Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
60 changes: 33 additions & 27 deletions skills/cutting-releases/post-flight.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ Part of the [cutting-releases](SKILL.md) skill.

Run after the version tag is pushed, the `v0` tag is moved, and the
CI workflows complete. Focus on the areas identified during pre-flight
step E.
step F.

## A. Wait for CI workflows

Expand All @@ -29,59 +29,65 @@ gh release view <tag>
Check that the title, changelog, and binary assets look correct.
Verify the release is not marked as a draft.

## C. Check fullsend-ai repos
## C. Skip fullsend-ai repos

The skill user is a fullsend repo admin, so fullsend-ai org repos
are always accessible. Check recent workflow runs in the org's repos
that consume `@v0` reusable workflows:
The `fullsend-ai/.fullsend` repo references reusable workflows via
`@main`, not `@v0`. Its runs do **not** exercise the `v0` tag and
cannot confirm that the tag move worked. (Those runs are checked
during pre-flight instead, as a signal that `main` is healthy.)

Skip fullsend-ai for post-flight `v0` verification. Focus on other
downstream consumers in step D.

## D. Check additional downstream repos (optional)

Use `AskUserQuestion` to ask if the user has access to additional
downstream orgs:

> Do you have access to any other downstream orgs/repos to verify?
> (e.g. "konflux-ci, redhat-developer/rhdh-agentic")
> Leave blank to skip.

For each repo provided, check recent workflow runs that started
**after** the `v0` tag move:

```
gh run list --repo fullsend-ai/fullsend --limit=3
gh run list --repo fullsend-ai/.fullsend --limit=3
gh run list --repo <org/repo> --limit=5

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[info] prior-finding-resolved

Prior finding about step D missing rerun command template is resolved. The new step D is now self-contained with full command blocks and prompt templates.

```

Look for runs that started **after** the `v0` tag move. Confirm they
completed without workflow-resolution errors (e.g. "could not find
reusable workflow"). If no runs occurred naturally, check for any
recent failed or cancelled runs that can be retriggered:
Confirm they completed without workflow-resolution errors (e.g.
"could not find reusable workflow"). If no runs occurred naturally,
check for recent failed runs that can be retriggered:

```

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[medium] logic-error

Step D instructs the agent to present a candidate for retriggering but omits the gh run rerun command template and user-facing prompt format that were in the old step C. The procedural doc should include the command pattern for self-containment.

Suggested fix: Add the rerun command block (gh run rerun --failed --repo <org/repo>) and prompt template to step D.

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in 9e42931. Added the rerun command block and prompt template.

gh run list --repo fullsend-ai/.fullsend --status=failure --limit=3
gh run list --repo <org/repo> --status=failure --limit=3
```

Present any candidate to the user for confirmation before retriggering:

> I found run `<run-id>` (failed) in `fullsend-ai/.fullsend`.
> I found run `<run-id>` (failed) in `<org/repo>`.
> Retrigger it to verify `@v0` resolves?

Once confirmed:

```
gh run rerun <run-id> --failed --repo fullsend-ai/.fullsend
gh run rerun <run-id> --failed --repo <org/repo>
```

## D. Check additional downstream repos (optional)

Use `AskUserQuestion` to ask if the user has access to additional
downstream orgs:

> Do you have access to any other downstream orgs/repos to verify?
> (e.g. "konflux-ci, redhat-developer/rhdh-agentic")
> Leave blank to skip.

If the user provides repos, repeat the same checks from step C for
each one. If blank, skip this step — not all admins have access to
every enrolled org.
If blank, skip this step — not all admins have access to every
enrolled org.

## E. Present post-flight summary

Summarize results to the user:

| Org/Repo | `@v0` Refs | Status |
|----------|-----------|--------|
| fullsend-ai/.fullsend | Confirmed | Passing |
| ... | ... | ... |

Note: `fullsend-ai` repos are excluded from this table — they use
`@main` and were checked during pre-flight.

Distinguish between:
- **Release-related failures** — workflow resolution errors, missing
secrets, or permission failures caused by the tag move.
Expand Down
32 changes: 27 additions & 5 deletions skills/cutting-releases/pre-flight.md
Original file line number Diff line number Diff line change
Expand Up @@ -102,21 +102,43 @@ gh run list --branch=main --limit=5
All recent runs should be passing. If E2E tests are failing, investigate
before releasing.

## E. Identify post-flight check areas
## E. Check fullsend-ai runs as a main-branch signal

The `fullsend-ai/.fullsend` repo references reusable workflows via
`@main` (not `@v0`). This means its recent runs already exercise the
exact commit we are about to tag. Use this as a pre-flight signal:

```
gh run list --repo fullsend-ai/.fullsend --limit=5

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[low] logic-error

New step E lists 'gh run list --repo fullsend-ai/fullsend --limit=5', but step D already runs 'gh run list --branch=main --limit=5' against the same repo. Only the .fullsend repo check adds new information.

Suggested fix: Remove the redundant fullsend-ai/fullsend check from step E, keeping only the .fullsend repo check.

gh run list --repo fullsend-ai/fullsend --limit=5
```

If recent runs are passing, that is evidence the reusable workflows on
`main` work correctly and moving `v0` to this commit is low-risk.

If recent runs are failing, investigate whether the failures are related
to reusable workflow changes. Workflow-resolution errors or permission
failures are blockers. Unrelated agent runtime errors are not.

## F. Identify post-flight check areas

Based on the changes found in steps A–C, determine what needs
post-flight verification after the `v0` tag moves:

- **Reusable workflow changes** → verify workflow runs in fullsend-ai
repos resolve `@v0` correctly and pass.
- **Reusable workflow changes** → verify workflow runs in downstream
`@v0` consumers (outside fullsend-ai) resolve correctly and pass.
- **New secrets or permissions** → verify affected workflows don't
fail on missing secrets.
- **CLI default changes** → note migration steps for existing
installs in the release summary.
- **No reusable workflow changes** → post-flight can be limited to
confirming the release artifacts built correctly.

## F. Present summary
Note: `fullsend-ai/.fullsend` uses `@main`, not `@v0`, so its runs
are not useful for post-flight `v0` verification. Post-flight checks

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[low] internal-consistency

The note after step F duplicates the rationale already stated in step E about fullsend-ai/.fullsend using @main. Creates maintenance risk if one copy is updated without the other.

Suggested fix: Remove the redundant note or replace with a cross-reference to step E.

should focus on other downstream consumers that reference `@v0`.

## G. Present summary

Summarize findings to the user in a table:

Expand All @@ -126,6 +148,6 @@ Summarize findings to the user in a table:
| Scaffold templates | ... | No/Yes |
| CLI / internal | ... | No/Yes |

List the post-flight check areas identified in step E.
List the post-flight check areas identified in step F.

Give a **GO / NO-GO** verdict. Do not proceed until the user confirms.
Loading