From 8030003c7756ecc253a00c811a1cd4ae3cb27941 Mon Sep 17 00:00:00 2001 From: Piotr Mlocek Date: Sun, 15 Mar 2026 00:41:54 -0700 Subject: [PATCH 1/6] ci(release): trigger GitLab wheel publish workflows --- .github/workflows/branch-checks.yml | 25 ++++++++++++++++++ .github/workflows/release-dev.yml | 39 ++++++++++++++++++++++++++++ .github/workflows/release-tag.yml | 40 +++++++++++++++++++++++++++++ 3 files changed, 104 insertions(+) diff --git a/.github/workflows/branch-checks.yml b/.github/workflows/branch-checks.yml index 6972ecb3..2556c454 100644 --- a/.github/workflows/branch-checks.yml +++ b/.github/workflows/branch-checks.yml @@ -97,3 +97,28 @@ jobs: - name: Test run: mise run test:python + + internal-wheel-publish-smoke: + name: Internal Wheel Publish Smoke + if: ${{ github.event.pull_request.head.repo.fork == false }} + runs-on: [self-hosted, nv] + timeout-minutes: 10 + steps: + - name: Trigger GitLab CI + env: + GITLAB_CI_TRIGGER_TOKEN: ${{ secrets.GITLAB_CI_TRIGGER_TOKEN }} + GITLAB_CI_TRIGGER_URL: ${{ secrets.GITLAB_CI_TRIGGER_URL }} + WHEEL_FILENAMES: openshell-branch-check-py3-none-any.whl,openshell-branch-check-manylinux_x86_64.whl + run: | + set -euo pipefail + curl -X POST \ + --fail \ + -F "token=${GITLAB_CI_TRIGGER_TOKEN}" \ + -F "ref=feat/ci-trigger-pipeline" \ + -F "variables[PIPELINE_ACTION]=publish_wheels" \ + -F "variables[GITHUB_REPOSITORY]=${GITHUB_REPOSITORY}" \ + -F "variables[RELEASE_TAG]=devel" \ + -F "variables[RELEASE_VERSION]=branch-check-pr-${{ github.event.pull_request.number }}" \ + -F "variables[RELEASE_KIND]=dev" \ + -F "variables[WHEEL_FILENAMES]=${WHEEL_FILENAMES}" \ + "${GITLAB_CI_TRIGGER_URL}" diff --git a/.github/workflows/release-dev.yml b/.github/workflows/release-dev.yml index ff51540e..3a1c0f11 100644 --- a/.github/workflows/release-dev.yml +++ b/.github/workflows/release-dev.yml @@ -466,3 +466,42 @@ jobs: release/openshell-aarch64-apple-darwin.tar.gz release/*.whl release/openshell-checksums-sha256.txt + + trigger-wheel-publish: + name: Trigger Wheel Publish + needs: [compute-versions, release-devel] + runs-on: [self-hosted, nv] + timeout-minutes: 10 + steps: + - name: Download wheel artifacts + uses: actions/download-artifact@v4 + with: + name: python-wheels + path: release/ + + - name: Trigger GitLab CI + env: + GITLAB_CI_TRIGGER_TOKEN: ${{ secrets.GITLAB_CI_TRIGGER_TOKEN }} + GITLAB_CI_TRIGGER_URL: ${{ secrets.GITLAB_CI_TRIGGER_URL }} + RELEASE_VERSION: ${{ needs.compute-versions.outputs.python_version }} + run: | + set -euo pipefail + shopt -s nullglob + wheel_files=(release/*.whl) + if (( ${#wheel_files[@]} == 0 )); then + echo "No wheel artifacts found in release/" >&2 + exit 1 + fi + + WHEEL_FILENAMES=$(printf '%s\n' "${wheel_files[@]##*/}" | paste -sd, -) + curl -X POST \ + --fail \ + -F "token=${GITLAB_CI_TRIGGER_TOKEN}" \ + -F "ref=main" \ + -F "variables[PIPELINE_ACTION]=publish_wheels" \ + -F "variables[GITHUB_REPOSITORY]=${GITHUB_REPOSITORY}" \ + -F "variables[RELEASE_TAG]=devel" \ + -F "variables[RELEASE_VERSION]=${RELEASE_VERSION}" \ + -F "variables[RELEASE_KIND]=dev" \ + -F "variables[WHEEL_FILENAMES]=${WHEEL_FILENAMES}" \ + "${GITLAB_CI_TRIGGER_URL}" diff --git a/.github/workflows/release-tag.yml b/.github/workflows/release-tag.yml index cda74d1e..df616be8 100644 --- a/.github/workflows/release-tag.yml +++ b/.github/workflows/release-tag.yml @@ -490,3 +490,43 @@ jobs: release/openshell-aarch64-apple-darwin.tar.gz release/*.whl release/openshell-checksums-sha256.txt + + trigger-wheel-publish: + name: Trigger Wheel Publish + needs: [compute-versions, release] + runs-on: [self-hosted, nv] + timeout-minutes: 10 + steps: + - name: Download wheel artifacts + uses: actions/download-artifact@v4 + with: + name: python-wheels + path: release/ + + - name: Trigger GitLab CI + env: + GITLAB_CI_TRIGGER_TOKEN: ${{ secrets.GITLAB_CI_TRIGGER_TOKEN }} + GITLAB_CI_TRIGGER_URL: ${{ secrets.GITLAB_CI_TRIGGER_URL }} + RELEASE_VERSION: ${{ needs.compute-versions.outputs.python_version }} + RELEASE_TAG: ${{ env.RELEASE_TAG }} + run: | + set -euo pipefail + shopt -s nullglob + wheel_files=(release/*.whl) + if (( ${#wheel_files[@]} == 0 )); then + echo "No wheel artifacts found in release/" >&2 + exit 1 + fi + + WHEEL_FILENAMES=$(printf '%s\n' "${wheel_files[@]##*/}" | paste -sd, -) + curl -X POST \ + --fail \ + -F "token=${GITLAB_CI_TRIGGER_TOKEN}" \ + -F "ref=main" \ + -F "variables[PIPELINE_ACTION]=publish_wheels" \ + -F "variables[GITHUB_REPOSITORY]=${GITHUB_REPOSITORY}" \ + -F "variables[RELEASE_TAG]=${RELEASE_TAG}" \ + -F "variables[RELEASE_VERSION]=${RELEASE_VERSION}" \ + -F "variables[RELEASE_KIND]=stable" \ + -F "variables[WHEEL_FILENAMES]=${WHEEL_FILENAMES}" \ + "${GITLAB_CI_TRIGGER_URL}" From 75191de1e0b9157614027d211df99b26c4e59bb4 Mon Sep 17 00:00:00 2001 From: Piotr Mlocek Date: Sun, 15 Mar 2026 00:48:15 -0700 Subject: [PATCH 2/6] ci(release): trim GitLab trigger output --- .github/workflows/branch-checks.yml | 16 ++++++++++++++-- .github/workflows/release-dev.yml | 16 ++++++++++++++-- .github/workflows/release-tag.yml | 16 ++++++++++++++-- 3 files changed, 42 insertions(+), 6 deletions(-) diff --git a/.github/workflows/branch-checks.yml b/.github/workflows/branch-checks.yml index 2556c454..51dc2de3 100644 --- a/.github/workflows/branch-checks.yml +++ b/.github/workflows/branch-checks.yml @@ -111,8 +111,10 @@ jobs: WHEEL_FILENAMES: openshell-branch-check-py3-none-any.whl,openshell-branch-check-manylinux_x86_64.whl run: | set -euo pipefail - curl -X POST \ + response=$(curl -X POST \ --fail \ + --silent \ + --show-error \ -F "token=${GITLAB_CI_TRIGGER_TOKEN}" \ -F "ref=feat/ci-trigger-pipeline" \ -F "variables[PIPELINE_ACTION]=publish_wheels" \ @@ -121,4 +123,14 @@ jobs: -F "variables[RELEASE_VERSION]=branch-check-pr-${{ github.event.pull_request.number }}" \ -F "variables[RELEASE_KIND]=dev" \ -F "variables[WHEEL_FILENAMES]=${WHEEL_FILENAMES}" \ - "${GITLAB_CI_TRIGGER_URL}" + "${GITLAB_CI_TRIGGER_URL}") + RESPONSE_JSON="$response" python - <<'PY' + import json + import os + + response = json.loads(os.environ["RESPONSE_JSON"]) + print( + f"Triggered GitLab pipeline {response['id']} " + f"with status={response['status']}" + ) + PY diff --git a/.github/workflows/release-dev.yml b/.github/workflows/release-dev.yml index 3a1c0f11..e6ebe568 100644 --- a/.github/workflows/release-dev.yml +++ b/.github/workflows/release-dev.yml @@ -494,8 +494,10 @@ jobs: fi WHEEL_FILENAMES=$(printf '%s\n' "${wheel_files[@]##*/}" | paste -sd, -) - curl -X POST \ + response=$(curl -X POST \ --fail \ + --silent \ + --show-error \ -F "token=${GITLAB_CI_TRIGGER_TOKEN}" \ -F "ref=main" \ -F "variables[PIPELINE_ACTION]=publish_wheels" \ @@ -504,4 +506,14 @@ jobs: -F "variables[RELEASE_VERSION]=${RELEASE_VERSION}" \ -F "variables[RELEASE_KIND]=dev" \ -F "variables[WHEEL_FILENAMES]=${WHEEL_FILENAMES}" \ - "${GITLAB_CI_TRIGGER_URL}" + "${GITLAB_CI_TRIGGER_URL}") + RESPONSE_JSON="$response" python - <<'PY' + import json + import os + + response = json.loads(os.environ["RESPONSE_JSON"]) + print( + f"Triggered GitLab pipeline {response['id']} " + f"with status={response['status']}" + ) + PY diff --git a/.github/workflows/release-tag.yml b/.github/workflows/release-tag.yml index df616be8..3e7538f5 100644 --- a/.github/workflows/release-tag.yml +++ b/.github/workflows/release-tag.yml @@ -519,8 +519,10 @@ jobs: fi WHEEL_FILENAMES=$(printf '%s\n' "${wheel_files[@]##*/}" | paste -sd, -) - curl -X POST \ + response=$(curl -X POST \ --fail \ + --silent \ + --show-error \ -F "token=${GITLAB_CI_TRIGGER_TOKEN}" \ -F "ref=main" \ -F "variables[PIPELINE_ACTION]=publish_wheels" \ @@ -529,4 +531,14 @@ jobs: -F "variables[RELEASE_VERSION]=${RELEASE_VERSION}" \ -F "variables[RELEASE_KIND]=stable" \ -F "variables[WHEEL_FILENAMES]=${WHEEL_FILENAMES}" \ - "${GITLAB_CI_TRIGGER_URL}" + "${GITLAB_CI_TRIGGER_URL}") + RESPONSE_JSON="$response" python - <<'PY' + import json + import os + + response = json.loads(os.environ["RESPONSE_JSON"]) + print( + f"Triggered GitLab pipeline {response['id']} " + f"with status={response['status']}" + ) + PY From 3591e8a0ad1c260783fd3f41745dce85e68deeb0 Mon Sep 17 00:00:00 2001 From: Piotr Mlocek Date: Sun, 15 Mar 2026 00:49:37 -0700 Subject: [PATCH 3/6] ci(release): avoid python in GitLab trigger steps --- .github/workflows/branch-checks.yml | 13 +++---------- .github/workflows/release-dev.yml | 13 +++---------- .github/workflows/release-tag.yml | 13 +++---------- 3 files changed, 9 insertions(+), 