beads/.github/workflows/release.yml

name: Release

on:
  push:
    tags:
      - 'v*'

concurrency:
  group: release-${{ github.ref }}
  cancel-in-progress: false

permissions:
  contents: write

jobs:
  goreleaser:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v6
        with:
          fetch-depth: 0

      - name: Set up Go
        uses: actions/setup-go@v5
        with:
          go-version: '1.23'

      - name: Install cross-compilation toolchains
        run: |
          sudo apt-get update
          sudo apt-get install -y gcc-mingw-w64-x86-64 gcc-aarch64-linux-gnu

      - name: Run GoReleaser
        uses: goreleaser/goreleaser-action@v6
        with:
          distribution: goreleaser
          version: '~> v2'
          args: release --clean
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  publish-pypi:
    runs-on: ubuntu-latest
    needs: goreleaser
    if: always()  # Run even if goreleaser fails
    steps:
      - name: Checkout
        uses: actions/checkout@v6

      - name: Set up Python
        uses: actions/setup-python@v5
        with:
          python-version: '3.11'

      - name: Install uv
        run: pip install uv

      - name: Build package
        run: |
          cd integrations/beads-mcp
          uv build

      - name: Publish to PyPI
        env:
          TWINE_USERNAME: __token__
          TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
        run: |
          cd integrations/beads-mcp
          uv tool run twine upload dist/*

  publish-npm:
    runs-on: ubuntu-latest
    needs: goreleaser
    steps:
      - name: Checkout
        uses: actions/checkout@v6

      - name: Set up Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '20'
          registry-url: 'https://registry.npmjs.org'

      - name: Publish to npm
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
        run: |
          if [ -z "$NODE_AUTH_TOKEN" ]; then
            echo "::warning::NPM_TOKEN not set - skipping npm publish"
            echo "To enable automatic npm publishing:"
            echo "1. Create an npm access token with publish permissions"
            echo "2. Add it as NPM_TOKEN in repository secrets"
            exit 0
          fi

          cd npm-package
          npm publish --access public

  update-homebrew:
    runs-on: ubuntu-latest
    needs: goreleaser
    steps:
      - name: Checkout
        uses: actions/checkout@v6
        with:
          fetch-depth: 0

      - name: Get release info
        id: release
        run: |
          TAG="${GITHUB_REF#refs/tags/}"
          echo "tag=${TAG}" >> $GITHUB_OUTPUT
          echo "version=${TAG#v}" >> $GITHUB_OUTPUT

      - name: Download checksums
        run: |
          curl -sL "https://github.com/steveyegge/beads/releases/download/${{ steps.release.outputs.tag }}/checksums.txt" -o checksums.txt

      - name: Extract checksums
        id: checksums
        run: |
          echo "darwin_amd64=$(grep 'darwin_amd64.tar.gz' checksums.txt | awk '{print $1}')" >> $GITHUB_OUTPUT
          echo "darwin_arm64=$(grep 'darwin_arm64.tar.gz' checksums.txt | awk '{print $1}')" >> $GITHUB_OUTPUT
          echo "linux_amd64=$(grep 'linux_amd64.tar.gz' checksums.txt | awk '{print $1}')" >> $GITHUB_OUTPUT
          echo "linux_arm64=$(grep 'linux_arm64.tar.gz' checksums.txt | awk '{print $1}')" >> $GITHUB_OUTPUT

      - name: Update Homebrew formula
        run: |
          mkdir -p Formula
          cat > Formula/bd.rb <<'EOF'
          class Bd < Formula
            desc "AI-supervised issue tracker for coding workflows"
            homepage "https://github.com/steveyegge/beads"
            version "${{ steps.release.outputs.version }}"
            license "MIT"

            on_macos do
              if Hardware::CPU.arm?
                url "https://github.com/steveyegge/beads/releases/download/v#{version}/beads_#{version}_darwin_arm64.tar.gz"
                sha256 "${{ steps.checksums.outputs.darwin_arm64 }}"
              else
                url "https://github.com/steveyegge/beads/releases/download/v#{version}/beads_#{version}_darwin_amd64.tar.gz"
                sha256 "${{ steps.checksums.outputs.darwin_amd64 }}"
              end
            end

            on_linux do
              if Hardware::CPU.arm? && Hardware::CPU.is_64_bit?
                url "https://github.com/steveyegge/beads/releases/download/v#{version}/beads_#{version}_linux_arm64.tar.gz"
                sha256 "${{ steps.checksums.outputs.linux_arm64 }}"
              else
                url "https://github.com/steveyegge/beads/releases/download/v#{version}/beads_#{version}_linux_amd64.tar.gz"
                sha256 "${{ steps.checksums.outputs.linux_amd64 }}"
              end
            end

            def install
              bin.install "bd"
            end

            test do
              system "#{bin}/bd", "version"
            end
          end
          EOF

      - name: Push to homebrew-beads
        env:
          HOMEBREW_TAP_TOKEN: ${{ secrets.HOMEBREW_TAP_TOKEN }}
        run: |
          if [ -z "$HOMEBREW_TAP_TOKEN" ]; then
            echo "::warning::HOMEBREW_TAP_TOKEN not set - skipping Homebrew update"
            echo "To enable automatic Homebrew updates:"
            echo "1. Create a Personal Access Token with 'repo' scope"
            echo "2. Add it as HOMEBREW_TAP_TOKEN in repository secrets"
            exit 0
          fi

          git clone "https://x-access-token:${HOMEBREW_TAP_TOKEN}@github.com/steveyegge/homebrew-beads.git" tap
          cp Formula/bd.rb tap/Formula/bd.rb
          cd tap
          git config user.name "github-actions[bot]"
          git config user.email "github-actions[bot]@users.noreply.github.com"
          git add Formula/bd.rb
          git commit -m "Update bd to ${{ steps.release.outputs.version }}"
          git push