Skip to content

fix: validate submit run ids and publish release assets#5

Open
lookmanrays wants to merge 1 commit into
mainfrom
fix/v0.3.1-release-assets-and-run-id-validation
Open

fix: validate submit run ids and publish release assets#5
lookmanrays wants to merge 1 commit into
mainfrom
fix/v0.3.1-release-assets-and-run-id-validation

Conversation

@lookmanrays

Copy link
Copy Markdown
Owner

Summary

  • Add reusable Release Assets workflow for binary asset publishing and v0.3.0 backfill.
  • Wire Release Please to call the reusable asset workflow when release_created == true.
  • Remove the completed one-time release-as: 0.3.0 bootstrap forcing.
  • Validate supplied submit run IDs before posting steps and add daemon/API protection against nonexistent-run step creation.
  • Document the v0.3.0 backfill path and source-archive limitation.

Release asset root cause

The v0.3.0 Release Please run built Linux and macOS workflow artifacts, but publish-assets failed before upload. The failing step called gh release view "$TAG_NAME" without checkout/repo context, and the log ended with:

failed to run git: fatal: not a git repository (or any of the parent directories): .git

The v0.3.0 GitHub Release currently has no uploaded assets. Backfill remains manual after this PR is merged via Actions -> Release Assets -> Run workflow with tag_name=v0.3.0, ref=v0.3.0, replace_existing=false.

Verification

  • python3 -m json.tool release-please-config.json
  • Ruby YAML parse for .github/workflows/release-please.yml, .github/workflows/release-assets.yml, .github/workflows/semantic-pr-title.yml
  • go test ./internal/localexec ./internal/service ./internal/app ./cmd/codencer
  • go test ./...
  • make verify-public-release
  • git diff --check
  • git diff --cached --check

actionlint was not installed locally, so that optional check was skipped.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: ea62d0ae67

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread .github/workflows/release-assets.yml Outdated
"version": tag,
"tag_name": tag,
"release_sha": release_sha,
"built_at": datetime.now(timezone.utc).isoformat().replace("+00:00", "Z"),

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Make manifest generation deterministic for retries

When the Release Assets job is re-run with replace_existing=false after publish-assets already uploaded manifest.json but a later step failed, this timestamp is regenerated even if the downloaded binary artifacts are identical. The checksum verification then sees the existing manifest.json as different and exits before the intended “skip identical assets” path, making a failed publish job unretryable without deleting/replacing assets.

Useful? React with 👍 / 👎.

@lookmanrays lookmanrays force-pushed the fix/v0.3.1-release-assets-and-run-id-validation branch 2 times, most recently from 0ff527a to 708edb2 Compare July 6, 2026 21:59
@lookmanrays lookmanrays force-pushed the fix/v0.3.1-release-assets-and-run-id-validation branch from 708edb2 to 0c11649 Compare July 6, 2026 22:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant