Skip to content

release: v0.5.0 - sync_invoices saveDir + cfnode1 CI migration#9

Closed
luke-cf wants to merge 4 commits into
prodfrom
main
Closed

release: v0.5.0 - sync_invoices saveDir + cfnode1 CI migration#9
luke-cf wants to merge 4 commits into
prodfrom
main

Conversation

@luke-cf

@luke-cf luke-cf commented May 27, 2026

Copy link
Copy Markdown
Contributor

Summary

Merging this PR triggers the new 4-job release pipeline (prod-release.yml) to publish @ksefnik/* v0.5.0 and deploy docs.

What's in this release

  • feat(mcp): sync_invoices tool gains saveDir option - downloads full FA XML to disk (feat(mcp): saveDir option for sync_invoices tool #8)
  • ci: docs build + deploy migrated from cf-macmini to cfnode1 + new `vps-codeformers` org runner. GHCR auth via GITHUB_TOKEN, no more host-side PAT.
  • ci: `prod-release.yml` split into 4 atomic jobs (verify / publish-npm / build-docs / deploy) + sync-back. Each job re-runnable on its own; failures past npm publish no longer require manual recovery.

Pipeline expectations (after merge)

Job Runs on Outcome
verify cfnode1 (codeformers) install + build + typecheck + test, uploads dist
publish-npm cfnode1 bumps to v0.5.0, publishes 6 packages to npm with provenance, tags v0.5.0 on prod, GH release
build-docs cfnode1 builds docs image from the v0.5.0 tag, pushes to ghcr.io/codeformers-it/ksefnik-docs:{latest,v0.5.0,sha}
deploy vps-codeformers pulls new image, restarts container, smoke-tests http://127.0.0.1:7020/
sync-back ubuntu-latest opens PR prod -> main with the v0.5.0 version bump

Test plan

luke-cf added 4 commits May 27, 2026 11:07
Build & push (docs.yml, prod-release.yml) now run on self-hosted [self-hosted, codeformers]
(cfnode1) with GHCR auth via GITHUB_TOKEN instead of a long-lived PAT mounted on
the host - no more ~/.env.ksefnik dependency, no more macmini-specific paths.

Deploy step moved from `ssh codeformers "..."` to a separate job pinned to
[self-hosted, vps-codeformers] which runs the deploy.sh on the docs VPS directly.
That removes the SSH key on the build host and lets us add more VPSes later by
just registering more org runners with the codeformers-vps / vps-shared / vps-<name>
label triple.

VPS-side .env (REPO_TOKEN_GITHUB_PAT) is untouched - kept for `docker pull` after
the job ends (consistent with OxStudio's vps-prod convention).
Previous pipeline crammed everything (install, build, test, bump, npm publish,
git tag, GH release, docker build, GHCR push, VPS deploy) into one job. If any
step past 'npm publish' failed, the release was left in an inconsistent state
(packages on npm, no tag in git, no docker image, no VPS deploy) with no clean
way to retry just the failed stage.

New shape:
  verify       - install/build/typecheck/test on the current SHA, uploads dist.
                 Pure validation, mutates nothing, safe to rerun.
  publish-npm  - downloads dist, bumps versions, publishes to npm, commits +
                 tags + GH release. After this job the new vX.Y.Z tag exists
                 on origin/prod.
  build-docs   - checks out the v${VERSION} tag, builds the docs image, pushes
                 to GHCR. Re-running this job is idempotent (same tag → same
                 image content), so a flaky GHCR push can be retried alone.
  deploy       - pulls the new image on the VPS, recreates the container,
                 smoke-tests. Re-running just pulls latest again.
  sync-back    - opens a PR prod → main so the bump lands back in main.

Added workflow_dispatch with dry_run=true (default). Lets us validate the whole
verify path without publishing or tagging - useful for testing pipeline changes
without burning a real release version.
Adds an opt-in `saveDir` parameter to the sync_invoices MCP tool. When set,
the tool fetches the full FA(2)/FA(3) XML for each invoice (via the existing
fetchInvoiceXml HTTP path) and writes one file per invoice to
${saveDir}/${ksefReferenceNumber}.xml. mkdir -p semantics, absolute or
relative paths accepted (relative resolved against cwd of the MCP host).

Plumbing for the new option:
  shared    FetchInvoicesOpts.includeXml: documents the flag + that rawXml
            lands on Invoice.rawXml when set (was already handled by adapter).
  core      KsefClient.fetchInvoices gains optional includeXml. KsefAdapter
            forwards it to the underlying client.
  http      KsefHttpClient.fetchInvoices forwards includeXml. Adds
            fetchInvoiceXml(token, ksefNumber) public method backed by the
            existing http/invoices.ts helper so non-MCP consumers can also
            grab single XMLs.

Default behavior unchanged — fetchInvoices without includeXml still returns
metadata only.
feat(mcp): saveDir option for sync_invoices tool
@github-actions

Copy link
Copy Markdown
Contributor

PRs to prod are restricted to org members. Please open your PR against main instead.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant