I.
Wiki article
Reading · 3 mindocs/release-pipeline
Continuous Release Pipeline reference
1. Ensure release-notes.md matches the changelog section before approving the release.
Continue reading
Nearby pages in the same section.
agent-mux docsContributor ReferenceArticlesHarness AssimilationAtlas Graph ↔ Library Gap ReportBabysitter CLI & SDK ExamplesUsing the Babysitter GitHub ActionUsing Babysitter with Claude Code GitHub ActionsUsing Babysitter with Codex GitHub ActionsUsing Babysitter with Gemini CLI GitHub ActionsHardcoded Harness/Target Gaps — Should Be Derived from Atlas GraphHarness Features Backlog: Gap Analysis (Restructured)Package and Plugin Docs MapBabysitter PluginsReferenceReference ReposRepositories Using BabysitterBabysitter Run History InsightsTesting StrategyBabysitter User GuideBabysitter v6: The Orchestration Platform Goes Universala5c.ai V6 Spec And RoadmapWorkspace Validation Map
Continuous Release Pipeline
Workflow Overview
.github/workflows/release.ymlowns production npm releases frommain, guarded by therelease-mainconcurrency group so only one run executes at a time..github/workflows/staging-publish.ymlowns prerelease npm publishing fromstaging, guarded by thestaging-publishconcurrency group.@a5c-ai/babysitter-observer-dashboardis part of those central workflows. The former standalone.github/workflows/observer-dashboard-publish.ymlpath is retired, so observer-dashboard no longer has a separatemainrelease workflow.@a5c-ai/agent-catalogis part of those central publish workflows. It ships as a public dependency surface for SDK, hooks-mux, agent-mux, and agent-plugins-mux consumers.@a5c-ai/agent-coreand@a5c-ai/babysitter-agentare part of those central publish workflows.agent-corepublishes beforebabysitter-agentso the runtime CLI can be installed from npm without workspace-only dependencies.@a5c-ai/transport-muxis part of the public agent-mux runtime chain. It must publish before the downstream agent-mux CLI/root packages so@a5c-ai/babysitter-agentremains globally installable through its agent-mux dependency chain.- Both central workflows validate, build, and publish observer-dashboard alongside the other public workspaces they own.
Ownership Matrix
release.ymlonmain: validates the monorepo, bumps versions throughscripts/bump-version.mjs, packs release artifacts, publishes public npm packages including@a5c-ai/agent-catalog, tagsvX.Y.Z, and creates the GitHub Release.staging-publish.ymlonstaging: validates the monorepo, writes prerelease versions into the publishable package manifests, and publishes the same centrally-owned npm packages with thestagingdist-tag.scripts/bump-version.mjs: production version source of truth for the centrally versioned workspace packages, includingpackages/agent-catalog/package.jsonandpackages/observer-dashboard/package.json.packages/observer-dashboard/README.md: user-facing install guidance for the published package; it should describe the same central release ownership as this document.
Secrets & Permissions
- The workflow-level permissions block sets
contents: writeandid-token: write;validatereduces its scope tocontents: read. GITHUB_TOKEN**must** retaincontents: writeonmainto push version bump commits and tags. If branch protection blocks the Actions bot, create a scoped PAT and store it asRELEASE_BOT_TOKEN, then replace usages in the workflow.NPM_TOKENauthenticatesnpm publish; it must correspond to an account with publish rights to@a5c-ai/babysitter-sdk,@a5c-ai/agent-catalog, and the rest of the centrally published packages, and should be rotated every 90 days.
Guardrails
- All GitHub Actions are pinned to immutable SHAs.
- Release commits include [skip release] so the follow-up push does not re-trigger the production workflow.
- Staging automation uses [skip staging] on its follow-up commit to avoid recursive prerelease runs.
- Observer-dashboard release ownership must stay singular: if a future package-specific workflow is introduced, this document and the central workflows must be updated in the same change.
Rollback
- Use scripts/rollback-release.sh vX.Y.Z to delete the GitHub Release and remote tag. The script assumes gh CLI authentication (GH_TOKEN or gh auth login).
- After running the script, revert the release commit on main (to restore changelog/package versions) and re-open any reverted changelog entries under ## [Unreleased].
- Document rollback actions in the incident ticket so the GO/NO-GO log stays auditable.
Staging Behavior
- Staging publishes observer-dashboard to npm with the
stagingdist-tag throughstaging-publish.yml. - The staging workflow writes the prerelease version directly into
packages/observer-dashboard/package.jsonfor the publish job, matching the way other centrally-owned public packages are staged. - Staging does not create Git tags or GitHub Releases; it exists only to publish prerelease npm artifacts for validation.
Operational Checklist
1. Ensure release-notes.md matches the changelog section before approving the release. 2. Tabletop the rollback script quarterly (Release Eng + Security) to confirm tag deletion + changelog revert steps are still valid. 3. When adding or removing a public package from the central release set, update all three ownership surfaces together: release.yml, staging-publish.yml, and scripts/bump-version.mjs.