ci(package-geobrix-artifacts): fail-fast preflights for LFS + lockfile#30
Merged
Conversation
added 2 commits
May 20, 2026 17:58
Missing companion lockfile for python/geobrix/requirements-build.in (added in #28 with the package-geobrix-artifacts.yml workflow). The workflow's hash-pinned wheel-build step `pip install --require-hashes -r python/geobrix/requirements-build.txt` errored on its first v0.3.0 run with "Could not open requirements file". Generated via: cd python/geobrix uv pip compile --generate-hashes --python-version 3.12 \ --output-file requirements-build.txt requirements-build.in Co-authored-by: Isaac
Two operator-facing preflight steps that surface actionable errors instead of opaque failures, motivated by the two failed runs of this workflow against v0.3.0: 1. LFS preflight. actions/checkout@v6 with `lfs: true` errors out with a bare `Object does not exist on the server: [404]` when an LFS pointer is committed but the bytes were never uploaded to GitHub LFS storage. Split the LFS handling out of actions/checkout (now `lfs: false`) and run `git lfs pull` in a follow-up step that prints the exact `git lfs push origin <branch-or-tag> --all` recovery command on failure. Common when a repo is the first to use LFS at the org level and storage hasn't been primed. 2. Lockfile preflight. The hash-pinned wheel-build step `pip install --require-hashes -r python/geobrix/requirements-build.txt` previously errored with pip's generic `Could not open requirements file` when the lockfile was missing. New step checks for the file up front and prints the `uv pip compile --generate-hashes` command to regenerate it. Co-authored-by: Isaac
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Folds two operator-facing preflight steps into
package-geobrix-artifacts.ymlplus carries forward therequirements-build.txtlockfile that was missing onmain. Motivated by two failed runs of this workflow against the v0.3.0 release (26191999817, 26192103582) where the failure modes pointed at the symptom (Object does not exist on the server: [404]andCould not open requirements file) instead of the actual fix.Two new preflight steps:
LFS preflight.
actions/checkout@v6withlfs: trueerrors out with a bareObject does not exist on the server: [404]when an LFS pointer is committed but the bytes were never uploaded to GitHub LFS storage (common the first time a repo at an org uses LFS). Split the LFS handling out ofactions/checkout(nowlfs: false) and rungit lfs pullin a follow-up step that prints the exactgit lfs push origin <branch-or-tag> --allrecovery command on failure.Lockfile preflight. The hash-pinned wheel-build step
pip install --require-hashes -r python/geobrix/requirements-build.txtpreviously errored with pip's genericCould not open requirements filewhen the lockfile was missing. New step checks the file is committed up front and prints theuv pip compile --generate-hashescommand to regenerate it.Also in this PR (the
requirements-build.txtitself):The lockfile was generated locally via
uv pip compile --generate-hashes --python-version 3.12 --output-file requirements-build.txt requirements-build.inand committed tobeta/0.3.0to unblock the v0.3.0 artifact build. Carrying it forward tomainsomain-targeted runs of this workflow also have it.Test plan
package-geobrix-artifacts.ymlagainst a test ref (or wait for the next release cut) and confirm both new preflight steps appear in the run log. The pass case is silent; the failure case (only triggerable by deleting the lockfile or rolling back the LFS push, which we don't need to actively test) would print the actionable message.This pull request and its description were written by Isaac.