Skip to content
.github/workflows/release.yml

security: remove leaked HF token session file, add session-*.md to gi… #55

Sign in to view logs

security: remove leaked HF token session file, add session-*.md to gi…

security: remove leaked HF token session file, add session-*.md to gi… #55

Workflow file for this run

.github/workflows/release.yml at 0f5b042
name: Release
on:
push:
tags:
- 'v*'
workflow_dispatch:
inputs:
tag:
description: 'Release tag (e.g., v0.1.0)'
required: true
default: 'v0.1.0'
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: 1
jobs:
build-release:
name: Build Release Binaries
runs-on: ubuntu-latest
strategy:
matrix:
target:
- x86_64-unknown-linux-gnu
include:
- target: x86_64-unknown-linux-gnu
os: ubuntu-latest
arch: x86_64
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
lfs: true
- name: Install Rust toolchain
uses: dtolnay/rust-action@stable
with:
toolchain: stable
target: ${{ matrix.target }}
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y pkg-config libssl-dev
- name: Cache cargo registry
uses: actions/cache@v4
with:
path: ~/.cargo/registry
key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-registry-
- name: Cache cargo index
uses: actions/cache@v4
with:
path: ~/.cargo/git
key: ${{ runner.os }}-cargo-git-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-git-
- name: Cache cargo build
uses: actions/cache@v4
with:
path: target
key: ${{ runner.os }}-cargo-build-target-${{ matrix.target }}-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-build-target-${{ matrix.target }}-
- name: Build release binaries
run: |
cargo build --release --workspace \
--bin terraphim-demo \
--bin terraphim-api \
--bin build-umls-artifact \
--bin build-snomed-artifact \
--bin build-cpic-artifact \
--bin umls_benchmark \
--bin evaluation-runner \
--bin primekg-import
env:
CARGO_TARGET_DIR: target
- name: Prepare release artifacts
run: |
mkdir -p release/${{ matrix.target }}
cp target/release/terraphim-demo release/${{ matrix.target }}/
cp target/release/terraphim-api release/${{ matrix.target }}/
cp target/release/build-umls-artifact release/${{ matrix.target }}/
cp target/release/build-snomed-artifact release/${{ matrix.target }}/
cp target/release/build-cpic-artifact release/${{ matrix.target }}/
cp target/release/umls_benchmark release/${{ matrix.target }}/
cp target/release/evaluation-runner release/${{ matrix.target }}/
cp target/release/primekg-import release/${{ matrix.target }}/
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: binaries-${{ matrix.target }}
path: release/${{ matrix.target }}/
retention-days: 1
package:
name: Package Distribution
needs: build-release
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
lfs: true
- name: Download all binaries
uses: actions/download-artifact@v4
with:
path: release/
pattern: binaries-*
merge-multiple: true
- name: Make binaries executable
run: |
chmod +x release/x86_64-unknown-linux-gnu/*
- name: Fetch Git LFS artifacts
run: |
git lfs pull
- name: Create distribution package
run: |
VERSION=${{ github.ref_name }}
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
VERSION=${{ github.event.inputs.tag }}
fi
PACKAGE_NAME="terraphim-medgemma-${VERSION}-linux-x86_64"
mkdir -p "dist/${PACKAGE_NAME}"
# Copy binaries
cp -r release/x86_64-unknown-linux-gnu/* "dist/${PACKAGE_NAME}/"
# Copy data files
mkdir -p "dist/${PACKAGE_NAME}/data/artifacts"
if [ -d "data/artifacts" ]; then
cp data/artifacts/*.bin.zst "dist/${PACKAGE_NAME}/data/artifacts/" 2>/dev/null || true
fi
# Copy documentation
cp README.md "dist/${PACKAGE_NAME}/"
cp LICENSE "dist/${PACKAGE_NAME}/" 2>/dev/null || true
cp -r docs "dist/${PACKAGE_NAME}/" 2>/dev/null || true
