687 lines
24 KiB
JavaScript
687 lines
24 KiB
JavaScript
#!/usr/bin/env node
|
|
import {
|
|
chmodSync,
|
|
existsSync,
|
|
mkdirSync,
|
|
mkdtempSync,
|
|
readdirSync,
|
|
rmSync,
|
|
writeFileSync,
|
|
readFileSync,
|
|
} from 'node:fs';
|
|
import { tmpdir } from 'node:os';
|
|
import { join } from 'node:path';
|
|
import { spawnSync } from 'node:child_process';
|
|
|
|
const packageJson = JSON.parse(readFileSync(new URL('../package.json', import.meta.url), 'utf8'));
|
|
const changesetConfig = JSON.parse(
|
|
readFileSync(new URL('../.changeset/config.json', import.meta.url), 'utf8')
|
|
);
|
|
const tsReleaseWorkflow = readFileSync(
|
|
new URL('../.github/workflows/ts.release.yml', import.meta.url),
|
|
'utf8'
|
|
);
|
|
const pythonPyproject = readFileSync(new URL('../python/pyproject.toml', import.meta.url), 'utf8');
|
|
const pythonChangelog = readFileSync(new URL('../python/CHANGELOG.md', import.meta.url), 'utf8');
|
|
const pythonRuntimeVersionModule = readFileSync(
|
|
new URL('../python/composio/__version__.py', import.meta.url),
|
|
'utf8'
|
|
);
|
|
const changesetBinPath = new URL('../node_modules/.bin/changeset', import.meta.url).pathname;
|
|
const releaseScriptUrl = new URL('../ts/scripts/changeset-release.sh', import.meta.url);
|
|
const releaseScriptPath = releaseScriptUrl.pathname;
|
|
const releaseScript = readFileSync(releaseScriptUrl, 'utf8');
|
|
const buildCliWorkflow = readFileSync(
|
|
new URL('../.github/workflows/build-cli-binaries.yml', import.meta.url),
|
|
'utf8'
|
|
);
|
|
const installHealthCheck = readFileSync(
|
|
new URL('../.github/workflows/cli.install-health-check.yml', import.meta.url),
|
|
'utf8'
|
|
);
|
|
const resolveTargetScriptUrl = new URL(
|
|
'../.github/scripts/cli-release/resolve-release-target.sh',
|
|
import.meta.url
|
|
);
|
|
const resolveTargetScriptPath = resolveTargetScriptUrl.pathname;
|
|
const resolveTargetScript = readFileSync(resolveTargetScriptUrl, 'utf8');
|
|
const createDraftScript = readFileSync(
|
|
new URL('../.github/scripts/cli-release/create-or-resume-draft.sh', import.meta.url),
|
|
'utf8'
|
|
);
|
|
const verifyAssetsScript = readFileSync(
|
|
new URL('../.github/scripts/cli-release/verify-assets.sh', import.meta.url),
|
|
'utf8'
|
|
);
|
|
|
|
function requireMatch(text, pattern, label) {
|
|
const match = text.match(pattern);
|
|
if (!match?.[1]) {
|
|
throw new Error(`Could not read ${label}`);
|
|
}
|
|
return match[1];
|
|
}
|
|
|
|
function readPyprojectVersion(text, label) {
|
|
return requireMatch(text, /^\s*version\s*=\s*"([^"]+)"\s*$/m, label);
|
|
}
|
|
|
|
function readChangelogVersions(text) {
|
|
return [...text.matchAll(/^## \[([^\]]+)\]/gm)].map(match => match[1]);
|
|
}
|
|
|
|
if (!tsReleaseWorkflow.includes('publish: pnpm changeset:release')) {
|
|
throw new Error('ts.release.yml must use the repository-controlled changeset:release script');
|
|
}
|
|
|
|
if (packageJson.scripts?.['changeset:release'] !== 'bash ts/scripts/changeset-release.sh') {
|
|
throw new Error('changeset:release must use the CLI-release filtering script');
|
|
}
|
|
|
|
if (changesetConfig.baseBranch !== 'next') {
|
|
