Add publishing infrastructure for skills

.github/workflows/skills-ci.yml

@@ -0,0 +1,34 @@
+name: skills-ci
+
+on:
+  push:
+    paths:
+      - 'skills/**'
+      - 'scripts/**'
+      - '.github/workflows/skills-*.yml'
+  pull_request:
+    paths:
+      - 'skills/**'
+      - 'scripts/**'
+      - '.github/workflows/skills-*.yml'
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+      - name: Validate skills
+        run: python scripts/validate_skills.py
+      - name: Smoke discovery
+        run: |
+          if [ -d skills ] && find skills -name SKILL.md -print -quit | grep -q .; then
+            npx --yes skills add . --list
+          else
+            echo "No skills present yet; skipping discovery smoke test."
+          fi

.github/workflows/skills-release.yml

@@ -0,0 +1,164 @@
+name: skills-release
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - 'skills/**'
+      - 'scripts/**'
+      - '.release-policy.yml'
+      - '.github/workflows/skills-release.yml'
+  workflow_dispatch:
+    inputs:
+      version_override:
+        description: 'Optional explicit version tag (vX.Y.Z)'
+        required: false
+        type: string
+      bump_type:
+        description: 'Semver bump type when no version_override is set'
+        required: false
+        default: 'patch'
+        type: choice
+        options:
+          - patch
+          - minor
+          - major
+          - auto
+
+permissions:
+  contents: write
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Validate skills
+        run: python scripts/validate_skills.py
+
+      - name: Read release policy
+        id: policy
+        run: |
+          python - << 'PY'
+          import re
+          from pathlib import Path
+
+          txt = Path('.release-policy.yml').read_text(encoding='utf-8')
+          m = re.search(r"(?im)^\s*auto_release\s*:\s*(true|false)\s*(?:#.*)?$", txt)
+          auto = bool(m and m.group(1).lower() == 'true')
+          with open(Path.cwd() / '.policy_out', 'w', encoding='utf-8') as f:
+              f.write(f"auto_release={'true' if auto else 'false'}\n")
+          PY
+          cat .policy_out >> "$GITHUB_OUTPUT"
+
+      - name: Decide whether release is allowed
+        id: gate
+        run: |
+          if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
+            echo "should_release=true" >> "$GITHUB_OUTPUT"
+          elif [ "${{ steps.policy.outputs.auto_release }}" = "true" ]; then
+            echo "should_release=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "should_release=false" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Stop (policy gate)
+        if: steps.gate.outputs.should_release != 'true'
+        run: echo "Release policy disabled for push events; exiting successfully."
+
+      - name: Determine bump from PR labels
+        if: steps.gate.outputs.should_release == 'true' && github.event_name == 'push'
+        id: prlabels
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const {owner, repo} = context.repo;
+            let bump = 'patch';
+            try {
+              const prs = await github.rest.repos.listPullRequestsAssociatedWithCommit({
+                owner,
+                repo,
+                commit_sha: context.sha,
+              });
+              if (prs.data && prs.data.length > 0) {
+                const labels = (prs.data[0].labels || []).map(l => l.name);
+                if (labels.includes('release:major')) bump = 'major';
+                else if (labels.includes('release:minor')) bump = 'minor';
+              }
+            } catch (e) {
+              core.warning(`Could not infer PR labels: ${e.message}`);
+            }
+            core.setOutput('bump', bump);
+
+      - name: Compute version
+        if: steps.gate.outputs.should_release == 'true'
+        id: version
+        env:
+          INPUT_BUMP: ${{ github.event.inputs.bump_type }}
+          INPUT_VERSION: ${{ github.event.inputs.version_override }}
+          PUSH_BUMP: ${{ steps.prlabels.outputs.bump }}
+        run: |
+          if [ -n "${INPUT_VERSION:-}" ]; then
+            VERSION="$INPUT_VERSION"
+          else
+            if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
+              BUMP="${INPUT_BUMP:-patch}"
+            else
+              BUMP="${PUSH_BUMP:-patch}"
+            fi
+            VERSION=$(python scripts/compute_next_version.py --bump "$BUMP")
+          fi
+          echo "version=$VERSION" >> "$GITHUB_OUTPUT"
+
+      - name: Check tag does not already exist
+        if: steps.gate.outputs.should_release == 'true'
+        run: |
+          if git rev-parse "${{ steps.version.outputs.version }}" >/dev/null 2>&1; then
+            echo "Tag ${{ steps.version.outputs.version }} already exists" >&2
+            exit 1
+          fi
+
+      - name: Determine release range
+        if: steps.gate.outputs.should_release == 'true'
+        id: range
+        run: |
+          PREV=$(git tag --list 'v*' --sort=-v:refname | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+$' | head -n 1 || true)
+          if [ -n "$PREV" ]; then
+            FROM="$PREV"
+          else
+            FROM=$(git hash-object -t tree /dev/null)
+          fi
+          echo "from_ref=$FROM" >> "$GITHUB_OUTPUT"
+          echo "to_ref=${GITHUB_SHA}" >> "$GITHUB_OUTPUT"
+
+      - name: Build release notes
+        if: steps.gate.outputs.should_release == 'true'
+        run: |
+          python scripts/build_release_notes.py \
+            --from-ref "${{ steps.range.outputs.from_ref }}" \
+            --to-ref "${{ steps.range.outputs.to_ref }}" \
+            --version "${{ steps.version.outputs.version }}" \
+            --repo "${{ github.repository }}" \
+            --output RELEASE_NOTES.md
+
+      - name: Create and push tag
+        if: steps.gate.outputs.should_release == 'true'
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git tag "${{ steps.version.outputs.version }}" "${GITHUB_SHA}"
+          git push origin "${{ steps.version.outputs.version }}"
+
+      - name: Create GitHub release
+        if: steps.gate.outputs.should_release == 'true'
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: ${{ steps.version.outputs.version }}
+          name: ${{ steps.version.outputs.version }}
+          body_path: RELEASE_NOTES.md