# Copy config files
cp -r config "dist/${PACKAGE_NAME}/" 2>/dev/null || true
# Create install script
cat > "dist/${PACKAGE_NAME}/install.sh" << 'INSTALL_EOF'
#!/bin/bash
set -e
INSTALL_DIR="${INSTALL_DIR:-/usr/local/bin}"
DATA_DIR="${DATA_DIR:-/usr/local/share/terraphim}"
echo "Installing Terraphim MedGemma..."
# Install binaries
sudo install -m 755 terraphim-demo "${INSTALL_DIR}/"
sudo install -m 755 terraphim-api "${INSTALL_DIR}/"
sudo install -m 755 build-umls-artifact "${INSTALL_DIR}/"
sudo install -m 755 build-snomed-artifact "${INSTALL_DIR}/"
sudo install -m 755 build-cpic-artifact "${INSTALL_DIR}/"
# Install data files
sudo mkdir -p "${DATA_DIR}"
if [ -d "data/artifacts" ]; then
sudo cp -r data/artifacts "${DATA_DIR}/"
fi
echo "Installation complete!"
echo "Binaries installed to: ${INSTALL_DIR}"
echo "Data files installed to: ${DATA_DIR}"
INSTALL_EOF
chmod +x "dist/${PACKAGE_NAME}/install.sh"
# Create tarball
cd dist
tar czf "${PACKAGE_NAME}.tar.gz" "${PACKAGE_NAME}"
# Generate checksums
sha256sum "${PACKAGE_NAME}.tar.gz" > "${PACKAGE_NAME}.tar.gz.sha256"
echo "Package created: dist/${PACKAGE_NAME}.tar.gz"
ls -lh "${PACKAGE_NAME}.tar.gz"
- name: Upload package artifact
uses: actions/upload-artifact@v4
with:
name: distribution-package
path: dist/*.tar.gz
retention-days: 1
- name: Upload checksum artifact
uses: actions/upload-artifact@v4
with:
name: distribution-checksums
path: dist/*.sha256
retention-days: 1
create-release:
name: Create GitHub Release
needs: package
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Download package artifacts
uses: actions/download-artifact@v4
with:
path: artifacts/
pattern: distribution-*
merge-multiple: true
- name: List artifacts
run: |
ls -la artifacts/
- name: Create Release
uses: softprops/action-gh-release@v1
with:
tag_name: ${{ github.event.inputs.tag || github.ref_name }}
name: Terraphim MedGemma ${{ github.event.inputs.tag || github.ref_name }}
body: |
## Terraphim MedGemma - Quantized Clinical Decision Support System
### Release Contents
This release includes:
- **terraphim-demo**: CLI demo application
- **terraphim-api**: REST API server
- **build-umls-artifact**: UMLS automata builder
- **build-snomed-artifact**: SNOMED CT hierarchy builder
- **build-cpic-artifact**: CPIC pharmacogenomics builder
- **umls_benchmark**: UMLS performance benchmark
- **evaluation-runner**: Evaluation test runner
- **primekg-import**: PrimeKG data importer
### Data Files
Pre-built artifacts (if included):
- `umls_automata.bin.zst`: UMLS Aho-Corasick automaton
- `snomed_hierarchy.bin.zst`: SNOMED CT hierarchy
- `cpic_database.bin.zst`: CPIC pharmacogenomics database
### Installation
```bash
# Download and extract
tar xzf terraphim-medgemma-*.tar.gz

Check failure on line 265 in .github/workflows/release.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/release.yml

Invalid workflow file 

You have an error in your yaml syntax on line 265
cd terraphim-medgemma-*
# Install system-wide
sudo ./install.sh
# Or run directly
./terraphim-demo
./terraphim-api
```
### Quick Start
```bash
# Run the demo
cargo run -p terraphim-demo
# Start the API server
./terraphim-api
# Run tests
cargo test --workspace
```
### Documentation
See the included README.md and docs/ directory for full documentation.
### Checksums
SHA256 checksums are provided in the `.sha256` file.
files: |
artifacts/*.tar.gz
artifacts/*.sha256
draft: false
prerelease: ${{ contains(github.event.inputs.tag || github.ref_name, 'alpha') || contains(github.event.inputs.tag || github.ref_name, 'beta') || contains(github.event.inputs.tag || github.ref_name, 'rc') }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}