throw new Error('changesets must compare against next, the active release branch');
|
|
}
|
|
|
|
if (
|
|
changesetConfig.___experimentalUnsafeOptions_WILL_CHANGE_IN_PATCH
|
|
?.onlyUpdatePeerDependentsWhenOutOfRange !== true
|
|
) {
|
|
throw new Error(
|
|
'changesets must only major-bump peer dependents when the new dependency version leaves their declared peer range'
|
|
);
|
|
}
|
|
|
|
// --- Python release metadata: package version, runtime version, and changelog must agree ---
|
|
|
|
{
|
|
const pythonVersion = readPyprojectVersion(pythonPyproject, 'python/pyproject.toml version');
|
|
const runtimeVersion = requireMatch(
|
|
pythonRuntimeVersionModule,
|
|
/^\s*__version__\s*=\s*"([^"]+)"\s*$/m,
|
|
'python/composio/__version__.py version'
|
|
);
|
|
|
|
if (runtimeVersion !== pythonVersion) {
|
|
throw new Error(
|
|
`python/composio/__version__.py must match python/pyproject.toml (${runtimeVersion} !== ${pythonVersion})`
|
|
);
|
|
}
|
|
|
|
const changelogVersions = readChangelogVersions(pythonChangelog);
|
|
if (changelogVersions[0] !== pythonVersion) {
|
|
throw new Error(
|
|
`python/CHANGELOG.md must start with the current Python package version (${changelogVersions[0] ?? 'none'} !== ${pythonVersion})`
|
|
);
|
|
}
|
|
|
|
const providerDir = new URL('../python/providers/', import.meta.url);
|
|
for (const entry of readdirSync(providerDir, { withFileTypes: true })) {
|
|
if (!entry.isDirectory()) continue;
|
|
|
|
const pyprojectPath = new URL(
|
|
`../python/providers/${entry.name}/pyproject.toml`,
|
|
import.meta.url
|
|
);
|
|
const setupPath = new URL(`../python/providers/${entry.name}/setup.py`, import.meta.url);
|
|
if (!existsSync(pyprojectPath) || !existsSync(setupPath)) continue;
|
|
|
|
const providerPyprojectVersion = readPyprojectVersion(
|
|
readFileSync(pyprojectPath, 'utf8'),
|
|
`python/providers/${entry.name}/pyproject.toml version`
|
|
);
|
|
const providerSetupVersion = requireMatch(
|
|
readFileSync(setupPath, 'utf8'),
|
|
/version\s*=\s*"([^"]+)"/,
|
|
`python/providers/${entry.name}/setup.py version`
|
|
);
|
|
|
|
if (providerPyprojectVersion !== pythonVersion) {
|
|
throw new Error(
|
|
`python/providers/${entry.name}/pyproject.toml must match python/pyproject.toml (${providerPyprojectVersion} !== ${pythonVersion})`
|
|
);
|
|
}
|
|
if (providerSetupVersion !== pythonVersion) {
|
|
throw new Error(
|
|
`python/providers/${entry.name}/setup.py must match python/pyproject.toml (${providerSetupVersion} !== ${pythonVersion})`
|
|
);
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!releaseScript.includes('pnpm changeset publish')) {
|
|
throw new Error('release script must still publish non-CLI changeset packages');
|
|
}
|
|
|
|
if (!releaseScript.includes('New tag:[[:space:]]*@composio\\/cli@')) {
|
|
throw new Error(
|
|
'release script must filter @composio/cli tag output before changesets/action creates GitHub releases'
|
|
);
|
|
}
|
|
|
|
// --- build-cli-binaries.yml: the CLI binary workflow is the sole, hardened release writer ---
|
|
|
|
// A single failed platform must never publish a partial set: fail-fast: false makes the build
|
|
// job `success` only when every matrix leg passes, gating the release job.
