From de675d8de98379a1ced2d59531629d016f5ea893 Mon Sep 17 00:00:00 2001 From: abs2023 Date: Sat, 23 May 2026 12:45:38 -0400 Subject: [PATCH 1/2] ci(dev): build CLI, router, and UI artifacts on dev push MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Enable artifact-only builds on dev while test→main is blocked: executables and all desktop UI platforms upload to the workflow run without GHCR push, TEE build, GitHub release, or AWS/SecretVM deploy. UI dev builds omit proxy-router download URLs (no release exists); test router from artifacts. Temporary until dev can follow test after main promotion. Co-authored-by: Cursor --- .github/workflows/build.yml | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5eccc152..c3a20758 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,7 +2,9 @@ name: CI-CD # CI/CD Pipeline for Morpheus Lumerin Node # # Branch Strategy: -# • dev: Build and test only (no deployment) +# • dev: Build-only (TEMPORARY): verify, tag, proxy-router docker test, CLI/router executables, +# and UI desktop artifacts uploaded to the workflow run — no GHCR push, TEE, release, or deploy. +# Revert dev push builds after test→main promotion is unblocked. # • test: Build, test, and deploy to AWS DEV environment (Titan dev + Morpheus dev consumer node) # • main: Build, test, create release, and deploy to AWS PRD environment (Titan lmn + Morpheus prd consumer/provider nodes) # @@ -958,7 +960,7 @@ jobs: if: | github.repository == 'MorpheusAIs/Morpheus-Lumerin-Node' && ( - (github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test')) || + (github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test' || github.ref == 'refs/heads/dev')) || (github.event_name == 'workflow_dispatch' && github.event.inputs.build_all_os == 'true') ) needs: @@ -2199,7 +2201,7 @@ jobs: if: | github.repository == 'MorpheusAIs/Morpheus-Lumerin-Node' && ( - (github.event_name == 'push' && (startsWith(github.ref, 'refs/heads/cicd/') || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test')) || + (github.event_name == 'push' && (startsWith(github.ref, 'refs/heads/cicd/') || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test' || github.ref == 'refs/heads/dev')) || (github.event_name == 'workflow_dispatch' && github.event.inputs.build_all_os == 'true') ) runs-on: macos-latest @@ -2207,7 +2209,8 @@ jobs: - Generate-Tag - Build-Service-Executables env: - SERVICE_PROXY_DOWNLOAD_URL_MAC_ARM64: ${{ needs.Generate-Tag.outputs.artifacts_base_url }}/mac-arm64-morpheus-router-${{ needs.Generate-Tag.outputs.vfull }} + # Dev builds have no GitHub release; omit router download URL (test router from workflow artifacts). + SERVICE_PROXY_DOWNLOAD_URL_MAC_ARM64: ${{ github.ref != 'refs/heads/dev' && format('{0}/mac-arm64-morpheus-router-{1}', needs.Generate-Tag.outputs.artifacts_base_url, needs.Generate-Tag.outputs.vfull) || '' }} steps: - name: Clone id: checkout @@ -2263,7 +2266,7 @@ jobs: if: | github.repository == 'MorpheusAIs/Morpheus-Lumerin-Node' && ( - (github.event_name == 'push' && (startsWith(github.ref, 'refs/heads/cicd/') || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test')) || + (github.event_name == 'push' && (startsWith(github.ref, 'refs/heads/cicd/') || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test' || github.ref == 'refs/heads/dev')) || (github.event_name == 'workflow_dispatch' && github.event.inputs.build_all_os == 'true') ) runs-on: ubuntu-22.04 @@ -2271,7 +2274,7 @@ jobs: - Generate-Tag - Build-Service-Executables env: - SERVICE_PROXY_DOWNLOAD_URL_LINUX_X64: ${{ needs.Generate-Tag.outputs.artifacts_base_url }}/linux-x86_64-morpheus-router-${{ needs.Generate-Tag.outputs.vfull }} + SERVICE_PROXY_DOWNLOAD_URL_LINUX_X64: ${{ github.ref != 'refs/heads/dev' && format('{0}/linux-x86_64-morpheus-router-{1}', needs.Generate-Tag.outputs.artifacts_base_url, needs.Generate-Tag.outputs.vfull) || '' }} steps: - name: Clone id: