gitea-actions[bot]
f82dace4b2
release: prepare v1.1.0
2026-03-21 20:16:35 +00:00
Micheal Wilkinson
81dced6ada
fix(publish): avoid heredoc parsing in composite json helper
...
Push Validation / coverage-badge (push) Successful in 1m53s
Push Validation / recommend-release (push) Successful in 28s
Replace the embedded python heredoc with python3 -c so the composite
action remains valid YAML and shell across teacup parsing.
2026-03-21 20:14:49 +00:00
Micheal Wilkinson
62693935d0
fix(release): parse release id robustly and validate upload endpoint
...
Push Validation / coverage-badge (push) Successful in 1m36s
Push Validation / recommend-release (push) Successful in 47s
Use JSON parsing for release id extraction in publish action instead of
regex matching, preventing wrong id selection from nested fields.
Add a pre-upload release endpoint check to fail early with explicit
release URL diagnostics when the resolved id/path is invalid.
2026-03-21 20:07:45 +00:00
Micheal Wilkinson
c0b5ec385c
fix(release): normalize wrapped release-id before asset upload
...
Push Validation / recommend-release (push) Has been cancelled
Push Validation / coverage-badge (push) Has been cancelled
Teacup can wrap workflow outputs as %touch docker-compose.yml(string=...), which produced an
invalid releases/{id}/assets URL and a 404 in Upload release binaries.
Unwrap and validate release-id before building the API path.
2026-03-21 20:03:00 +00:00
Micheal Wilkinson
84f6fbcfc8
fix(release): unwrap teacup token inputs and correct failure summary
...
Push Validation / recommend-release (push) Has been cancelled
Push Validation / coverage-badge (push) Has been cancelled
Normalize %touch docker-compose.yml(string=...) wrapped token values in publish composite before
API calls. This prevents malformed Authorization headers under teacup.
Also only print 'Release Published' summary when the publish step succeeds,
and print a failure summary otherwise.
2026-03-21 19:51:26 +00:00
Micheal Wilkinson
4a2d234ba3
fix(publish): stop sending target field in release payload
...
Push Validation / recommend-release (push) Has been cancelled
Push Validation / coverage-badge (push) Has been cancelled
Prepare already creates and pushes the release tag, so publish should not
retarget it. Sending target can trigger 403 on Gitea when tag retargeting
is restricted. Build PATCH/POST payloads from tag_name + notes only.
2026-03-21 19:46:53 +00:00
Micheal Wilkinson
4841b04076
fix(publish): use tag's actual commit SHA for release target
...
Push Validation / recommend-release (push) Has been cancelled
Push Validation / coverage-badge (push) Has been cancelled
GITHUB_SHA (github.sha) reflects the workflow trigger commit, which is
the main HEAD before the prepare job ran. The tag itself points to the
release commit created by prepare — a different SHA. Gitea rejects PATCH
and POST with 403 when target_commitish doesn't match the tag's commit.
Use git rev-list -n 1 TAG to resolve the exact SHA the tag points to,
ensuring the target field is always correct regardless of when or how
the release workflow is called.
2026-03-21 19:39:17 +00:00
Micheal Wilkinson
993768ae9b
refactor(release): inline release and validate jobs into prepare-release
...
Push Validation / coverage-badge (push) Successful in 1m24s
Push Validation / recommend-release (push) Successful in 42s
Replaces the workflow_call to do-release with directly inlined release
and validate jobs. All steps now appear flat in the Actions UI with full
individual step visibility instead of being collapsed under a setup job.
Tag resolution in the release job is simplified: the tag always comes
from needs.prepare.outputs.tag, removing the detect-tag guessing needed
for standalone dispatch.
do-release.yml is unchanged and remains available for manual dispatch.
2026-03-21 19:30:53 +00:00
Micheal Wilkinson
624b9d154c
fix(release): re-enable workflow_call publish path in prepare-release
...
Push Validation / coverage-badge (push) Successful in 1m18s
Push Validation / recommend-release (push) Successful in 23s
Tag push events never fire on this Gitea 1.25.x instance (confirmed
across 159 workflow run history). The workflow_call path is reliable and
has worked consistently. Remove the temporary if-false guard.
2026-03-21 19:23:31 +00:00
Micheal Wilkinson
53a097784e
chore(workflows): use go-version-file for setup-go
Push Validation / coverage-badge (push) Successful in 1m14s
Push Validation / recommend-release (push) Successful in 23s
2026-03-21 16:26:16 +00:00
Micheal Wilkinson
511110f466
chore(release): temporarily disable inline do-release call
...