|
|
if (!buildCliWorkflow.includes('fail-fast: false')) {
|
|
throw new Error('build-cli-binaries.yml build matrix must set fail-fast: false');
|
|
}
|
|
|
|
// The release must be built as a draft and only flipped to published after verification, so no
|
|
// anonymous consumer can observe a release before its assets are attached. The draft and verify
|
|
// logic live in standalone scripts checked out from the workflow revision; the workflow must
|
|
// invoke them in helper checkout → draft → verify → publish order.
|
|
const helperCheckoutIdx = buildCliWorkflow.indexOf('name: Checkout workflow release helpers');
|
|
const draftStepIdx = buildCliWorkflow.indexOf(
|
|
'bash "$RELEASE_HELPERS_DIR/create-or-resume-draft.sh"'
|
|
);
|
|
const verifyStepIdx = buildCliWorkflow.indexOf('bash "$RELEASE_HELPERS_DIR/verify-assets.sh"');
|
|
const publishIdx = buildCliWorkflow.indexOf('gh release edit "$RELEASE_TAG" --draft=false');
|
|
|
|
if (!buildCliWorkflow.includes("- '.github/scripts/cli-release/**'")) {
|
|
throw new Error('build-cli-binaries.yml must trigger when CLI release helper scripts change');
|
|
}
|
|
if (helperCheckoutIdx === -1) {
|
|
throw new Error(
|
|
'build-cli-binaries.yml must checkout workflow release helpers before publishing'
|
|
);
|
|
}
|
|
if (!buildCliWorkflow.includes('ref: ${{ github.workflow_sha }}')) {
|
|
throw new Error(
|
|
'build-cli-binaries.yml must checkout release helpers from the workflow revision'
|
|
);
|
|
}
|
|
if (draftStepIdx === -1) {
|
|
throw new Error('build-cli-binaries.yml must create the draft via create-or-resume-draft.sh');
|
|
}
|
|
if (verifyStepIdx === -1) {
|
|
throw new Error('build-cli-binaries.yml must verify assets via verify-assets.sh');
|
|
}
|
|
if (publishIdx === -1) {
|
|
throw new Error(
|
|
'build-cli-binaries.yml must publish by flipping the draft (gh release edit --draft=false)'
|
|
);
|
|
}
|
|
if (
|
|
!(helperCheckoutIdx < draftStepIdx && draftStepIdx < verifyStepIdx && verifyStepIdx < publishIdx)
|
|
) {
|
|
throw new Error(
|
|
'build-cli-binaries.yml must order steps helper checkout → draft → verify → publish'
|
|
);
|
|
}
|
|
|
|
// The draft script must actually create a draft, and the verify gate must require fully-uploaded
|
|
// assets (not merely present) — that distinction is what stops a release serving 404s.
|
|
if (!createDraftScript.includes('--draft')) {
|
|
throw new Error('create-or-resume-draft.sh must create the release as a draft (--draft)');
|
|
}
|
|
if (!verifyAssetsScript.includes('select(.state == "uploaded")')) {
|
|
throw new Error('verify-assets.sh must require assets be fully uploaded (state == "uploaded")');
|
|
}
|
|
|
|
// Beta status must survive the draft→publish flip (regression: the old single create set
|
|
// --prerelease at creation; the new flow must set it on the draft).
|
|
if (!createDraftScript.includes('flags+=(--prerelease)')) {
|
|
throw new Error(
|
|
'create-or-resume-draft.sh must preserve --prerelease on the draft for beta releases'
|
|
);
|
|
}
|
|
|
|
// Skills must be packaged BEFORE checksums are generated, so composio-skill.zip is hashed into
|
|
// checksums.txt rather than shipping unverifiable.
|
|
const packageSkillsIdx = buildCliWorkflow.indexOf('name: Package skill files');
|
|
const generateChecksumsIdx = buildCliWorkflow.indexOf('name: Generate checksums');
|
|
if (packageSkillsIdx === -1 || generateChecksumsIdx === -1) {
|
|
throw new Error('build-cli-binaries.yml must package skills and generate checksums');
|
|
}
|
|
if (!(packageSkillsIdx < generateChecksumsIdx)) {
|
|
throw new Error(
|
|
'build-cli-binaries.yml must package skills before generating checksums so the skill zip is checksummed'
|
|
);
|
|
}
|
|
|
|
// Per-tag concurrency prevents two runs clobbering the same release without serializing betas.