checkout @@ -2326,7 +2329,7 @@ jobs: if: | github.repository == 'MorpheusAIs/Morpheus-Lumerin-Node' && ( - (github.event_name == 'push' && (startsWith(github.ref, 'refs/heads/cicd/') || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test')) || + (github.event_name == 'push' && (startsWith(github.ref, 'refs/heads/cicd/') || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test' || github.ref == 'refs/heads/dev')) || (github.event_name == 'workflow_dispatch' && github.event.inputs.build_all_os == 'true') ) runs-on: ubuntu-22.04 @@ -2334,7 +2337,7 @@ jobs: - Generate-Tag - Build-Service-Executables env: - SERVICE_PROXY_DOWNLOAD_URL_LINUX_ARM64: ${{ needs.Generate-Tag.outputs.artifacts_base_url }}/linux-arm64-morpheus-router-${{ needs.Generate-Tag.outputs.vfull }} + SERVICE_PROXY_DOWNLOAD_URL_LINUX_ARM64: ${{ github.ref != 'refs/heads/dev' && format('{0}/linux-arm64-morpheus-router-{1}', needs.Generate-Tag.outputs.artifacts_base_url, needs.Generate-Tag.outputs.vfull) || '' }} steps: - name: Clone id: checkout @@ -2389,7 +2392,7 @@ jobs: if: | github.repository == 'MorpheusAIs/Morpheus-Lumerin-Node' && ( - (github.event_name == 'push' && (startsWith(github.ref, 'refs/heads/cicd/') || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test')) || + (github.event_name == 'push' && (startsWith(github.ref, 'refs/heads/cicd/') || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test' || github.ref == 'refs/heads/dev')) || (github.event_name == 'workflow_dispatch' && github.event.inputs.build_all_os == 'true') ) runs-on: macos-15-intel @@ -2397,7 +2400,7 @@ jobs: - Generate-Tag - Build-Service-Executables env: - SERVICE_PROXY_DOWNLOAD_URL_MAC_X64: ${{ needs.Generate-Tag.outputs.artifacts_base_url }}/mac-x64-morpheus-router-${{ needs.Generate-Tag.outputs.vfull }} + SERVICE_PROXY_DOWNLOAD_URL_MAC_X64: ${{ github.ref != 'refs/heads/dev' && format('{0}/mac-x64-morpheus-router-{1}', needs.Generate-Tag.outputs.artifacts_base_url, needs.Generate-Tag.outputs.vfull) || '' }} steps: - name: Clone id: checkout @@ -2453,7 +2456,7 @@ jobs: if: | github.repository == 'MorpheusAIs/Morpheus-Lumerin-Node' && ( - (github.event_name == 'push' && (startsWith(github.ref, 'refs/heads/cicd/') || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test')) || + (github.event_name == 'push' && (startsWith(github.ref, 'refs/heads/cicd/') || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/test' || github.ref == 'refs/heads/dev')) || (github.event_name == 'workflow_dispatch' && github.event.inputs.build_all_os == 'true') ) runs-on: windows-latest @@ -2461,7 +2464,7 @@ jobs: - Generate-Tag - Build-Service-Executables env: - SERVICE_PROXY_DOWNLOAD_URL_WINDOWS_X64: ${{ needs.Generate-Tag.outputs.artifacts_base_url }}/win-x64-morpheus-router-${{ needs.Generate-Tag.outputs.vfull }}.exe + SERVICE_PROXY_DOWNLOAD_URL_WINDOWS_X64: ${{ github.ref != 'refs/heads/dev' && format('{0}/win-x64-morpheus-router-{1}.exe', needs.Generate-Tag.outputs.artifacts_base_url, needs.Generate-Tag.outputs.vfull) || '' }} steps: - name: Clone id: checkout From f1a32709eed83fddd5f2f9bb6c8c8efd75656a7b Mon Sep 17 00:00:00 2001 From: abs2023 Date: Sat, 23 May 2026 12:56:35 -0400 Subject: [PATCH 2/2] ci(dev): publish vX.Y.Z-dev pre-releases like test branch Restore standard SERVICE_PROXY_DOWNLOAD_URL_* for dev UI builds and add Dev-UI-Release to upload desktop, CLI, and proxy-router assets to GitHub pre-releases (no GHCR/TEE/AWS). Updates latest-dev tag for rolling installs. Co-authored-by: Cursor --- .github/workflows/build.yml | 125 +++++++++++++++++++++++++++++++++--- 1 file changed, 117 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c3a20758..059034ea 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -3,8 +3,8 @@ name: CI-CD # # Branch Strategy: # • dev: Build-only (TEMPORARY): verify, tag, proxy-router docker test, CLI/router executables, -# and UI desktop artifacts uploaded to