openclaw/kitchen-sink
openclaw/kitchen-sink
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases 6 Wiki Activity

ci: enable ClawHub release publishing

Browse Source
This commit is contained in:
Patrick Erichsen 2026-04-28 18:51:55 -07:00
parent 5f5e94fc01
commit 5cac655a1b
3 changed files with 3 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/release.yml vendored
View File

@ -148,8 +148,6 @@ jobs:
npm publish "./release-artifacts/${{ needs.validate.outputs.tarball_name }}" --access public --tag "${{ needs.validate.outputs.npm_tag }}"
publish-clawhub:
# Disabled until the kitchen-sink package exists in the ClawHub org/registry.
if: ${{ false }}
needs: validate
permissions:
contents: read

2
AGENTS.md
View File

@ -8,7 +8,7 @@ Work from repo root. Keep changes small and commit/push them to `main` when aske
- Trusted publisher: GitHub Actions, repository `openclaw/kitchen-sink`, workflow `release.yml`.
- Do not publish npm releases locally. Cut releases by bumping `package.json`/`package-lock.json`, syncing generated surface files, pushing `main`, creating an annotated `vX.Y.Z` tag, pushing the tag, then publishing the GitHub release with `gh release create vX.Y.Z --verify-tag --generate-notes --title vX.Y.Z`.
- The `release.yml` workflow owns npm publishing through OIDC trusted publishing. Keep `permissions.id-token: write`; do not add `NODE_AUTH_TOKEN` or long-lived npm token secrets for publish.
- ClawHub release publishing is intentionally disabled until the ClawHub package/org setup exists. Keep dry-run CI wired, but do not enable real ClawHub publish without credentials and registry ownership being ready.
- ClawHub release publishing is enabled through the canonical reusable ClawHub workflow. Keep `permissions.id-token: write` and continue passing the `CLAWHUB_TOKEN` secret for release publishes.
## Validation

5
README.md
View File

@ -94,6 +94,5 @@ not replace the stable `latest` tag.
Pull requests run a ClawHub package-publish dry run through the canonical
`openclaw/clawhub` reusable workflow on `main`, so the fixture tests the current
ClawHub publishing path instead of a vendored copy. Release publishing is wired
the same way, but remains disabled until the ClawHub org/package ownership for
this fixture is set up.
ClawHub publishing path instead of a vendored copy. Releases publish to ClawHub
through the same canonical workflow after validation.