|
|
if (!buildCliWorkflow.includes('group: cli-release-${{ needs.prepare.outputs.release_tag }}')) {
|
|
throw new Error(
|
|
'build-cli-binaries.yml release job must use per-tag concurrency keyed on the release tag'
|
|
);
|
|
}
|
|
|
|
// Release-target resolution lives in a standalone, unit-tested script (see executable tests
|
|
// below) rather than inline YAML bash, so the branching logic is reviewable and testable.
|
|
if (!buildCliWorkflow.includes('bash .github/scripts/cli-release/resolve-release-target.sh')) {
|
|
throw new Error('build-cli-binaries.yml prepare job must delegate to resolve-release-target.sh');
|
|
}
|
|
|
|
// The "latest stable" lookup must sort by numeric semver, not lexically: a lexical sort ranks
|
|
// @composio/cli@0.2.9 above 0.2.10 and would regress beta versioning once a patch hits 2 digits.
|
|
if (!resolveTargetScript.includes('map(tonumber)')) {
|
|
throw new Error(
|
|
'resolve-release-target.sh must sort releases by numeric semver (map(tonumber)), not lexically'
|
|
);
|
|
}
|
|
if (!resolveTargetScript.includes('--exclude-drafts')) {
|
|
throw new Error(
|
|
'resolve-release-target.sh must exclude draft stable releases from beta base selection'
|
|
);
|
|
}
|
|
|
|
// --- cli.install-health-check.yml: canary must exercise the failure-prone pinned path ---
|
|
|
|
// The bare no-arg `curl | bash` is asset-aware and self-heals to the previous good release, so
|
|
// the canary must additionally install the newest PUBLISHED release PINNED to actually catch a
|
|
// release shipped with missing assets.
|
|
//
|
|
// It must resolve the newest *published* GitHub release (drafts excluded), NOT `npm view`: npm's
|
|
// latest is bumped minutes before the binary workflow publishes the GitHub release, so pinning to
|
|
// it would 404 during the healthy publish gap and false-page.
|
|
if (installHealthCheck.includes('$(npm view')) {
|
|
throw new Error(
|
|
'cli.install-health-check.yml must not pin to npm (races ahead of the GitHub release)'
|
|
);
|
|
}
|
|
if (!installHealthCheck.includes('gh release list')) {
|
|
throw new Error(
|
|
'cli.install-health-check.yml must resolve the newest published release (drafts excluded)'
|
|
);
|
|
}
|
|
if (!installHealthCheck.includes('--repo "${{ github.repository }}"')) {
|
|
throw new Error('cli.install-health-check.yml must pass repository context to gh release list');
|
|
}
|
|
if (!installHealthCheck.includes('--limit 1000')) {
|
|
throw new Error(
|
|
'cli.install-health-check.yml must look beyond the gh release list default limit'
|
|
);
|
|
}
|
|
if (
|
|
!installHealthCheck.includes('--exclude-drafts') ||
|
|
!installHealthCheck.includes('--exclude-pre-releases')
|
|
) {
|
|
throw new Error(
|
|
'cli.install-health-check.yml must resolve the newest published release (drafts excluded)'
|
|
);
|
|
}
|
|
if (installHealthCheck.includes('.[0].tagName')) {
|
|
throw new Error('cli.install-health-check.yml must not let jq null bypass the empty tag guard');
|
|
}
|
|
if (!installHealthCheck.includes("| sed -n '1p'")) {
|
|
throw new Error(
|
|
