claude-skill-registry/.github/workflows/publish-from-core.yml at 1c0733d89ceb1643c087877bd4212e105a3e25ed · majiayu000/claude-skill-registry · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
name: Publish Merged Artifact (From Core)

on:
  repository_dispatch:
    types: [publish_from_core]
  workflow_dispatch:
    inputs:
      core_repo:
        description: Core repository (owner/name)
        required: false
        default: majiayu000/claude-skill-registry-core
      core_sha:
        description: Core commit SHA
        required: true
      data_repo:
        description: Data repository (owner/name)
        required: false
        default: ""
      data_sha:
        description: Data commit SHA
        required: true

permissions:
  contents: write

concurrency:
  group: publish-main-artifact
  cancel-in-progress: false

jobs:
  publish:
    runs-on: ubuntu-latest
    steps:
      - name: Resolve publish refs
        id: refs
        env:
          PAYLOAD_CORE_REPO: ${{ github.event.client_payload.core_repo }}
          PAYLOAD_CORE_SHA: ${{ github.event.client_payload.core_sha }}
          PAYLOAD_DATA_REPO: ${{ github.event.client_payload.data_repo }}
          PAYLOAD_DATA_SHA: ${{ github.event.client_payload.data_sha }}
          INPUT_CORE_REPO: ${{ github.event.inputs.core_repo }}
          INPUT_CORE_SHA: ${{ github.event.inputs.core_sha }}
          INPUT_DATA_REPO: ${{ github.event.inputs.data_repo }}
          INPUT_DATA_SHA: ${{ github.event.inputs.data_sha }}
          DEFAULT_DATA_REPO: ${{ vars.REGISTRY_DATA_REPO }}
        run: |
          core_repo="${PAYLOAD_CORE_REPO:-$INPUT_CORE_REPO}"
          core_sha="${PAYLOAD_CORE_SHA:-$INPUT_CORE_SHA}"
          data_repo="${PAYLOAD_DATA_REPO:-$INPUT_DATA_REPO}"
          data_sha="${PAYLOAD_DATA_SHA:-$INPUT_DATA_SHA}"

          if [ -z "$data_repo" ]; then
            data_repo="$DEFAULT_DATA_REPO"
          fi

          if [ -z "$core_repo" ] || [ -z "$core_sha" ] || [ -z "$data_repo" ] || [ -z "$data_sha" ]; then
            echo "Missing required publish refs."
            echo "core_repo=$core_repo"
            echo "core_sha=$core_sha"
            echo "data_repo=$data_repo"
            echo "data_sha=$data_sha"
            exit 1
          fi

          echo "core_repo=$core_repo" >> "$GITHUB_OUTPUT"
          echo "core_sha=$core_sha" >> "$GITHUB_OUTPUT"
          echo "data_repo=$data_repo" >> "$GITHUB_OUTPUT"
          echo "data_sha=$data_sha" >> "$GITHUB_OUTPUT"

      - name: Checkout main
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Checkout pinned core
        uses: actions/checkout@v4
        with:
          repository: ${{ steps.refs.outputs.core_repo }}
          ref: ${{ steps.refs.outputs.core_sha }}
          token: ${{ secrets.MAIN_REPO_TOKEN != '' && secrets.MAIN_REPO_TOKEN || github.token }}
          path: _sources/core
          fetch-depth: 1

      - name: Checkout pinned data
        uses: actions/checkout@v4
        with:
          repository: ${{ steps.refs.outputs.data_repo }}
          ref: ${{ steps.refs.outputs.data_sha }}
          token: ${{ secrets.DATA_REPO_TOKEN != '' && secrets.DATA_REPO_TOKEN || github.token }}
          path: _sources/data
          fetch-depth: 1

      - name: Move source repos to temp dirs
        id: srcpaths
        run: |
          CORE_DIR="$RUNNER_TEMP/publish-core"
          DATA_DIR="$RUNNER_TEMP/publish-data"
          rm -rf "$CORE_DIR" "$DATA_DIR"
          mv _sources/core "$CORE_DIR"
          mv _sources/data "$DATA_DIR"
          rm -rf _sources
          echo "core_dir=$CORE_DIR" >> "$GITHUB_OUTPUT"
          echo "data_dir=$DATA_DIR" >> "$GITHUB_OUTPUT"

      - name: Rebuild main from pinned refs
        run: |
          bash "${{ steps.srcpaths.outputs.core_dir }}/scripts/sync_main_repo.sh" \
            --core "${{ steps.srcpaths.outputs.core_dir }}" \
            --data "${{ steps.srcpaths.outputs.data_dir }}" \
            --main "$GITHUB_WORKSPACE"

      - name: Write provenance manifest
        run: |
          mkdir -p provenance
          cat > provenance/merge-source.json <<EOF
          {
            "generated_at": "$(date -u +%Y-%m-%dT%H:%M:%SZ)",
            "core_repo": "${{ steps.refs.outputs.core_repo }}",
            "core_sha": "${{ steps.refs.outputs.core_sha }}",
            "data_repo": "${{ steps.refs.outputs.data_repo }}",
            "data_sha": "${{ steps.refs.outputs.data_sha }}"
          }
          EOF

      - name: Commit and push publish result
        env:
          CORE_SHA: ${{ steps.refs.outputs.core_sha }}
          DATA_SHA: ${{ steps.refs.outputs.data_sha }}
        run: |
          git config --local user.email "github-actions[bot]@users.noreply.github.com"
          git config --local user.name "github-actions[bot]"

          git add -A
          if git diff --staged --quiet; then
            echo "No main artifact changes"
            exit 0
          fi

          git commit -m "chore: publish merged artifact core@${CORE_SHA:0:12} data@${DATA_SHA:0:12}"
          for attempt in 1 2 3; do
            if git push; then
              echo "Push succeeded on attempt $attempt"
              exit 0
            fi
            if [ "$attempt" -lt 3 ]; then
              wait_time=$((attempt * 20))
              echo "Push failed (attempt $attempt). Retrying in ${wait_time}s..."
              sleep "$wait_time"
            fi
          done
          echo "Push failed after 3 attempts."
          exit 1