.release-policy.yml

@@ -0,0 +1 @@
+auto_release: false

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Gecode
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,65 @@
+# Gecode Skills
+
+Repository infrastructure for publishing Gecode-focused AI agent skills.
+
+This branch sets up validation, CI, and release automation. It does not introduce a published skill yet.
+
+## Infrastructure
+
+Included here:
+
+- GitHub Actions for validation and release publishing
+- semver/version helper scripts
+- release policy gating through `.release-policy.yml`
+- generic skill validation that works before any skill is added
+
+## Future Skill Layout
+
+Skills will live under:
+
+- `skills/<skill-name>/SKILL.md`
+
+## Contributing
+
+### Skill structure
+
+Each skill must be under:
+
+- `skills/<skill-name>/SKILL.md`
+
+Optional metadata for UIs can be added at:
+
+- `skills/<skill-name>/agents/openai.yaml`
+
+### Required frontmatter
+
+Each `SKILL.md` must include YAML frontmatter with:
+
+- `name`
+- `description`
+
+The `name` must match the directory name (`<skill-name>`).
+
+### Release bump labels
+
+Auto-release determines semver bump from PR labels:
+
+- `release:major` -> major bump
+- `release:minor` -> minor bump
+- no label -> patch bump
+
+## Release Policy
+
+Releases are controlled by `.release-policy.yml`.
+
+- Initially: `auto_release: false`
+- This means pushes to `main` do **not** auto-release.
+- Manual release via workflow dispatch is enabled.
+
+To enable auto-release later, set:
+
+```yaml
+auto_release: true
+```
+
+and merge that change with maintainer review.

scripts/build_release_notes.py

@@ -0,0 +1,57 @@
+#!/usr/bin/env python3
+from __future__ import annotations
+
+import argparse
+import subprocess
+from pathlib import Path
+
+
+def changed_skills(diff_range: str) -> list[str]:
+    out = subprocess.check_output(["git", "diff", "--name-only", diff_range], text=True)
+    names: set[str] = set()
+    for line in out.splitlines():
+        parts = line.split("/")
+        if len(parts) >= 3 and parts[0] == "skills" and parts[1].startswith("gecode-"):
+            names.add(parts[1])
+    return sorted(names)
+
+
+def main() -> int:
+    ap = argparse.ArgumentParser()
+    ap.add_argument("--from-ref", required=True)
+    ap.add_argument("--to-ref", required=True)
+    ap.add_argument("--version", required=True)
+    ap.add_argument("--repo", required=True, help="owner/repo")
+    ap.add_argument("--output", required=True)
+    args = ap.parse_args()
+
+    diff_range = f"{args.from_ref}..{args.to_ref}"
+    skills = changed_skills(diff_range)
+
+    lines = []
+    lines.append(f"# {args.version}")
+    lines.append("")
+    if skills:
+        lines.append("## Changed skills")
+        lines.append("")
+        for s in skills:
+            lines.append(f"- `{s}`")
+        lines.append("")
+    else:
+        lines.append("No skill directory changes detected in this release range.")
+        lines.append("")
+
+    lines.append("## Install")
+    lines.append("")
+    lines.append(f"```bash\nnpx skills add {args.repo}\n```")
+    lines.append("")
+    lines.append("List available skills:")
+    lines.append("")
+    lines.append(f"```bash\nnpx skills add {args.repo} --list\n```")
+
+    Path(args.output).write_text("\n".join(lines) + "\n", encoding="utf-8")
+    return 0
+
+
+if __name__ == "__main__":
+    raise SystemExit(main())