30 deletions(-) diff --git a/.github/workflows/branch-checks.yml b/.github/workflows/branch-checks.yml index 51dc2de3..699d9e80 100644 --- a/.github/workflows/branch-checks.yml +++ b/.github/workflows/branch-checks.yml @@ -124,13 +124,6 @@ jobs: -F "variables[RELEASE_KIND]=dev" \ -F "variables[WHEEL_FILENAMES]=${WHEEL_FILENAMES}" \ "${GITLAB_CI_TRIGGER_URL}") - RESPONSE_JSON="$response" python - <<'PY' - import json - import os - - response = json.loads(os.environ["RESPONSE_JSON"]) - print( - f"Triggered GitLab pipeline {response['id']} " - f"with status={response['status']}" - ) - PY + pipeline_id=$(printf '%s' "$response" | sed -n 's/.*"id":\([0-9][0-9]*\).*/\1/p') + pipeline_status=$(printf '%s' "$response" | sed -n 's/.*"status":"\([^"]*\)".*/\1/p') + echo "Triggered GitLab pipeline ${pipeline_id:-unknown} with status=${pipeline_status:-unknown}" diff --git a/.github/workflows/release-dev.yml b/.github/workflows/release-dev.yml index e6ebe568..98b116b4 100644 --- a/.github/workflows/release-dev.yml +++ b/.github/workflows/release-dev.yml @@ -507,13 +507,6 @@ jobs: -F "variables[RELEASE_KIND]=dev" \ -F "variables[WHEEL_FILENAMES]=${WHEEL_FILENAMES}" \ "${GITLAB_CI_TRIGGER_URL}") - RESPONSE_JSON="$response" python - <<'PY' - import json - import os - - response = json.loads(os.environ["RESPONSE_JSON"]) - print( - f"Triggered GitLab pipeline {response['id']} " - f"with status={response['status']}" - ) - PY + pipeline_id=$(printf '%s' "$response" | sed -n 's/.*"id":\([0-9][0-9]*\).*/\1/p') + pipeline_status=$(printf '%s' "$response" | sed -n 's/.*"status":"\([^"]*\)".*/\1/p') + echo "Triggered GitLab pipeline ${pipeline_id:-unknown} with status=${pipeline_status:-unknown}" diff --git a/.github/workflows/release-tag.yml b/.github/workflows/release-tag.yml index 3e7538f5..d62d3a30 100644 --- a/.github/workflows/release-tag.yml +++ b/.github/workflows/release-tag.yml @@ -532,13 +532,6 @@ jobs: -F "variables[RELEASE_KIND]=stable" \ -F "variables[WHEEL_FILENAMES]=${WHEEL_FILENAMES}" \ "${GITLAB_CI_TRIGGER_URL}") - RESPONSE_JSON="$response" python - <<'PY' - import json - import os - - response = json.loads(os.environ["RESPONSE_JSON"]) - print( - f"Triggered GitLab pipeline {response['id']} " - f"with status={response['status']}" - ) - PY + pipeline_id=$(printf '%s' "$response" | sed -n 's/.*"id":\([0-9][0-9]*\).*/\1/p') + pipeline_status=$(printf '%s' "$response" | sed -n 's/.*"status":"\([^"]*\)".*/\1/p') + echo "Triggered GitLab pipeline ${pipeline_id:-unknown} with status=${pipeline_status:-unknown}" From 478b1dea76a93baae56530f9643145e21d9956f9 Mon Sep 17 00:00:00 2001 From: Piotr Mlocek Date: Sun, 15 Mar 2026 00:51:56 -0700 Subject: [PATCH 4/6] ci(release): pass GitHub SHA to GitLab trigger --- .github/workflows/branch-checks.yml | 1 + .github/workflows/release-dev.yml | 1 + .github/workflows/release-tag.yml | 1 + 3 files changed, 3 insertions(+) diff --git a/.github/workflows/branch-checks.yml b/.github/workflows/branch-checks.yml index 699d9e80..605177b7 100644 --- a/.github/workflows/branch-checks.yml +++ b/.github/workflows/branch-checks.yml @@ -119,6 +119,7 @@ jobs: -F "ref=feat/ci-trigger-pipeline" \ -F "variables[PIPELINE_ACTION]=publish_wheels" \ -F "variables[GITHUB_REPOSITORY]=${GITHUB_REPOSITORY}" \ + -F "variables[GITHUB_SHA]=${GITHUB_SHA}" \ -F "variables[RELEASE_TAG]=devel" \ -F "variables[RELEASE_VERSION]=branch-check-pr-${{ github.event.pull_request.number }}" \ -F "variables[RELEASE_KIND]=dev" \ diff --git a/.github/workflows/release-dev.yml b/.github/workflows/release-dev.yml index 98b116b4..c1879572 100644 --- a/.github/workflows/release-dev.yml +++ b/.github/workflows/release-dev.yml @@ -502,6 +502,7 @@ jobs: -F "ref=main" \ -F "variables[PIPELINE_ACTION]=publish_wheels" \ -F "variables[GITHUB_REPOSITORY]=${GITHUB_REPOSITORY}" \ + -F "variables[GITHUB_SHA]=${GITHUB_SHA}" \ -F "variables[RELEASE_TAG]=devel" \ -F "variables[RELEASE_VERSION]=${RELEASE_VERSION}" \ -F "variables[RELEASE_KIND]=dev" \ diff --git a/.github/workflows/release-tag.yml b/.github/workflows/release-tag.yml index d62d3a30..be38bd5d 100644 --- a/.github/workflows/release-tag.yml +++ b/.github/workflows/release-tag.yml @@ -527,6 +527,7 @@ jobs: -F "ref=main" \ -F "variables[PIPELINE_ACTION]=publish_wheels" \ -F "variables[GITHUB_REPOSITORY]=${GITHUB_REPOSITORY}" \ + -F "variables[GITHUB_SHA]=${GITHUB_SHA}" \ -F "variables[RELEASE_TAG]=${RELEASE_TAG}" \ -F "variables[RELEASE_VERSION]=${RELEASE_VERSION}" \ -F "variables[RELEASE_KIND]=stable" \ From 643347f90d5e2fb3585b2fb5b53c90905856a22d Mon Sep 17 00:00:00 2001 From: Piotr Mlocek Date: Sun, 15 Mar 2026 00:52:40 -0700 Subject: [PATCH 5/6] ci(release): rename trigger sha variable --- .github/workflows/branch-checks.yml | 2 +- .github/workflows/release-dev.yml | 2 +- .github/workflows/release-tag.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/branch-checks.yml b/.github/workflows/branch-checks.yml index 605177b7..0cec70d1 100644 --- a/.github/workflows/branch-checks.yml +++ b/.github/workflows/branch-checks.yml @@ -119,7 +119,7 @@ jobs: -F "ref=feat/ci-trigger-pipeline" \ -F "variables[PIPELINE_ACTION]=publish_wheels" \ -F "variables[GITHUB_REPOSITORY]=${GITHUB_REPOSITORY}" \ - -F "variables[GITHUB_SHA]=${GITHUB_SHA}" \ + -F "variables[COMMIT_SHA]=${GITHUB_SHA}" \ -F "variables[RELEASE_TAG]=devel" \ -F "variables[RELEASE_VERSION]=branch-check-pr-${{ github.event.pull_request.number }}" \ -F "variables[RELEASE_KIND]=dev" \ diff --git a/.github/workflows/release-dev.yml b/.github/workflows/release-dev.yml index c1879572..eccb2eda 100644 --- a/.github/workflows/release-dev.yml +++ b/.github/workflows/release-dev.yml @@ -502,7 +502,7 @@ jobs: -F "ref=main" \ -F "variables[PIPELINE_ACTION]=publish_wheels" \ -F "variables[GITHUB_REPOSITORY]=${GITHUB_REPOSITORY}" \ - -F "variables[GITHUB_SHA]=${GITHUB_SHA}" \ + -F "variables[COMMIT_SHA]=${GITHUB_SHA}" \ -F "variables[RELEASE_TAG]=devel" \ -F "variables[RELEASE_VERSION]=${RELEASE_VERSION}" \ -F "variables[RELEASE_KIND]=dev" \ diff --git a/.github/workflows/release-tag.yml b/.github/workflows/release-tag.yml index be38bd5d..1b745463 100644 --- a/.github/workflows/release-tag.yml +++ b/.github/workflows/release-tag.yml @@ -527,7 +527,7 @@ jobs: -F "ref=main" \ -F "variables[PIPELINE_ACTION]=publish_wheels" \ -F "variables[GITHUB_REPOSITORY]=${GITHUB_REPOSITORY}" \ - -F "variables[GITHUB_SHA]=${GITHUB_SHA}" \ + -F "variables[COMMIT_SHA]=${GITHUB_SHA}" \ -F "variables[RELEASE_TAG]=${RELEASE_TAG}" \ -F "variables[RELEASE_VERSION]=${RELEASE_VERSION}" \ -F "variables[RELEASE_KIND]=stable" \ From 3fe927b48e7d4c0c6fd7960f5fd4326979f238f7 Mon Sep 17 00:00:00 2001 From: Piotr Mlocek Date: Sun, 15 Mar 2026 00:54:55 -0700 Subject: [PATCH 6/6] ci(branch): remove temporary GitLab smoke test --- .github/workflows/branch-checks.yml | 31 ----------------------------- 1 file changed, 31 deletions(-) diff --git a/.github/workflows/branch-checks.yml b/.github/workflows/branch-checks.yml index 0cec70d1..6972ecb3 100644 --- a/.github/workflows/branch-checks.yml +++ b/.github/workflows/branch-checks.yml @@ -97,34 +97,3 @@ jobs: - name: Test run: mise run test:python - - internal-wheel-publish-smoke: - name: Internal Wheel Publish Smoke - if: ${{ github.event.pull_request.head.repo.fork == false }} - runs-on: [self-hosted, nv] - timeout-minutes: 10 - steps: - - name: Trigger GitLab CI - env: - GITLAB_CI_TRIGGER_TOKEN: ${{ secrets.GITLAB_CI_TRIGGER_TOKEN }} - GITLAB_CI_TRIGGER_URL: ${{ secrets.GITLAB_CI_TRIGGER_URL }} - WHEEL_FILENAMES: openshell-branch-check-py3-none-any.whl,openshell-branch-check-manylinux_x86_64.whl - run: | - set -euo pipefail - response=$(curl -X POST \ - --fail \ - --silent \ - --show-error \ - -F "token=${GITLAB_CI_TRIGGER_TOKEN}" \ - -F "ref=feat/ci-trigger-pipeline" \ - -F "variables[PIPELINE_ACTION]=publish_wheels" \ - -F "variables[GITHUB_REPOSITORY]=${GITHUB_REPOSITORY}" \ - -F "variables[COMMIT_SHA]=${GITHUB_SHA}" \ - -F "variables[RELEASE_TAG]=devel" \ - -F "variables[RELEASE_VERSION]=branch-check-pr-${{ github.event.pull_request.number }}" \ - -F "variables[RELEASE_KIND]=dev" \ - -F "variables[WHEEL_FILENAMES]=${WHEEL_FILENAMES}" \ - "${GITLAB_CI_TRIGGER_URL}") - pipeline_id=$(printf '%s' "$response" | sed -n 's/.*"id":\([0-9][0-9]*\).*/\1/p') - pipeline_status=$(printf '%s' "$response" | sed -n 's/.*"status":"\([^"]*\)".*/\1/p') - echo "Triggered GitLab pipeline ${pipeline_id:-unknown} with status=${pipeline_status:-unknown}"