feat: HyperAgent v0.1.0 — AI agent with sandboxed JS execution #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json | |
| name: Validate Pull Request | |
| on: | |
| pull_request: | |
| branches: [main] | |
| push: | |
| branches: [main] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| # Lint, typecheck, and unit tests on ubuntu-latest | |
| lint-and-test: | |
| name: Lint & Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: "22" | |
| cache: "npm" | |
| - uses: hyperlight-dev/ci-setup-workflow@v1.8.0 | |
| with: | |
| rust-toolchain: "1.89" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Setup | |
| run: just setup | |
| - name: Format check | |
| run: npm run fmt:check | |
| - name: Typecheck | |
| run: npm run typecheck | |
| - name: Test | |
| run: just test | |
| # Build and test on all hypervisor configurations (1ES runners have Rust + just) | |
| build-and-test: | |
| name: Build & Test (${{ matrix.hypervisor }}-${{ matrix.config }}) | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| build: | |
| - linux-kvm-debug | |
| - linux-kvm-release | |
| - linux-mshv-debug | |
| - linux-mshv-release | |
| - windows-whp-debug | |
| - windows-whp-release | |
| include: | |
| - build: linux-kvm-debug | |
| os: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] | |
| hypervisor: kvm | |
| config: debug | |
| - build: linux-kvm-release | |
| os: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] | |
| hypervisor: kvm | |
| config: release | |
| - build: linux-mshv-debug | |
| os: [self-hosted, Linux, X64, "1ES.Pool=hld-azlinux3-mshv-amd"] | |
| hypervisor: mshv | |
| config: debug | |
| - build: linux-mshv-release | |
| os: [self-hosted, Linux, X64, "1ES.Pool=hld-azlinux3-mshv-amd"] | |
| hypervisor: mshv | |
| config: release | |
| - build: windows-whp-debug | |
| os: [self-hosted, Windows, X64, "1ES.Pool=hld-win2022-amd"] | |
| hypervisor: whp | |
| config: debug | |
| - build: windows-whp-release | |
| os: [self-hosted, Windows, X64, "1ES.Pool=hld-win2022-amd"] | |
| hypervisor: whp | |
| config: release | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: "22" | |
| cache: "npm" | |
| - uses: hyperlight-dev/ci-setup-workflow@v1.8.0 | |
| with: | |
| rust-toolchain: "1.89" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Setup | |
| run: just setup | |
| - name: Build binary | |
| run: node scripts/build-binary.js ${{ matrix.config == 'release' && '--release' || '' }} | |
| - name: Run tests | |
| run: just test | |
| - name: Upload binary artifact | |
| if: matrix.config == 'release' | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: hyperagent-linux-x64-${{ matrix.hypervisor }} | |
| path: dist/ | |
| retention-days: 7 | |
| # Build Docker image (just setup clones deps so Dockerfile COPY works) | |
| build-docker: | |
| name: Build Docker Image | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: "22" | |
| cache: "npm" | |
| - uses: hyperlight-dev/ci-setup-workflow@v1.8.0 | |
| with: | |
| rust-toolchain: "1.89" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Setup | |
| run: just setup | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build Docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| push: false | |
| tags: hyperagent:test | |
| build-args: | | |
| VERSION=${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| # Gate PR merges on all jobs passing | |
| ci-status: | |
| name: CI Status | |
| needs: [lint-and-test, build-and-test, build-docker] | |
| if: always() | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check all jobs passed | |
| run: jq --exit-status 'all(.result == "success" or .result == "skipped")' <<< '${{ toJson(needs) }}' |