fix workflows#568
Conversation
There was a problem hiding this comment.
Pull request overview
This PR consolidates release-related GitHub Actions by removing the dedicated downstream workflow and moving its downstream notifications/updates into the main publish-release.yaml release pipeline, while also updating release docs/config to match.
Changes:
- Removed
.github/workflows/release-downstream.yamland embedded its downstream trigger jobs into.github/workflows/publish-release.yaml. - Updated
CLAUDE.mdrelease documentation to reflect the consolidated workflow and repository-dispatch mechanism. - Added a Homebrew
url_templateto.goreleaser/release.yamlfor standardized artifact URLs.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
CLAUDE.md |
Updates release workflow documentation to reflect downstream triggers now living in publish-release.yaml. |
.goreleaser/release.yaml |
Adds a Homebrew download URL template for release artifacts. |
.github/workflows/release-downstream.yaml |
Removes the standalone downstream-trigger workflow. |
.github/workflows/publish-release.yaml |
Adds downstream trigger jobs (types, chain registry dispatch, testnet/mainnet upgrade PR triggers). |
| trigger-types: | ||
| name: Trigger Types | ||
| if: github.repository == 'burnt-labs/xion' | ||
| uses: ./.github/workflows/trigger-types.yaml | ||
| with: | ||
| release_tag: ${{ github.event.release.tag_name }} | ||
| secrets: inherit |
There was a problem hiding this comment.
publish-release.yaml supports workflow_dispatch, but these new downstream jobs read github.event.release.tag_name, which is only present for the release event. A manual run will pass an empty/undefined tag into the reusable workflow (required input) and likely fail. Consider using a single release tag expression that works for both triggers (e.g., fall back to github.ref_name when github.event.release.tag_name is not set).
| - name: Dispatch to xion-assets | ||
| env: | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| TAG_NAME: ${{ github.event.release.tag_name }} | ||
| run: | | ||
| EVENT_TYPE=$( [[ "$TAG_NAME" == *-rc* ]] && echo "xion-assets-testnet-release-trigger" || echo "xion-assets-mainnet-release-trigger" ) | ||
| gh api repos/burnt-labs/xion-assets/dispatches \ | ||
| -f "event_type=${EVENT_TYPE}" \ | ||
| -f "client_payload[tag_name]=${TAG_NAME}" |
There was a problem hiding this comment.
This step uses GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} to call repos/burnt-labs/xion-assets/dispatches. The default GITHUB_TOKEN from the current repository generally does not have permission to dispatch events to a different repository, so this will fail at runtime. Use a dedicated PAT (stored as a secret) with access to burnt-labs/xion-assets, and consider using the same release-tag fallback as other jobs so TAG_NAME is set for workflow_dispatch runs too.
| upgrade-testnet: | ||
| name: Testnet Upgrade PR | ||
| if: github.repository == 'burnt-labs/xion' && contains(github.event.release.tag_name, '-rc') | ||
| uses: burnt-labs/xion-testnet-2/.github/workflows/create-release.yml@main | ||
| with: | ||
| release_tag: ${{ github.event.release.tag_name }} | ||
| secrets: inherit | ||
|
|
||
| upgrade-mainnet: | ||
| name: Mainnet Upgrade PR | ||
| if: github.repository == 'burnt-labs/xion' && !contains(github.event.release.tag_name, '-rc') | ||
| uses: burnt-labs/xion-mainnet-1/.github/workflows/create-release.yml@main | ||
| with: | ||
| release_tag: ${{ github.event.release.tag_name }} | ||
| secrets: inherit |
There was a problem hiding this comment.
These if: conditions reference github.event.release.tag_name, which is not available on workflow_dispatch. That can cause the downstream upgrade jobs to be skipped incorrectly or error out depending on expression evaluation. Use a tag expression that works for both triggers (e.g., fall back to github.ref_name) and reference that consistently in if: and with:.
…ream triggers - Add release_tag input so publish-release can be triggered manually from a branch with fixes while targeting a specific release tag - Use resolve-tag job to derive tag from input/event/ref_name - Downstream triggers (types, chain registry, testnet/mainnet upgrade) already merged from release-downstream.yaml in prior commit Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…h triggers External reusable workflows (xion-testnet-2, xion-mainnet-1) cause startup_failure when called via workflow_call — GitHub validates all referenced workflows at startup regardless of if: conditions, and secrets may not propagate correctly. Also fix RELEASE_REPO to use hardcoded 'xion' instead of github.event.repository.name which is empty on workflow_dispatch. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
trigger-types.yaml calls burnt-labs/xion-types release.yaml as an external reusable workflow, which causes startup_failure. Convert to gh workflow run dispatch like the other downstream triggers. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
GITHUB_TOKEN is scoped to the current repo only. Cross-repo workflow dispatch and repository_dispatch need a PAT with org-level access. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Downstream triggers now poll with gh run watch and stream logs on failure instead of fire-and-forget - furies -> gemfury (goreleaser v2 rename) - brews -> homebrew_casks (goreleaser v2 rename) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…-runs GoReleaser fails with 400 Bad Request when packages already exist on Gemfury from a previous run attempt. This adds a pre-step to delete existing package versions before uploading. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Gemfury returns 400 intermittently. Allow the workflow to proceed even if Fury upload fails, since verify-installers will catch real issues. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When triggered via workflow_dispatch on a branch, github.ref_name is the branch name (release/v29) not the tag (v29.0.1). Pass the resolved tag as an input so installers use the correct version string. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
GoReleaser's built-in fury publisher gives opaque 400 errors with no per-file diagnostics. Replace with manual curl uploads that show the exact HTTP response for each package, and handle 409 (already exists) gracefully. Also passes release_tag to verify-installers so it uses the correct version string instead of the branch name. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This pull request streamlines the release workflow by removing the separate
release-downstream.yamlworkflow and integrating its downstream triggers directly into the mainpublish-release.yamlworkflow. This consolidation ensures that downstream repositories are notified and updated as part of the primary release process. Additionally, documentation and configuration are updated to reflect these changes.Workflow consolidation and downstream triggers:
.github/workflows/release-downstream.yamland migrated its downstream jobs (trigger-types,update-chain-registry,upgrade-testnet,upgrade-mainnet) into.github/workflows/publish-release.yaml, ensuring all downstream notifications and updates happen within the main release workflow. [1] [2]Documentation updates:
CLAUDE.mdto reflect that downstream triggers are now part ofpublish-release.yaml, and clarified the mechanism for updating the chain registry (now viarepository_dispatch).Release configuration:
url_templateto thebrewssection in.goreleaser/release.yamlto standardize download URLs for release artifacts.