dgf1988/codewhale
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
360438f0c9a2e400031a7efd558edd68cf03709e
codewhale/.github/workflows/release.yml
T
Hunter Bown b31b93aaae v0.8.19: endpoint, release workflow, IME + viewport fixes (#1128) 
* fix(config): keep DeepSeek beta endpoint for legacy cn alias

* fix(ci): filter download-artifact to deepseek* pattern

Prevents the release aggregation job from picking up non-binary
artifacts (e.g. Docker .dockerbuild cache layers) that cause the
checksum manifest to include spurious entries and the Release to
carry files it shouldn't.

* fix(tui): enable focus events to restore IME after app-switch

On macOS, switching away (Cmd+Tab) and back suspends the IME compositor.
Without focus-event handling, the TUI never signals readiness to the
terminal, so CJK input methods (Pinyin, Zhuyin, etc.) stop working.

- EnableFocusChange on startup so the terminal reports FocusGained/FocusLost
- Re-push KeyboardEnhancementFlags on FocusGained (some terminals reset
  the enhanced keyboard mode on focus-loss)
- DisableFocusChange on shutdown for clean terminal handoff

* chore: cargo fmt

* docs: add DataWhale and DeepSeek to acknowledgments

* docs: fix DeepSeek name etymology in acknowledgments

* fix(tui): recapture viewport on focus restore

* docs: thank DeepSeek and DataWhale bilingually
2026-05-07 23:05:39 -05:00

334 lines
12 KiB
YAML
Raw Blame History

name: Release
on:
push:
tags: ['v*']
workflow_dispatch:
inputs:
version:
description: 'Package/release version to publish to npm, without the leading v'
required: true
type: string
env:
CARGO_TERM_COLOR: always
RUSTFLAGS: -Dwarnings
jobs:
parity:
if: github.event_name == 'push'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
with:
components: clippy, rustfmt
- name: Install Linux system dependencies
if: runner.os == 'Linux'
run: |
for i in 1 2 3 4 5; do
sudo apt-get update && break
echo "apt-get update failed (attempt $i); retrying in 15s"
sleep 15
done
sudo apt-get install -y libdbus-1-dev pkg-config
- uses: Swatinem/rust-cache@v2
- name: Format check
run: cargo fmt --all -- --check
- name: Compile check
run: cargo check --workspace --all-targets --locked
- name: Clippy
run: cargo clippy --workspace --all-targets --all-features --locked -- -D warnings
- name: Workspace tests
run: cargo test --workspace --all-features --locked
- name: TUI snapshot parity
run: cargo test -p deepseek-tui-core --test snapshot --locked
- name: Protocol schema parity
run: cargo test -p deepseek-protocol --test parity_protocol --locked
- name: State persistence parity
run: cargo test -p deepseek-state --test parity_state --locked
- name: Lockfile drift guard
run: git diff --exit-code -- Cargo.lock
resolve:
runs-on: ubuntu-latest
outputs:
tag: ${{ steps.release.outputs.tag }}
source_ref: ${{ steps.release.outputs.source_ref }}
sha: ${{ steps.release.outputs.sha }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Resolve release source
id: release
shell: bash
run: |
if [ "${GITHUB_EVENT_NAME}" = "workflow_dispatch" ]; then
tag="v${{ inputs.version }}"
git fetch --force origin "refs/tags/${tag}:refs/tags/${tag}"
sha="$(git rev-list -n 1 "${tag}")"
source_ref="${tag}"
else
tag="${GITHUB_REF_NAME}"
sha="${GITHUB_SHA}"
source_ref="${GITHUB_REF_NAME}"
fi
if [ -z "${sha}" ]; then
echo "Unable to resolve release source for ${tag}" >&2
exit 1
fi
echo "tag=${tag}" >> "$GITHUB_OUTPUT"
echo "source_ref=${source_ref}" >> "$GITHUB_OUTPUT"
echo "sha=${sha}" >> "$GITHUB_OUTPUT"
build:
needs: [parity, resolve]
