From e0658b03fba47895cf85a754c2655e45766ba1c6 Mon Sep 17 00:00:00 2001 From: Luohao Wang Date: Mon, 23 Feb 2026 22:13:59 +0800 Subject: [PATCH 1/6] ci: add release workflow to build and upload conda variants --- .github/workflows/conda-release-upload.yml | 68 ++++++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 .github/workflows/conda-release-upload.yml diff --git a/.github/workflows/conda-release-upload.yml b/.github/workflows/conda-release-upload.yml new file mode 100644 index 0000000..6602a04 --- /dev/null +++ b/.github/workflows/conda-release-upload.yml @@ -0,0 +1,68 @@ +name: Conda Release Upload + +on: + release: + types: + - published + workflow_dispatch: + +permissions: + contents: read + +concurrency: + group: conda-release-upload-${{ github.event.release.id || github.run_id }} + cancel-in-progress: false + +jobs: + conda-release-upload: + name: build-and-upload-conda-variants + runs-on: ubuntu-latest + env: + ANACONDA_API_TOKEN: ${{ secrets.ANACONDA_API_TOKEN }} + + steps: + - name: Checkout + uses: actions/checkout@v4.2.2 + + - name: Setup Miniconda + uses: conda-incubator/setup-miniconda@v3.3.0 + with: + auto-activate: true + activate-environment: base + channels: conda-forge + channel-priority: strict + conda-remove-defaults: "true" + miniconda-version: py311_25.11.1-1 + + - name: Install build and upload dependencies + shell: bash -el {0} + run: conda install -y conda-build=26.1.0 anaconda-client + + - name: Build all Conda variants + shell: bash -el {0} + run: | + conda build conda \ + -m conda/conda_build_config.yaml \ + -c conda-forge \ + --output-folder "${{ github.workspace }}/conda-bld" + + - name: Upload packages to Anaconda opflow-dev + shell: bash -el {0} + run: | + if [ -z "${ANACONDA_API_TOKEN}" ]; then + echo "Missing required secret: ANACONDA_API_TOKEN" + exit 1 + fi + + mapfile -t packages < <(find "${{ github.workspace }}/conda-bld" -type f \( -name "*.conda" -o -name "*.tar.bz2" \)) + if [ "${#packages[@]}" -eq 0 ]; then + echo "No conda packages were built." + exit 1 + fi + + printf "Uploading packages:\n%s\n" "${packages[@]}" + anaconda --token "${ANACONDA_API_TOKEN}" upload \ + --user opflow-dev \ + --label main \ + --skip-existing \ + "${packages[@]}" From 883e9fa401ed575a2cbc748c6766bd289275d3e1 Mon Sep 17 00:00:00 2001 From: Luohao Wang Date: Mon, 23 Feb 2026 22:27:50 +0800 Subject: [PATCH 2/6] ci: harden conda release upload workflow --- .github/workflows/conda-release-upload.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/conda-release-upload.yml b/.github/workflows/conda-release-upload.yml index 6602a04..1f7349f 100644 --- a/.github/workflows/conda-release-upload.yml +++ b/.github/workflows/conda-release-upload.yml @@ -17,15 +17,13 @@ jobs: conda-release-upload: name: build-and-upload-conda-variants runs-on: ubuntu-latest - env: - ANACONDA_API_TOKEN: ${{ secrets.ANACONDA_API_TOKEN }} steps: - name: Checkout - uses: actions/checkout@v4.2.2 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Miniconda - uses: conda-incubator/setup-miniconda@v3.3.0 + uses: conda-incubator/setup-miniconda@fc2d68f6413eb2d87b895e92f8584b5b94a10167 # v3.3.0 with: auto-activate: true activate-environment: base @@ -36,7 +34,7 @@ jobs: - name: Install build and upload dependencies shell: bash -el {0} - run: conda install -y conda-build=26.1.0 anaconda-client + run: conda install -y conda-build=26.1.0 anaconda-client=1.14.1 - name: Build all Conda variants shell: bash -el {0} @@ -44,10 +42,13 @@ jobs: conda build conda \ -m conda/conda_build_config.yaml \ -c conda-forge \ + --no-anaconda-upload \ --output-folder "${{ github.workspace }}/conda-bld" - name: Upload packages to Anaconda opflow-dev shell: bash -el {0} + env: + ANACONDA_API_TOKEN: ${{ secrets.ANACONDA_API_TOKEN }} run: | if [ -z "${ANACONDA_API_TOKEN}" ]; then echo "Missing required secret: ANACONDA_API_TOKEN" From 11862aef666b2c2171e72390718c2a55cab176a8 Mon Sep 17 00:00:00 2001 From: Luohao Wang Date: Mon, 23 Feb 2026 22:34:38 +0800 Subject: [PATCH 3/6] ci: build release conda variants on all target platforms --- .github/workflows/conda-release-upload.yml | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/.github/workflows/conda-release-upload.yml b/.github/workflows/conda-release-upload.yml index 1f7349f..3f4a6bd 100644 --- a/.github/workflows/conda-release-upload.yml +++ b/.github/workflows/conda-release-upload.yml @@ -15,8 +15,20 @@ concurrency: jobs: conda-release-upload: - name: build-and-upload-conda-variants - runs-on: ubuntu-latest + name: build-and-upload-conda-variants (${{ matrix.platform }}) + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + include: + - os: ubuntu-latest + platform: linux-64 + - os: macos-15-intel + platform: osx-64 + - os: macos-14 + platform: osx-arm64 + - os: windows-latest + platform: win-64 steps: - name: Checkout From a54de53f5a1fcf8273b4157a1081a2d9c895a6e2 Mon Sep 17 00:00:00 2001 From: Luohao Wang Date: Mon, 23 Feb 2026 22:36:54 +0800 Subject: [PATCH 4/6] ci: limit release matrix to unix conda variants --- .github/workflows/conda-release-upload.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/conda-release-upload.yml b/.github/workflows/conda-release-upload.yml index 3f4a6bd..fbe040f 100644 --- a/.github/workflows/conda-release-upload.yml +++ b/.github/workflows/conda-release-upload.yml @@ -27,8 +27,6 @@ jobs: platform: osx-64 - os: macos-14 platform: osx-arm64 - - os: windows-latest - platform: win-64 steps: - name: Checkout From 951dfd72ef60f22f584cb720c916d043e27d16f6 Mon Sep 17 00:00:00 2001 From: Luohao Wang Date: Mon, 23 Feb 2026 22:45:51 +0800 Subject: [PATCH 5/6] ci: tighten release workflow shell and token handling --- .github/workflows/conda-release-upload.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/conda-release-upload.yml b/.github/workflows/conda-release-upload.yml index fbe040f..2d4193d 100644 --- a/.github/workflows/conda-release-upload.yml +++ b/.github/workflows/conda-release-upload.yml @@ -49,6 +49,7 @@ jobs: - name: Build all Conda variants shell: bash -el {0} run: | + set -euo pipefail conda build conda \ -m conda/conda_build_config.yaml \ -c conda-forge \ @@ -60,6 +61,7 @@ jobs: env: ANACONDA_API_TOKEN: ${{ secrets.ANACONDA_API_TOKEN }} run: | + set -euo pipefail if [ -z "${ANACONDA_API_TOKEN}" ]; then echo "Missing required secret: ANACONDA_API_TOKEN" exit 1 @@ -71,8 +73,9 @@ jobs: exit 1 fi - printf "Uploading packages:\n%s\n" "${packages[@]}" - anaconda --token "${ANACONDA_API_TOKEN}" upload \ + echo "Uploading packages:" + printf " %s\n" "${packages[@]}" + anaconda upload \ --user opflow-dev \ --label main \ --skip-existing \ From cd15943887e6a4d57ef650970c0e71a4d8943ea4 Mon Sep 17 00:00:00 2001 From: Luohao Wang Date: Mon, 23 Feb 2026 22:57:37 +0800 Subject: [PATCH 6/6] ci: use latest runners and action tags in release workflow --- .github/workflows/conda-release-upload.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/conda-release-upload.yml b/.github/workflows/conda-release-upload.yml index 2d4193d..6a5fa17 100644 --- a/.github/workflows/conda-release-upload.yml +++ b/.github/workflows/conda-release-upload.yml @@ -23,17 +23,15 @@ jobs: include: - os: ubuntu-latest platform: linux-64 - - os: macos-15-intel - platform: osx-64 - - os: macos-14 + - os: macos-latest platform: osx-arm64 steps: - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@v4.2.2 - name: Setup Miniconda - uses: conda-incubator/setup-miniconda@fc2d68f6413eb2d87b895e92f8584b5b94a10167 # v3.3.0 + uses: conda-incubator/setup-miniconda@v3.3.0 with: auto-activate: true activate-environment: base