the workflow run — no GHCR push, TEE, release, or deploy. -# Revert dev push builds after test→main promotion is unblocked. +# UI desktop builds, and GitHub pre-release (vX.Y.Z-dev) with router/CLI/UI assets — no GHCR, +# TEE, AWS, or SecretVM deploy. Revert after test→main promotion is unblocked. # • test: Build, test, and deploy to AWS DEV environment (Titan dev + Morpheus dev consumer node) # • main: Build, test, create release, and deploy to AWS PRD environment (Titan lmn + Morpheus prd consumer/provider nodes) # @@ -2209,8 +2209,7 @@ jobs: - Generate-Tag - Build-Service-Executables env: - # Dev builds have no GitHub release; omit router download URL (test router from workflow artifacts). - SERVICE_PROXY_DOWNLOAD_URL_MAC_ARM64: ${{ github.ref != 'refs/heads/dev' && format('{0}/mac-arm64-morpheus-router-{1}', needs.Generate-Tag.outputs.artifacts_base_url, needs.Generate-Tag.outputs.vfull) || '' }} + SERVICE_PROXY_DOWNLOAD_URL_MAC_ARM64: ${{ needs.Generate-Tag.outputs.artifacts_base_url }}/mac-arm64-morpheus-router-${{ needs.Generate-Tag.outputs.vfull }} steps: - name: Clone id: checkout @@ -2274,7 +2273,7 @@ jobs: - Generate-Tag - Build-Service-Executables env: - SERVICE_PROXY_DOWNLOAD_URL_LINUX_X64: ${{ github.ref != 'refs/heads/dev' && format('{0}/linux-x86_64-morpheus-router-{1}', needs.Generate-Tag.outputs.artifacts_base_url, needs.Generate-Tag.outputs.vfull) || '' }} + SERVICE_PROXY_DOWNLOAD_URL_LINUX_X64: ${{ needs.Generate-Tag.outputs.artifacts_base_url }}/linux-x86_64-morpheus-router-${{ needs.Generate-Tag.outputs.vfull }} steps: - name: Clone id: checkout @@ -2337,7 +2336,7 @@ jobs: - Generate-Tag - Build-Service-Executables env: - SERVICE_PROXY_DOWNLOAD_URL_LINUX_ARM64: ${{ github.ref != 'refs/heads/dev' && format('{0}/linux-arm64-morpheus-router-{1}', needs.Generate-Tag.outputs.artifacts_base_url, needs.Generate-Tag.outputs.vfull) || '' }} + SERVICE_PROXY_DOWNLOAD_URL_LINUX_ARM64: ${{ needs.Generate-Tag.outputs.artifacts_base_url }}/linux-arm64-morpheus-router-${{ needs.Generate-Tag.outputs.vfull }} steps: - name: Clone id: checkout @@ -2400,7 +2399,7 @@ jobs: - Generate-Tag - Build-Service-Executables env: - SERVICE_PROXY_DOWNLOAD_URL_MAC_X64: ${{ github.ref != 'refs/heads/dev' && format('{0}/mac-x64-morpheus-router-{1}', needs.Generate-Tag.outputs.artifacts_base_url, needs.Generate-Tag.outputs.vfull) || '' }} + SERVICE_PROXY_DOWNLOAD_URL_MAC_X64: ${{ needs.Generate-Tag.outputs.artifacts_base_url }}/mac-x64-morpheus-router-${{ needs.Generate-Tag.outputs.vfull }} steps: - name: Clone id: checkout @@ -2464,7 +2463,7 @@ jobs: - Generate-Tag - Build-Service-Executables env: - SERVICE_PROXY_DOWNLOAD_URL_WINDOWS_X64: ${{ github.ref != 'refs/heads/dev' && format('{0}/win-x64-morpheus-router-{1}.exe', needs.Generate-Tag.outputs.artifacts_base_url, needs.Generate-Tag.outputs.vfull) || '' }} + SERVICE_PROXY_DOWNLOAD_URL_WINDOWS_X64: ${{ needs.Generate-Tag.outputs.artifacts_base_url }}/win-x64-morpheus-router-${{ needs.Generate-Tag.outputs.vfull }}.exe steps: - name: Clone id: checkout @@ -2536,6 +2535,116 @@ jobs: path: ./ui-desktop/dist/win-x64-morpheus-app-${{ needs.Generate-Tag.outputs.vfull }}.exe name: win-x64-morpheus-app-${{ needs.Generate-Tag.outputs.vfull }}.exe + Dev-UI-Release: + name: Upload Dev Pre-release (desktop + CLI + router) + if: | + github.repository == 'MorpheusAIs/Morpheus-Lumerin-Node' && + github.event_name == 'push' && + github.ref == 'refs/heads/dev' + needs: + - Generate-Tag + - Build-Service-Executables + - UI-macOS-latest-arm64 + - UI-macOS-15-intel-x64 + - UI-Ubuntu-22-x64 + - UI-Ubuntu-22-arm64 + - UI-Windows-avx2-x64 + runs-on: ubuntu-latest + permissions: + contents: write + steps: + - name: Clone + uses: actions/checkout@v6 + with: + fetch-depth: 0 + fetch-tags: true + + - name: Download artifacts + uses: actions/download-artifact@v7 + with: + path: ./artifact + merge-multiple: true + + - name: Verify artifact contents + run: | + echo "🔍 Contents of ./artifact:" + ls -lh ./artifact + + - name: Generate release notes + run: | + VERSION=${{ needs.Generate-Tag.outputs.vfull }} + TAG=${{ needs.Generate-Tag.outputs.tag_name }} + + cat << RELEASE_NOTES > release_notes.md + ## Dev pre-release ($TAG) + + Desktop, proxy-router, and CLI builds from the \`dev\` branch. No container or TEE assets in this release. + + ### Desktop Application + + | Platform | Download | + |----------|----------| + | **Windows** (x64) | [\`win-x64-morpheus-app-${VERSION}.exe\`](../../releases/download/${TAG}/win-x64-morpheus-app-${VERSION}.exe) | + | **macOS** (Apple Silicon) | [\`mac-arm64-morpheus-app-${VERSION}.dmg\`](../../releases/download/${TAG}/mac-arm64-morpheus-app-${VERSION}.dmg) | + | **macOS** (Intel) | [\`mac-x64-morpheus-app-${VERSION}.dmg\`](../../releases/download/${TAG}/mac-x64-morpheus-app-${VERSION}.dmg) | + | **Linux** (x64) | [\`linux-x86_64-morpheus-app-${VERSION}.AppImage\`](../../releases/download/${TAG}/linux-x86_64-morpheus-app-${VERSION}.AppImage) | + | **Linux** (ARM64) | [\`linux-arm64-morpheus-app-${VERSION}.AppImage\`](../../releases/download/${TAG}/linux-arm64-morpheus-app-${VERSION}.AppImage) | + + ### Proxy Router + + | Platform | Download | + |----------|----------| + | **Linux** (x64) | [\`linux-x86_64-morpheus-router-${VERSION}\`](../../releases/download/${TAG}/linux-x86_64-morpheus-router-${VERSION}) | + | **Linux** (ARM64) | [\`linux-arm64-morpheus-router-${VERSION}\`](../../releases/download/${TAG}/linux-arm64-morpheus-router-${VERSION}) | + | **macOS** (Apple Silicon) | [\`mac-arm64-morpheus-router-${VERSION}\`](../../releases/download/${TAG}/mac-arm64-morpheus-router-${VERSION}) | + | **macOS** (Intel) | [\`mac-x64-morpheus-router-${VERSION}\`](../../releases/download/${TAG}/mac-x64-morpheus-router-${VERSION}) | + | **Windows** (x64) | [\`win-x64-morpheus-router-${VERSION}.exe\`](../../releases/download/${TAG}/win-x64-morpheus-router-${VERSION}.exe) | + + ### CLI + + | Platform | Download | + |----------|----------| + | **Linux** (x64) | [\`linux-x86_64-morpheus-cli-${VERSION}\`](../../releases/download/${TAG}/linux-x86_64-morpheus-cli-${VERSION}) | + | **Linux** (ARM64) | [\`linux-arm64-morpheus-cli-${VERSION}\`](../../releases/download/${TAG}/linux-arm64-morpheus-cli-${VERSION}) | + | **macOS** (Apple Silicon) | [\`mac-arm64-morpheus-cli-${VERSION}\`](../../releases/download/${TAG}/mac-arm64-morpheus-cli-${VERSION}) | + | **macOS** (Intel) | [\`mac-x64-morpheus-cli-${VERSION}\`](../../releases/download/${TAG}/mac-x64-morpheus-cli-${VERSION}) | + | **Windows** (x64) | [\`win-x64-morpheus-cli-${VERSION}.exe\`](../../releases/download/${TAG}/win-x64-morpheus-cli-${VERSION}.exe) | + + > Rolling alias: \`latest-dev\` git tag tracks the newest dev pre-release. + RELEASE_NOTES + + echo "" >> release_notes.md + echo "---" >> release_notes.md + echo "" >> release_notes.md + echo "## Commit" >> release_notes.md + echo "" >> release_notes.md + git log -1 --pretty=format:"%B" ${{ github.sha }} >> release_notes.md + cat release_notes.md + + - name: Create dev pre-release and upload assets + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + TAG=${{ needs.Generate-Tag.outputs.tag_name }} + echo "📦 Creating dev pre-release $TAG..." + gh release create "$TAG" \ + --title "Dev pre-release $TAG" \ + --notes-file release_notes.md \ + --prerelease \ + ./artifact/* + echo "✅ Dev pre-release $TAG created with $(ls -1 ./artifact | wc -l) assets" + + - name: Update latest-dev tag + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + TAG=${{ needs.Generate-Tag.outputs.tag_name }} + echo "🔄 Updating 'latest-dev' tag to point to $TAG..." + git push origin :refs/tags/latest-dev 2>/dev/null || true + git tag -f latest-dev + git push origin latest-dev + echo "✅ 'latest-dev' tag updated" + UI-Release: name: Upload UI-Desktop Release if: |