Push Validation / coverage-badge (push) Successful in 1m10s
Push Validation / recommend-release (push) Successful in 26s
Disable the publish job in prepare-release to validate that tag push triggers do-release automatically via workflow trigger path.
2026-03-21 16:19:22 +00:00
Micheal Wilkinson
d5170b6874
fix(release): require RELEASE_PAT for tag and release updates
...
Push Validation / coverage-badge (push) Successful in 1m11s
Push Validation / recommend-release (push) Successful in 24s
Stop using GITHUB_TOKEN/GITEA_TOKEN fallbacks in prepare/do-release/publish mutation paths. Require explicit PAT wiring via secrets.RELEASE_PAT for commit/push/tag and release update operations so downstream workflows trigger reliably.
2026-03-21 16:17:17 +00:00
Micheal Wilkinson
925c99bb9e
docs: note govulncheck api limit workflow fix
Push Validation / coverage-badge (push) Successful in 1m20s
Push Validation / recommend-release (push) Successful in 22s
2026-03-21 16:08:51 +00:00
Micheal Wilkinson
d65af508a3
chore(go): avoid setup-go stable resolution in ci
2026-03-21 16:08:49 +00:00
Micheal Wilkinson
eae70bb20f
fix(workflows): prefer caller tag in do-release resolution
...
Push Validation / coverage-badge (push) Failing after 38s
Push Validation / recommend-release (push) Has been skipped
Handle Teacup workflow_call input forwarding gaps by using needs.prepare.outputs.tag as a fallback and normalizing %touch docker-compose.yml(string=...) wrappers before selecting the release tag.
2026-03-21 16:04:26 +00:00
Micheal Wilkinson
c96cab58ff
docs: document HEAD-prioritized tag detection fix
Push Validation / recommend-release (push) Has been cancelled
Push Validation / coverage-badge (push) Has been cancelled
2026-03-21 15:58:57 +00:00
Micheal Wilkinson
a6d57e4048
fix(workflows): prioritize HEAD tag detection over global latest tag
...
When prepare-release tags HEAD with a new release version, do-release should
immediately detect that tag rather than finding the latest tag chronologically.
Changes:
- Modified detect-tag step to check if HEAD is exactly at a tag first
- Falls back to latest tag only if HEAD is not tagged
- Fixes issue where v1.0.2 was detected instead of v1.1.0 at HEAD
This ensures correct version detection in prepare-release → do-release workflow chain.
2026-03-21 15:58:25 +00:00
Micheal Wilkinson
cb52dd909d
docs: record tag detection fallback approach for workflow_call resilience
Push Validation / coverage-badge (push) Successful in 1m21s
Push Validation / recommend-release (push) Successful in 27s
2026-03-21 15:53:05 +00:00
Micheal Wilkinson
acca6adacc
fix(release): add tag detection fallback for workflow_call input issues
2026-03-21 15:53:02 +00:00
Micheal Wilkinson
dc4aeb1e51
docs: record tag-fetching improvement for workflow_call version resolution
Push Validation / coverage-badge (push) Successful in 1m16s
Push Validation / recommend-release (push) Has been cancelled
2026-03-21 15:46:51 +00:00
Micheal Wilkinson
ea1b333da3
fix(release): fetch tags before version resolution to support workflow_call from prepare-release
2026-03-21 15:46:47 +00:00
Micheal Wilkinson
eb8bd80d48
docs: record version resolution fix in do-release workflow
Push Validation / coverage-badge (push) Successful in 1m18s
Push Validation / recommend-release (push) Successful in 23s
2026-03-21 15:40:18 +00:00
Micheal Wilkinson
cddcf99873
fix(release): resolve version before publish to support workflow_call context
2026-03-21 15:40:16 +00:00
Micheal Wilkinson
bef39120d3
docs: record module hygiene retry behavior
Push Validation / coverage-badge (push) Successful in 1m32s
Push Validation / recommend-release (push) Successful in 26s
2026-03-21 15:33:27 +00:00
Micheal Wilkinson
ad3d657db9
fix(ci): self-heal module cache on verify failure
