vrr/Pulse
2
0
Fork 0
mirror of https://github.com/rcourtman/Pulse.git synced 2026-05-06 16:16:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
Pulse/.github/workflows
History
rcourtman 58ad221d47 Add governed v6 preview demo targets
2026-04-10 10:53:17 +01:00
..
build-and-test.yml feat: Pulse v6 release 2026-03-18 16:06:30 +00:00
canonical-governance.yml feat: Pulse v6 release 2026-03-18 16:06:30 +00:00
close-needs-retest-timeout.yml Improve issue triage with version-aware automation 2026-02-08 19:28:24 +00:00
create-release.yml Add governed v6 preview demo targets 2026-04-10 10:53:17 +01:00
deploy-demo-server.yml Add governed v6 preview demo targets 2026-04-10 10:53:17 +01:00
eval-model-matrix.yml docs: update AI evaluation matrix and approval workflow documentation 2026-01-30 19:00:40 +00:00
helm-ci.yml Add Helm chart tooling, CI, and release packaging 2025-10-18 11:50:57 +00:00
helm-pages.yml fix(deploy): pin docs links to release refs 2026-03-28 21:32:11 +00:00
issue-version-triage.yml feat: Pulse v6 release 2026-03-18 16:06:30 +00:00
promote-floating-tags.yml Rename promotion RC wording to prerelease 2026-03-25 11:08:05 +00:00
publish-docker.yml Rename promotion RC wording to prerelease 2026-03-25 11:08:05 +00:00
publish-helm-chart.yml fix(deploy): pin docs links to release refs 2026-03-28 21:32:11 +00:00
README.md Add governed v6 preview demo targets 2026-04-10 10:53:17 +01:00
release-dry-run.yml fix(release): require explicit rollback targets in workflows 2026-03-26 13:03:24 +00:00
repo-boundary-audit.yml feat: Pulse v6 release 2026-03-18 16:06:30 +00:00
test-e2e.yml feat: Pulse v6 release 2026-03-18 16:06:30 +00:00
test-updates.yml revert: remove dual-key license verification 2026-02-03 21:29:21 +00:00
update-demo-server.yml Add governed v6 preview demo targets 2026-04-10 10:53:17 +01:00
validate-release-assets.yml Ensure release validation handles published edits (related to #669) 2025-11-12 17:33:30 +00:00

README.md

GitHub Actions Workflows

Update Demo Server

File: update-demo-server.yml

Automatically updates the governed demo target after a release is published. Stable releases update the stable public demo. Prerelease tags update the separate v6 preview demo.

Configuration Required

Create two GitHub Environments:

  1. demo-stable
  2. demo-preview-v6

Each environment must define the same secret names so the workflow can select the target by environment instead of hardcoding separate workflows.

Required environment secrets:

  1. DEMO_SERVER_SSH_KEY

    • The private SSH key for accessing the demo server
    • Generate with: cat ~/.ssh/id_ed25519 (or your key file)
    • Should be the full private key including -----BEGIN and -----END lines

  2. DEMO_SERVER_HOST

    • The hostname or IP of the demo server

  3. DEMO_SERVER_USER

    • The SSH username for the demo server (e.g. root or a deploy user with sudo access)

Required environment variables:

  1. DEMO_LOCAL_BASE_URL

    • Local URL used on the target host for version and mock-mode verification
    • Example stable value: http://localhost:7655
    • Example preview value: http://localhost:8665

  2. DEMO_PUBLIC_HEALTH_URL

    • Public health endpoint for the selected demo target
    • Example stable value: https://demo.pulserelay.pro/api/health
    • Example preview value: https://v6-demo.pulserelay.pro/api/health

Optional environment variables:

  1. DEMO_SERVICE_NAME

    • Stable default: pulse
    • Preview example: pulse-v6-preview
    • When set, the server installer derives the instance-specific install dir, config dir, update helper, and update timer from this service identity.

  2. DEMO_AUTH_USER / DEMO_AUTH_PASS

    • Demo credentials used for post-update mock verification
    • Defaults to demo / demo when omitted

How It Works

  1. Trigger: Runs automatically when a GitHub release is published
  2. Target selection: Stable tags deploy to demo-stable; prerelease tags deploy to demo-preview-v6
  3. Governance check: Validates the selected tag is reachable from the governed release branch for that version
  4. Latest check: Refuses to update a target unless the published tag is the latest release for that target channel
  5. Update: SSHs to the selected demo host and runs the tag-matched root installer from that exact git tag
  6. Verify: Checks that the new version is running and mock mode is active
  7. Cleanup: Removes SSH key from runner

Testing

To test without publishing a release:

  1. Go to Actions tab in GitHub
  2. Select Update Demo Server workflow
  3. Provide a tag and choose stable, preview-v6, or auto

Benefits

  • Stable and preview demos stay on separate governed targets
  • Prereleases no longer require a stable demo overwrite or a manual skip
  • Validates the real server installer path on the selected target
  • Removes release-operator guesswork about which demo should move

Preview Bootstrap Note

The preview environment must be bootstrapped once on the host before the update workflow can keep it current. The supported path is a separate service identity such as pulse-v6-preview plus a separate public route such as v6-demo.pulserelay.pro; do not reuse the stable pulse.service instance.

Deploy Demo Server

File: deploy-demo-server.yml

Manually deploys the current branch build to either the stable or preview demo environment without changing the governed release workflow.

  • Uses the same demo-stable / demo-preview-v6 environment contract as the release-driven updater
  • Requires DEMO_PUBLIC_HEALTH_URL
  • Supports optional DEMO_SERVICE_NAME, DEMO_INSTALL_DIR, DEMO_TEST_PORT, DEMO_AUTH_USER, and DEMO_AUTH_PASS
  • Assumes the target service and install directory already exist on the host

Helm CI

File: helm-ci.yml

Runs helm lint --strict and renders the chart with common configuration combinations on every pull request that touches Helm content (and on pushes to main). This prevents regressions before they land.

  • Triggered by PRs/pushes touching deploy/helm/**, docs, or the workflow itself
  • Uses Helm v3.15.2
  • Renders both the default deployment and an agent-enabled configuration to catch template issues

Publish Helm Chart

File: publish-helm-chart.yml

Packages the Helm chart and pushes it to the GitHub Container Registry (OCI) whenever a GitHub Release is published. Also makes the packaged .tgz available as both an Actions artifact and a release asset. The same behaviour can be triggered locally via ./scripts/package-helm-chart.sh <version> [--push].

  • Triggered automatically on release: published, or manually via workflow dispatch (requires chart_version input)
  • Chart and app versions mirror the Pulse release tag (e.g., v4.24.04.24.0)
  • Publishes to oci://ghcr.io/<owner>/pulse-chart
  • Requires no additional secrets—uses the built-in GITHUB_TOKEN with packages: write permission