# `parity` is gated to tag-push events. On manual `workflow_dispatch`,
# parity is skipped, so let `build` proceed when parity either succeeded
# or was skipped — but never when it actually failed or the run was
# cancelled. Operators using dispatch are expected to have already run
# the same gates locally / via ci.yml on `main`.
if: ${{ !cancelled() && (needs.parity.result == 'success' || needs.parity.result == 'skipped') }}
strategy:
matrix:
include:
# --- deepseek (cli) ---
- os: ubuntu-latest
target: x86_64-unknown-linux-gnu
binary: deepseek
artifact_name: deepseek-linux-x64
- os: ubuntu-24.04-arm
target: aarch64-unknown-linux-gnu
binary: deepseek
artifact_name: deepseek-linux-arm64
- os: macos-latest
target: x86_64-apple-darwin
binary: deepseek
artifact_name: deepseek-macos-x64
- os: macos-latest
target: aarch64-apple-darwin
binary: deepseek
artifact_name: deepseek-macos-arm64
- os: windows-latest
target: x86_64-pc-windows-msvc
binary: deepseek.exe
artifact_name: deepseek-windows-x64.exe
# --- deepseek-tui (TUI) ---
- os: ubuntu-latest
target: x86_64-unknown-linux-gnu
binary: deepseek-tui
artifact_name: deepseek-tui-linux-x64
- os: ubuntu-24.04-arm
target: aarch64-unknown-linux-gnu
binary: deepseek-tui
artifact_name: deepseek-tui-linux-arm64
- os: macos-latest
target: x86_64-apple-darwin
binary: deepseek-tui
artifact_name: deepseek-tui-macos-x64
- os: macos-latest
target: aarch64-apple-darwin
binary: deepseek-tui
artifact_name: deepseek-tui-macos-arm64
- os: windows-latest
target: x86_64-pc-windows-msvc
binary: deepseek-tui.exe
artifact_name: deepseek-tui-windows-x64.exe
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ needs.resolve.outputs.source_ref }}
- uses: dtolnay/rust-toolchain@stable
with:
targets: ${{ matrix.target }}
- uses: Swatinem/rust-cache@v2
- name: Install Linux system dependencies
if: runner.os == 'Linux'
run: |
for i in 1 2 3 4 5; do
sudo apt-get update && break
echo "apt-get update failed (attempt $i); retrying in 15s"
sleep 15
done
sudo apt-get install -y libdbus-1-dev pkg-config
- name: Build
shell: bash
env:
DEEPSEEK_BUILD_SHA: ${{ needs.resolve.outputs.sha }}
run: cargo build --release --locked --target ${{ matrix.target }}
- name: Rename binary
shell: bash
run: |
BIN_PATH="target/${{ matrix.target }}/release/${{ matrix.binary }}"
if [ ! -f "${BIN_PATH}" ]; then
echo "Binary not at ${BIN_PATH}; searching target/ for ${{ matrix.binary }}:"
find target -name "${{ matrix.binary }}" -type f
exit 1
fi
cp "${BIN_PATH}" "${{ matrix.artifact_name }}"
- uses: actions/upload-artifact@v4
with:
name: ${{ matrix.artifact_name }}
path: ${{ matrix.artifact_name }}
docker:
needs: [build, resolve]
if: ${{ !cancelled() && needs.build.result == 'success' }}
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout release source
uses: actions/checkout@v4
with:
ref: ${{ needs.resolve.outputs.source_ref }}
path: source
- name: Checkout release infrastructure
uses: actions/checkout@v4
with:
path: infra
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Normalize image name
id: image
shell: bash
run: echo "name=ghcr.io/${GITHUB_REPOSITORY,,}" >> "$GITHUB_OUTPUT"
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ steps.image.outputs.name }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern=v{{major}}
type=ref,event=tag
type=semver,pattern={{version}},value=${{ needs.resolve.outputs.tag }},enable=${{ github.event_name == 'workflow_dispatch' }}
type=semver,pattern={{major}}.{{minor}},value=${{ needs.resolve.outputs.tag }},enable=${{ github.event_name == 'workflow_dispatch' }}
type=semver,pattern=v{{major}},value=${{ needs.resolve.outputs.tag }},enable=${{ github.event_name == 'workflow_dispatch' }}
