |
| merge-multiple: true | |
| - name: Produce manifest.json | |
| env: | |
| RELEASE_TAG: ${{ needs.release.outputs.kimi_release_tag }} | |
| run: node apps/kimi-code/scripts/native/produce-manifest.mjs dist-native-release "$RELEASE_TAG" | |
| - name: Upload assets to GitHub Release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| RELEASE_TAG: ${{ needs.release.outputs.kimi_release_tag }} | |
| run: gh release upload "$RELEASE_TAG" dist-native-release/* --clobber |