-
Notifications
You must be signed in to change notification settings - Fork 21
257 lines (207 loc) · 7.59 KB
/
Copy pathci.yml
File metadata and controls
257 lines (207 loc) · 7.59 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: 24
cache: npm
- run: npm ci
- run: npm run typecheck
- run: npm test
# The check job covers the cross-cutting verifications that don't
# belong to a single language. `npm test` already runs these, but
# surface them as named steps so a failure has a clear job-step
# name rather than being buried in the test output.
- name: Verify release metadata
run: npm run verify:release-metadata
- name: Verify CHANGELOG entries
run: npm run verify:changelog
rust:
runs-on: ubuntu-latest
defaults:
run:
working-directory: clients/rust
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: 24
cache: npm
- uses: dtolnay/rust-toolchain@stable
with:
components: clippy
- uses: Swatinem/rust-cache@v2
with:
workspaces: clients/rust
- name: Install Node deps
working-directory: .
run: npm ci
# Verify the committed Rust sources match what `generate:rust`
# would emit. Mirrors the equivalent step in the swift / kotlin /
# typescript CI jobs. Catches "edited a .ts type but forgot to
# regenerate the Rust crate" before the PR ships.
- name: Verify generated Rust is up to date
working-directory: .
run: |
npm run generate:rust
if ! git diff --quiet -- clients/rust; then
echo "::error::Generated Rust sources are out of date. Run 'npm run generate:rust' and commit the result."
git --no-pager diff -- clients/rust
exit 1
fi
- name: Check Rust formatting
run: cargo fmt --all -- --check
- run: cargo clippy --workspace -- -D warnings
- run: cargo test --workspace
swift:
runs-on: macos-latest
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: 24
cache: npm
- run: npm ci
# Verify the committed Swift sources are in sync with the TypeScript
# protocol definitions. If `npm run generate:swift` produces any diff,
# the committed Generated/ files are stale.
- name: Verify generated Swift is up to date
run: |
npm run generate:swift
if ! git diff --quiet -- clients/swift/AgentHostProtocol; then
echo "::error::Generated Swift sources are out of date. Run 'npm run generate:swift' and commit the result."
git --no-pager diff -- clients/swift/AgentHostProtocol
exit 1
fi
- name: Build Swift package
run: swift build
- name: Test Swift package
run: swift test
kotlin:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
# Sanity-check the committed gradle-wrapper.jar against Gradle's
# published checksums so a poisoned wrapper can't run arbitrary code
# in CI. This is the standard Gradle hardening step recommended for
# all public repos.
- uses: gradle/actions/wrapper-validation@v6
- uses: actions/setup-node@v6
with:
node-version: 24
cache: npm
- uses: actions/setup-java@v5
with:
distribution: temurin
java-version: 17
- uses: gradle/actions/setup-gradle@v6
- run: npm ci
# Verify the committed Kotlin sources are in sync with the TypeScript
# protocol definitions. If `npm run generate:kotlin` produces any
# diff (or new files), the committed generated files are stale.
# We use `git status --porcelain` rather than `git diff` so a
# newly-emitted file (untracked) also fails the check.
- name: Verify generated Kotlin is up to date
run: |
npm run generate:kotlin
if [ -n "$(git status --porcelain -- clients/kotlin)" ]; then
echo "::error::Generated Kotlin sources are out of date. Run 'npm run generate:kotlin' and commit the result."
git status --porcelain -- clients/kotlin
git --no-pager diff -- clients/kotlin
exit 1
fi
- name: Build Kotlin package
working-directory: clients/kotlin
run: ./gradlew build --stacktrace
typescript:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: 24
cache: npm
- run: npm ci
# The wire types under clients/typescript/src/types/ are generated
# from the canonical types/ at the repo root and intentionally not
# committed (avoids byte-for-byte duplication). Generate them
# before installing/typechecking/testing the TS client.
- name: Generate TypeScript client sources
run: npm run generate:typescript
# Verify the committed TypeScript generated sources are in sync with the
# TypeScript protocol definitions. Check only clients/typescript/src
# (the actual generated files), not lock files which naturally drift
# with npm ci.
- name: Verify generated TypeScript is up to date
run: |
if ! git diff --quiet -- clients/typescript/src; then
echo "::error::Generated TypeScript sources are out of date. Run 'npm run generate:typescript' and commit the result."
git --no-pager diff -- clients/typescript/src
exit 1
fi
- name: Install TypeScript client dependencies
working-directory: clients/typescript
run: npm ci
- name: Typecheck TypeScript client
working-directory: clients/typescript
run: npm run typecheck
- name: Test TypeScript client
working-directory: clients/typescript
run: npm test
- name: Build TypeScript client
working-directory: clients/typescript
run: npm run build
go:
runs-on: ubuntu-latest
defaults:
run:
working-directory: clients/go
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: 24
cache: npm
- uses: actions/setup-go@v5
with:
go-version: '1.22'
cache: true
cache-dependency-path: clients/go/go.sum
- name: Install Node deps
working-directory: .
run: npm ci
# Verify the committed Go sources are in sync with the TypeScript
# protocol definitions. We use `git status --porcelain` (like the
# Kotlin job) so a newly-emitted file also fails the check.
- name: Verify generated Go is up to date
working-directory: .
run: |
npm run generate:go
if [ -n "$(git status --porcelain -- clients/go)" ]; then
echo "::error::Generated Go sources are out of date. Run 'npm run generate:go' and commit the result."
git status --porcelain -- clients/go
git --no-pager diff -- clients/go
exit 1
fi
- name: Build Go module
run: go build ./...
- name: Check Go formatting
run: |
OUT=$(gofmt -l .)
if [ -n "$OUT" ]; then
echo "::error::gofmt -l reported unformatted files. Run 'gofmt -w' on them and commit the result:"
echo "$OUT"
exit 1
fi
- name: Vet Go module
run: go vet ./...
- name: Test Go module
run: go test ./...