2026-03-21 15:33:27 +00:00
Micheal Wilkinson
27a058a3ce
docs: record run-vociferate consolidation
Push Validation / coverage-badge (push) Failing after 35s
Push Validation / recommend-release (push) Has been skipped
2026-03-21 15:31:49 +00:00
Micheal Wilkinson
0d4310184e
refactor(actions): inline run-vociferate binary and source flows
2026-03-21 15:31:49 +00:00
Micheal Wilkinson
0fbd7641c0
docs: record run-vociferate nested path fix
Push Validation / coverage-badge (push) Failing after 33s
Push Validation / recommend-release (push) Has been skipped
2026-03-21 15:29:37 +00:00
Micheal Wilkinson
60a0e82587
fix(actions): use repo-root nested paths in run-vociferate
2026-03-21 15:29:37 +00:00
Micheal Wilkinson
1a67d8b0e1
docs: record repo-local action path fix
Push Validation / coverage-badge (push) Successful in 1m39s
Push Validation / recommend-release (push) Successful in 27s
2026-03-21 15:26:29 +00:00
Micheal Wilkinson
1a78209408
fix(actions): use repo-local run-vociferate paths
2026-03-21 15:26:29 +00:00
Micheal Wilkinson
c05a1c48cb
docs: record local action path syntax fix
Push Validation / coverage-badge (push) Successful in 1m15s
Push Validation / recommend-release (push) Successful in 30s
2026-03-21 15:22:37 +00:00
Micheal Wilkinson
32327c6d72
fix(actions): mark nested run-vociferate refs as local paths
2026-03-21 15:22:37 +00:00
Micheal Wilkinson
72abf37b2d
docs: record gosec cache restoration
Push Validation / coverage-badge (push) Successful in 2m5s
Push Validation / recommend-release (push) Successful in 38s
2026-03-21 15:15:06 +00:00
Micheal Wilkinson
5bea62b8cf
fix(ci): restore cached gosec binary in workflows
2026-03-21 15:15:06 +00:00
Micheal Wilkinson
dd86944e64
docs: record gosec toolchain fix
2026-03-21 15:14:01 +00:00
Micheal Wilkinson
38afdeffa0
fix(ci): run gosec via go install to use setup-go toolchain
2026-03-21 15:14:00 +00:00
Micheal Wilkinson
f9c57f34d0
docs: record GOTOOLCHAIN fix
Push Validation / coverage-badge (push) Failing after 27s
Push Validation / recommend-release (push) Has been skipped
2026-03-21 15:10:44 +00:00
Micheal Wilkinson
5793a58888
fix(ci): add GOTOOLCHAIN=auto to gosec and govulncheck steps
2026-03-21 15:10:44 +00:00
Micheal Wilkinson
2177dae15f
docs: correct govulncheck-action version in changelog
Push Validation / coverage-badge (push) Failing after 46s
Push Validation / recommend-release (push) Has been skipped
2026-03-21 15:05:23 +00:00
Micheal Wilkinson
76508355be
fix(ci): correct govulncheck-action tag to v1.0.4
2026-03-21 15:05:23 +00:00
Micheal Wilkinson
f069c116a1
docs: record gosec and govulncheck-action version pin
Push Validation / coverage-badge (push) Failing after 16s
Push Validation / recommend-release (push) Has been skipped
2026-03-21 15:00:39 +00:00
Micheal Wilkinson
32a6ded499
fix(ci): pin gosec and govulncheck-action to concrete version tags
2026-03-21 15:00:34 +00:00
Micheal Wilkinson
b7c62634f4
docs: record action nesting and docs-only fix
Push Validation / coverage-badge (push) Failing after 15s
Push Validation / recommend-release (push) Has been skipped
2026-03-21 14:56:42 +00:00
Micheal Wilkinson
224ba03ca4
fix(decorate-pr): replace piped while-read with process substitution for docs-only detection
2026-03-21 14:56:38 +00:00
Micheal Wilkinson
3f555fb894
refactor(actions): nest binary and code runners under run-vociferate/
2026-03-21 14:54:25 +00:00
Micheal Wilkinson
ee274602a8
docs: clarify runtime action refactor
2026-03-21 14:50:32 +00:00
Micheal Wilkinson
1306f07003
refactor(actions): simplify run-vociferate runtime flow
2026-03-21 14:50:29 +00:00
Micheal Wilkinson
58e29aca0c
docs: record composite runtime orchestration
2026-03-21 14:45:54 +00:00
Micheal Wilkinson
f04df719e2
chore(go): compose vociferate runtime flow
2026-03-21 14:45:50 +00:00