'cli.install-health-check.yml must convert no matching release into empty output'
|
|
);
|
|
}
|
|
if (!installHealthCheck.includes('bash -s -- "${{ steps.resolve.outputs.tag }}"')) {
|
|
throw new Error('cli.install-health-check.yml must install the resolved tag via the pinned path');
|
|
}
|
|
|
|
const fakeBin = mkdtempSync(join(tmpdir(), 'composio-release-test-'));
|
|
try {
|
|
const fakePnpmPath = join(fakeBin, 'pnpm');
|
|
writeFileSync(
|
|
fakePnpmPath,
|
|
`#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
case "$*" in
|
|
"run build:packages")
|
|
exit 0
|
|
;;
|
|
"changeset publish")
|
|
echo 'New tag: @composio/core@1.2.3'
|
|
echo 'New tag: @composio/cli@9.9.9'
|
|
echo 'release warning preserved' >&2
|
|
exit 0
|
|
;;
|
|
*)
|
|
echo "unexpected pnpm invocation: $*" >&2
|
|
exit 1
|
|
;;
|
|
esac
|
|
`
|
|
);
|
|
chmodSync(fakePnpmPath, 0o755);
|
|
|
|
const result = spawnSync('bash', [releaseScriptPath], {
|
|
encoding: 'utf8',
|
|
env: { ...process.env, PATH: `${fakeBin}:${process.env.PATH}` },
|
|
});
|
|
|
|
if (result.status !== 0) {
|
|
throw new Error(
|
|
`release script failed unexpectedly\nstdout:\n${result.stdout}\nstderr:\n${result.stderr}`
|
|
);
|
|
}
|
|
|
|
if (!result.stdout.includes('New tag: @composio/core@1.2.3')) {
|
|
throw new Error('release script must preserve non-CLI changeset tags');
|
|
}
|
|
|
|
if (result.stdout.includes('@composio/cli@9.9.9')) {
|
|
throw new Error('release script must hide @composio/cli tags from changesets/action');
|
|
}
|
|
|
|
if (!result.stderr.includes('release warning preserved')) {
|
|
throw new Error('release script must preserve changeset publish stderr');
|
|
}
|
|
} finally {
|
|
rmSync(fakeBin, { recursive: true, force: true });
|
|
}
|
|
|
|
// A core minor release must not force every provider package to 1.0.0 while the
|
|
// provider peer range still accepts the new core version. This protects the
|
|
// @composio/core 0.10.0 → 0.11.0 release train from accidentally promoting
|
|
// provider packages from 0.9.x to 1.0.0.
|
|
{
|
|
const fixtureDir = mkdtempSync(join(tmpdir(), 'composio-changeset-peer-'));
|
|
try {
|
|
mkdirSync(join(fixtureDir, '.changeset'), { recursive: true });
|
|
mkdirSync(join(fixtureDir, 'packages/core'), { recursive: true });
|
|
mkdirSync(join(fixtureDir, 'packages/openai'), { recursive: true });
|
|
|
|
writeFileSync(
|
|
join(fixtureDir, 'package.json'),
|
|
JSON.stringify(
|
|
{
|
|
name: 'changeset-peer-fixture',
|
|
private: true,
|
|
workspaces: ['packages/*'],
|
|
},
|
|
null,
|
|
2
|
|
)
|
|
);
|
|
writeFileSync(
|
|
join(fixtureDir, '.changeset/config.json'),
|
|
JSON.stringify(
|
|
{
|
|
changelog: false,
|
|
commit: false,
|
|
fixed: [],
|
|
linked: [],
|
|
access: 'restricted',
|
|
baseBranch: 'next',
|
|
updateInternalDependencies: 'patch',
|
|
___experimentalUnsafeOptions_WILL_CHANGE_IN_PATCH: {
|
|
onlyUpdatePeerDependentsWhenOutOfRange: true,
|
|
},
|
|
ignore: [],
|
|
},
|
|
null,
|
|
2
|
|
)
|
|
);
|
|
writeFileSync(
|
|
join(fixtureDir, '.changeset/core-minor-provider-patch.md'),
|
|
[
|
|
'---',
|
|
'"@composio/core": minor',
|
|
'"@composio/openai": patch',
|
|
'---',
|
|
'',
|
|
'Release a core minor and a provider patch without forcing a provider major.',
|
|
'',
|
|
].join('\n')
|
|
);
|
|
writeFileSync(
|
|
join(fixtureDir, 'packages/core/package.json'),
|
|
JSON.stringify(
|
|
{
|
|
name: '@composio/core',
|
|
version: '0.10.0',
|
|
},
|
|
null,
|
|
2
|
|
)
|
|
);
|
|
writeFileSync(
|
|
join(fixtureDir, 'packages/openai/package.json'),
|
|
JSON.stringify(
|
|
{
|
|
name: '@composio/openai',
|
|
version: '0.9.2',
|
|
peerDependencies: {
|
|
'@composio/core': '>=0.10.0 <1.0.0',
|
|
},
|
|
devDependencies: {
|
|
'@composio/core': 'workspace:*',
|
|
},
|
|
},
|
|
null,
|
|
2
|
|
)
|
|
);
|
|
|
|
const result = spawnSync(changesetBinPath, ['version'], {
|
|
cwd: fixtureDir,
|
|
encoding: 'utf8',
|
|
env: process.env,
|
|
});
|
|
|
|
if (result.status !== 0) {
|
|
throw new Error(
|
|
`changeset peer-dependent fixture failed\nstdout:\n${result.stdout}\nstderr:\n${result.stderr}`
|
|
);
|
|
}
|
|
|
|
const coreFixturePackage = JSON.parse(
|
|
readFileSync(join(fixtureDir, 'packages/core/package.json'), 'utf8')
|
|
);
|
|
const providerFixturePackage = JSON.parse(
|
|
readFileSync(join(fixtureDir, 'packages/openai/package.json'), 'utf8')
|
|
);
|
|
|
|
if (coreFixturePackage.version !== '0.11.0') {
|
|
throw new Error(`fixture core version should be 0.11.0, got ${coreFixturePackage.version}`);
|
|
}
|
|
if (providerFixturePackage.version !== '0.9.3') {
|
|
throw new Error(
|
|
`fixture provider version should remain on the 0.9.x train as 0.9.3, got ${providerFixturePackage.version}`
|
|
);
|
|
}
|
|
if (providerFixturePackage.peerDependencies['@composio/core'] !== '>=0.10.0 <1.0.0') {
|
|
throw new Error(
|
|
`fixture provider peer range should still accept core 0.11.0 without widening, got ${providerFixturePackage.peerDependencies['@composio/core']}`
|
|
);
|
|
}
|
|
} finally {
|
|
rmSync(fixtureDir, { recursive: true, force: true });
|
|
}
|
|
}
|
|
|
|
// --- resolve-release-target.sh: executable tests for the release-target branching ---
|
|
//
|
|
// The script shells out to `gh` and `curl`; we stub both on PATH and feed fixtures, so these
|
|
// exercise the real branching/version logic (not just substring presence). `jq`/`python3` stay
|
|
// real because the script's correctness depends on them.
|
|
|
|
const FAKE_GH = `#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
if [[ "\${1:-}" == "release" && "\${2:-}" == "list" ]]; then
|
|
shift 2
|
|
jqexpr=""
|
|
exclude_drafts=false
|
|
limit=""
|
|
while [[ \$# -gt 0 ]]; do
|
|
if [[ "\$1" == "--exclude-drafts" ]]; then exclude_drafts=true; shift; continue; fi
|
|
if [[ "\$1" == "--limit" ]]; then limit="\$2"; shift 2; continue; fi
|
|
if [[ "\$1" == "--jq" ]]; then jqexpr="\$2"; shift 2; continue; fi
|
|
shift
|
|
done
|
|
if [[ "\$exclude_drafts" != "true" ]]; then
|
|
echo "release list must pass --exclude-drafts" >&2
|
|
exit 1
|
|
fi
|
|
if [[ "\$limit" != "1000" ]]; then
|
|
echo "release list must pass --limit 1000" >&2
|
|
exit 1
|
|
fi
|
|
jq -r '[.[] | select(.isDraft != true)] | '"\$jqexpr" "\$GH_RELEASES_FIXTURE"
