From 8b8f35b8f56d71ae7a9f73c2808a2483a2b7773c Mon Sep 17 00:00:00 2001 From: bernie-g Date: Fri, 8 May 2026 17:27:00 -0400 Subject: [PATCH] fix(release): revert build/smoke/publish split (--skip=build not in v1.26.2) The publish step in PR #222 used `--skip=build,validate,before` to reuse dist/ from a prior build step, but `--skip=build` was only added in goreleaser v2.x. v1.26.2-pro (pinned in this workflow) errors with "--skip=build is not allowed", failing the publish phase before any linux/.deb/.rpm/.apk artifacts reach the release. v0.43.83 ended up with only darwin+windows artifacts as a result. Revert to the pre-PR-222 single-step goreleaser invocation that worked. The smoke-test gate goes with it; portability regressions can be guarded post-publish or via a dry-run check instead. --- .../workflows/release_build_infisical_cli.yml | 68 ++++--------------- 1 file changed, 12 insertions(+), 56 deletions(-) diff --git a/.github/workflows/release_build_infisical_cli.yml b/.github/workflows/release_build_infisical_cli.yml index d388356a..e29faaa5 100644 --- a/.github/workflows/release_build_infisical_cli.yml +++ b/.github/workflows/release_build_infisical_cli.yml @@ -218,83 +218,39 @@ jobs: mkdir -p "$target_dir" cp "/tmp/rdp-bridge-artifacts/rdp-bridge-$triple/libinfisical_rdp_bridge.a" "$target_dir/" done - - name: GoReleaser (build, no publish) + - name: GoReleaser (dry-run snapshot) + if: github.event_name == 'workflow_dispatch' && inputs.dry_run uses: goreleaser/goreleaser-action@v4 with: distribution: goreleaser-pro version: v1.26.2-pro - args: >- - release --clean --skip=publish,announce - ${{ (github.event_name == 'workflow_dispatch' && inputs.dry_run) && '--snapshot' || '' }} + args: release --clean --snapshot --skip=publish env: GITHUB_TOKEN: ${{ secrets.GO_RELEASER_GITHUB_TOKEN }} POSTHOG_API_KEY_FOR_CLI: ${{ secrets.POSTHOG_API_KEY_FOR_CLI }} FURY_TOKEN: ${{ secrets.FURYPUSHTOKEN }} AUR_KEY: ${{ secrets.AUR_KEY }} GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} - - name: Upload dry-run dist as workflow artifact - if: github.event_name == 'workflow_dispatch' && inputs.dry_run - uses: actions/upload-artifact@v4 - with: - name: goreleaser-dist-linux - path: dist/ - retention-days: 7 - - name: Smoke test linux binary across supported distros - run: | - set -uo pipefail - fail=0 - echo "::group::Static-link assertion (file)" - for d in dist/linux-*-rdp_linux_*; do - bin="$d/infisical" - [ -f "$bin" ] || continue - info=$(file "$bin") - echo "$info" - if ! echo "$info" | grep -q "statically linked"; then - echo "::error file=$bin::not statically linked" - fail=1 - fi - done - echo "::endgroup::" - - BIN=dist/linux-amd64-rdp_linux_amd64_v1/infisical - if [ ! -f "$BIN" ]; then - echo "::error::expected $BIN missing from dist/" - exit 1 - fi - echo "::group::Smoke test linux-amd64 binary across distro floor" - for img in \ - ubuntu:22.04 \ - ubuntu:20.04 \ - rockylinux:9 \ - rockylinux:8 \ - amazonlinux:2023 \ - amazonlinux:2 \ - alpine:3.19 \ - gcr.io/distroless/static-debian12; do - echo "--- $img ---" - if ! docker run --rm --platform linux/amd64 \ - -v "$PWD/$BIN":/infisical:ro \ - "$img" /infisical --version; then - echo "::error::binary failed to run on $img" - fail=1 - fi - done - echo "::endgroup::" - - [ "$fail" -eq 0 ] || exit 1 - - name: GoReleaser (publish) + - name: GoReleaser (release) if: github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && !inputs.dry_run) uses: goreleaser/goreleaser-action@v4 with: distribution: goreleaser-pro version: v1.26.2-pro - args: release --skip=build,validate,before + args: release --clean env: GITHUB_TOKEN: ${{ secrets.GO_RELEASER_GITHUB_TOKEN }} POSTHOG_API_KEY_FOR_CLI: ${{ secrets.POSTHOG_API_KEY_FOR_CLI }} FURY_TOKEN: ${{ secrets.FURYPUSHTOKEN }} AUR_KEY: ${{ secrets.AUR_KEY }} GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} + - name: Upload dry-run dist as workflow artifact + if: github.event_name == 'workflow_dispatch' && inputs.dry_run + uses: actions/upload-artifact@v4 + with: + name: goreleaser-dist-linux + path: dist/ + retention-days: 7 - uses: actions/setup-python@v4 with: python-version: "3.12"