type=raw,value=${{ inputs.version }},enable=${{ github.event_name == 'workflow_dispatch' }}
type=raw,value=v${{ inputs.version }},enable=${{ github.event_name == 'workflow_dispatch' }}
type=raw,value=latest
- name: Build and push
uses: docker/build-push-action@v6
with:
context: source
file: infra/Dockerfile
platforms: linux/amd64,linux/arm64
push: true
build-args: |
DEEPSEEK_BUILD_SHA=${{ needs.resolve.outputs.sha }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
release:
needs: [build, docker, resolve]
if: ${{ !cancelled() && needs.build.result == 'success' && needs.docker.result == 'success' }}
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/download-artifact@v4
with:
path: artifacts
pattern: deepseek*
- name: List artifacts
run: find artifacts -type f
- name: Generate checksum manifest
shell: bash
run: |
mkdir -p artifacts/checksums
manifest="artifacts/checksums/deepseek-artifacts-sha256.txt"
: > "${manifest}"
while IFS= read -r -d '' file; do
hash="$(sha256sum "${file}" | awk '{print $1}')"
base="$(basename "${file}")"
printf '%s %s\n' "${hash}" "${base}" >> "${manifest}"
done < <(find artifacts -type f ! -path 'artifacts/checksums/*' -print0 | sort -z)
cat "${manifest}"
- uses: softprops/action-gh-release@v1
with:
tag_name: ${{ needs.resolve.outputs.tag }}
files: artifacts/*/*
prerelease: false
body: |
## Install
### Recommended — npm (one command, both binaries)
```bash
npm install -g deepseek-tui
```
The wrapper downloads both binaries from this Release and places them in the same directory.
### Docker / GHCR
```bash
docker run --rm -it \
-e DEEPSEEK_API_KEY="$DEEPSEEK_API_KEY" \
-v ~/.deepseek:/home/deepseek/.deepseek \
ghcr.io/hmbown/deepseek-tui:${{ needs.resolve.outputs.tag }}
```
The image ships the `deepseek` dispatcher and `deepseek-tui` runtime. The `latest` tag is also updated on release.
### Cargo (Linux / macOS)
```bash
cargo install deepseek-tui-cli deepseek-tui --locked
```
Both crates are required — `deepseek-tui-cli` produces the `deepseek` dispatcher and `deepseek-tui` produces the interactive runtime that the dispatcher delegates to. Installing only one binary will fail at runtime with a `MISSING_COMPANION_BINARY` error.
### Manual download
**Both** binaries below must be downloaded for your platform and dropped into the same directory (e.g. `~/.local/bin/`):
| Platform | Dispatcher | TUI runtime |
|---|---|---|
| Linux x64 | `deepseek-linux-x64` | `deepseek-tui-linux-x64` |
| Linux ARM64 | `deepseek-linux-arm64` | `deepseek-tui-linux-arm64` |
| macOS x64 | `deepseek-macos-x64` | `deepseek-tui-macos-x64` |
| macOS ARM | `deepseek-macos-arm64` | `deepseek-tui-macos-arm64` |
| Windows x64 | `deepseek-windows-x64.exe` | `deepseek-tui-windows-x64.exe` |
Then `chmod +x` both (Unix) and run `./deepseek`.
### Verify (recommended)
Download `deepseek-artifacts-sha256.txt` from this Release and verify:
```bash
# Linux
sha256sum -c deepseek-artifacts-sha256.txt
# macOS
shasum -a 256 -c deepseek-artifacts-sha256.txt
```
## Changelog
See [CHANGELOG.md](https://github.com/Hmbown/DeepSeek-TUI/blob/main/CHANGELOG.md) for the full notes for this release.
# npm publish is intentionally not automated. The npm account requires 2FA OTP
# on every publish, and a granular automation token that bypasses 2FA has not
# been provisioned. Release the npm wrapper manually from a developer machine
# after the GitHub Release has been created — see CLAUDE.md "Releases" for the
# exact commands.
Reference in New Issue View Git Blame Copy Permalink