|
|
exit 0
|
|
fi
|
|
if [[ "\${1:-}" == "release" && "\${2:-}" == "view" ]]; then
|
|
# An existing release: echo its isDraft flag. Unset fixture ⇒ exit non-zero (release absent).
|
|
if [[ -n "\${GH_VIEW_ISDRAFT:-}" ]]; then
|
|
echo "\$GH_VIEW_ISDRAFT"
|
|
exit 0
|
|
fi
|
|
exit 1
|
|
fi
|
|
echo "unexpected gh invocation: \$*" >&2
|
|
exit 1
|
|
`;
|
|
|
|
const FAKE_CURL = `#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
cat "\$CURL_FIXTURE"
|
|
`;
|
|
|
|
function parseOutputs(text) {
|
|
const outputs = {};
|
|
for (const line of text.split('\n')) {
|
|
const idx = line.indexOf('=');
|
|
if (idx === -1) continue;
|
|
outputs[line.slice(0, idx)] = line.slice(idx + 1);
|
|
}
|
|
return outputs;
|
|
}
|
|
|
|
function runResolver({ env, releasesFixture, curlFixture, ghViewIsDraft }) {
|
|
const fakeBin = mkdtempSync(join(tmpdir(), 'composio-fakebin-'));
|
|
const workdir = mkdtempSync(join(tmpdir(), 'composio-resolver-'));
|
|
try {
|
|
for (const [name, body] of [
|
|
['gh', FAKE_GH],
|
|
['curl', FAKE_CURL],
|
|
]) {
|
|
const p = join(fakeBin, name);
|
|
writeFileSync(p, body);
|
|
chmodSync(p, 0o755);
|
|
}
|
|
|
|
const outputPath = join(workdir, 'github_output');
|
|
writeFileSync(outputPath, '');
|
|
|
|
const fixtures = {};
|
|
if (releasesFixture !== undefined) {
|
|
const fixturePath = join(workdir, 'releases.json');
|
|
writeFileSync(fixturePath, JSON.stringify(releasesFixture));
|
|
fixtures.GH_RELEASES_FIXTURE = fixturePath;
|
|
}
|
|
if (curlFixture !== undefined) {
|
|
const fixturePath = join(workdir, 'curl.json');
|
|
writeFileSync(fixturePath, JSON.stringify(curlFixture));
|
|
fixtures.CURL_FIXTURE = fixturePath;
|
|
}
|
|
if (ghViewIsDraft !== undefined) fixtures.GH_VIEW_ISDRAFT = ghViewIsDraft;
|
|
|
|
const result = spawnSync('bash', [resolveTargetScriptPath], {
|
|
encoding: 'utf8',
|
|
env: {
|
|
...process.env,
|
|
PATH: `${fakeBin}:${process.env.PATH}`,
|
|
GITHUB_OUTPUT: outputPath,
|
|
...fixtures,
|
|
...env,
|
|
},
|
|
});
|
|
|
|
const output = readFileSync(outputPath, 'utf8');
|
|
return { ...result, output, outputs: parseOutputs(output) };
|
|
} finally {
|
|
rmSync(fakeBin, { recursive: true, force: true });
|
|
rmSync(workdir, { recursive: true, force: true });
|
|
}
|
|
}
|
|
|
|
// build-beta bumps off the NUMERIC-latest stable release. The fixture deliberately interleaves
|
|
// 0.2.10 and 0.2.9: a lexical sort would pick 0.2.9 and resolve 0.2.10 here — regression lock.
|
|
{
|
|
const r = runResolver({
|
|
env: {
|
|
EVENT_NAME: 'workflow_dispatch',
|
|
ACTION_INPUT: 'build-beta',
|
|
REPOSITORY: 'ComposioHQ/composio',
|
|
RUN_NUMBER: '42',
|
|
COMMIT_SHA: 'deadbeef',
|
|
},
|
|
releasesFixture: [
|
|
{ tagName: '@composio/cli@0.2.2', isPrerelease: false },
|
|
{ tagName: '@composio/cli@0.2.10', isPrerelease: false },
|
|
{ tagName: '@composio/cli@0.2.9', isPrerelease: false },
|
|
// Draft stables must not become the base for rolling betas.
|
|
{ tagName: '@composio/cli@0.2.11', isPrerelease: false, isDraft: true },
|
|
{ tagName: '@composio/cli@0.3.0-beta.1', isPrerelease: true },
|
|
],
|
|
});
|
|
if (r.status !== 0) {
|
|
throw new Error(`resolve-release-target.sh build-beta failed\nstderr:\n${r.stderr}`);
|
|
}
|
|
if (r.outputs.release_version !== '0.2.11') {
|
|
throw new Error(
|
|
`build-beta must bump off the numeric-latest stable (0.2.10 → 0.2.11), got release_version=${r.outputs.release_version}. A lexical sort would regress.`
|
|
);
|
|
}
|
|
if (r.outputs.release_tag !== '@composio/cli@0.2.11-beta.42') {
|
|
throw new Error(`build-beta release_tag wrong: ${r.outputs.release_tag}`);
|
|
}
|
|
if (r.outputs.prerelease !== 'true' || r.outputs.make_latest !== 'false') {
|
|
throw new Error('build-beta must emit prerelease=true and make_latest=false');
|
|
}
|
|
}
|
|
|
|
// promote-stable must REFUSE a tag that is already published (isDraft=false) and emit nothing.
|
|
{
|
|
const r = runResolver({
|
|
env: {
|
|
EVENT_NAME: 'workflow_dispatch',
|
|
ACTION_INPUT: 'promote-stable',
|
|
BETA_TAG_INPUT: '@composio/cli@0.3.0-beta.5',
|
|
GITHUB_TOKEN: 'fake-token',
|
|
REPOSITORY: 'ComposioHQ/composio',
|
|
RUN_NUMBER: '1',
|
|
COMMIT_SHA: 'unused',
|
|
},
|
|
curlFixture: { prerelease: true, target_commitish: 'abc123' },
|
|
ghViewIsDraft: 'false',
|
|
});
|
|
if (r.status === 0) {
|
|
throw new Error('promote-stable must refuse an already-published stable tag');
|
|
}
|
|
if (!r.stderr.includes('already published')) {
|
|
throw new Error(`promote-stable refusal must explain itself\nstderr:\n${r.stderr}`);
|
|
}
|
|
if (r.output.trim() !== '') {
|
|
throw new Error('a refused promotion must not emit release outputs');
|
|
}
|
|
}
|
|
|
|
// promote-stable happy path: no existing release ⇒ emit a stable target off the beta's commitish.
|
|
{
|
|
const r = runResolver({
|
|
env: {
|
|
EVENT_NAME: 'workflow_dispatch',
|
|
ACTION_INPUT: 'promote-stable',
|
|
BETA_TAG_INPUT: '@composio/cli@0.3.0-beta.5',
|
|
GITHUB_TOKEN: 'fake-token',
|
|
REPOSITORY: 'ComposioHQ/composio',
|
|
RUN_NUMBER: '1',
|
|
COMMIT_SHA: 'unused',
|
|
},
|
|
curlFixture: { prerelease: true, target_commitish: 'abc123' },
|
|
// ghViewIsDraft unset ⇒ `gh release view` exits non-zero ⇒ no existing release to refuse.
|
|
});
|
|
if (r.status !== 0) {
|
|
throw new Error(`resolve-release-target.sh promote-stable failed\nstderr:\n${r.stderr}`);
|
|
}
|
|
if (r.outputs.release_tag !== '@composio/cli@0.3.0' || r.outputs.release_version !== '0.3.0') {
|
|
throw new Error(`promote-stable must strip the -beta suffix, got ${r.outputs.release_tag}`);
|
|
}
|
|
if (r.outputs.prerelease !== 'false' || r.outputs.make_latest !== 'true') {
|
|
throw new Error('promote-stable must emit prerelease=false and make_latest=true');
|
|
}
|
|
if (r.outputs.checkout_ref !== 'abc123') {
|
|
throw new Error(
|
|
`promote-stable must check out the beta's target_commitish, got ${r.outputs.checkout_ref}`
|
|
);
|
|
}
|
|
}
|
|
|
|
console.log('release workflow test passed');
|