Conversation
Releases must not push a git tag until the target registry is actually serving the artifact, and reruns must converge instead of leaving half-published state behind. Today cargo search is the availability oracle (rate-limited, laggy, and --limit 1 returns a relevance-ranked hit rather than an exact match), the foreign-SDK matrix pushes tags with no wait gate at all, and create-git-tag's early-skip silently accepts a pre-existing tag at the wrong commit. A new wait-for-crate composite queries the crates.io sparse index directly (CDN-fronted, unrate-limited, authoritative as of cargo publish return) and is reused at max_attempts=1 as the rust/post-merge idempotency pre-check so reruns skip already-published crates cleanly. A new wait-for-url composite gates every foreign-SDK tag step on HTTP 200 from its registry (PyPI, npm, Maven Central with ~25 min propagation budget, NuGet); Go stays tag-only. create-git-tag's early-skip now peels the remote ref and compares against the requested commit, so a wrong-target tag is a hard failure with recovery commands inline. The tag input regex now accepts semver build metadata. Plus smaller tightenings: env: indirection on every run block in rust/post-merge; dry_run kept there as a deprecated short- circuiting input so forks pinning by SHA do not silently start real-publishing; check-tags queries the remote; and _publish_rust_crates.yml requires non-empty inputs.commit instead of bypassing master-ancestry via a github.sha fallback.
spetz
approved these changes
Apr 14, 2026
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #3124 +/- ##
============================================
+ Coverage 72.73% 72.75% +0.01%
Complexity 943 943
============================================
Files 1117 1117
Lines 96368 96368
Branches 73543 73561 +18
============================================
+ Hits 70095 70112 +17
+ Misses 23724 23684 -40
- Partials 2549 2572 +23
🚀 New features to boost your workflow:
|
numinnex
approved these changes
Apr 14, 2026
krishvishal
approved these changes
Apr 14, 2026
hubcio
added a commit
that referenced
this pull request
Apr 14, 2026
Follow-up to #3124 plus review-round fixes on the release chain. Narrow cargo publish continue-on-error to the "already uploaded" class; capture stderr to a tempfile instead of a process-sub tee that raced the classifier. Make `commit` required in the rust publish reusable workflow and re-verify master-ancestry so direct workflow_call callers cannot bypass the check. Bring wait-for-crate curl up to wait-for-url parity and switch to `jq -Rr 'fromjson?'` so malformed NDJSON survives pipefail. Fail-fast on wrong-target tags; render them distinctly and keep rendering under skip_tag_creation=true, gating only exit 1. Cache cargo metadata once per job via \$GITHUB_ENV so the four post-merge composite Validate steps reuse it. Consolidate the pre-release vocabulary behind \`extract-version.sh --is-pre-release\` so post-merge.yml and publish.yml no longer diverge on \`.devN\` / bare \`rcN\`. Retune the idempotency pre-check to initial_sleep=1 and rewrite the two-layer wait comment with correct budgets (~8 min inner, ~28 min outer). Includes the Maven \`continue-on-error\` carve-out on publish.yml's Central wait step, rationale documented in-tree above the step.
spetz
pushed a commit
that referenced
this pull request
Apr 14, 2026
Follow-up to #3124 plus review-round fixes on the release chain. Narrow cargo publish continue-on-error to the "already uploaded" class; capture stderr to a tempfile instead of a process-sub tee that raced the classifier. Make `commit` required in the rust publish reusable workflow and re-verify master-ancestry so direct workflow_call callers cannot bypass the check. Bring wait-for-crate curl up to wait-for-url parity and switch to `jq -Rr 'fromjson?'` so malformed NDJSON survives pipefail. Fail-fast on wrong-target tags; render them distinctly and keep rendering under skip_tag_creation=true, gating only exit 1. Cache cargo metadata once per job via \$GITHUB_ENV so the four post-merge composite Validate steps reuse it. Consolidate the pre-release vocabulary behind \`extract-version.sh --is-pre-release\` so post-merge.yml and publish.yml no longer diverge on \`.devN\` / bare \`rcN\`. Retune the idempotency pre-check to initial_sleep=1 and rewrite the two-layer wait comment with correct budgets (~8 min inner, ~28 min outer). Includes the Maven \`continue-on-error\` carve-out on publish.yml's Central wait step, rationale documented in-tree above the step.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Releases must not push a git tag until the target registry is
actually serving the artifact, and reruns must converge instead
of leaving half-published state behind. Today cargo search is
the availability oracle (rate-limited, laggy, and --limit 1
returns a relevance-ranked hit rather than an exact match),
the foreign-SDK matrix pushes tags with no wait gate at all,
and create-git-tag's early-skip silently accepts a pre-existing
tag at the wrong commit.
A new wait-for-crate composite queries the crates.io sparse
index directly (CDN-fronted, unrate-limited, authoritative as
of cargo publish return) and is reused at max_attempts=1 as
the rust/post-merge idempotency pre-check so reruns skip
already-published crates cleanly. A new wait-for-url composite
gates every foreign-SDK tag step on HTTP 200 from its registry
(PyPI, npm, Maven Central with ~25 min propagation budget,
NuGet); Go stays tag-only. create-git-tag's early-skip now
peels the remote ref and compares against the requested commit,
so a wrong-target tag is a hard failure with recovery commands
inline. The tag input regex now accepts semver build metadata.
Plus smaller tightenings: env: indirection on every run block
in rust/post-merge; dry_run kept there as a deprecated short-
circuiting input so forks pinning by SHA do not silently start
real-publishing; check-tags queries the remote; and
_publish_rust_crates.yml requires non-empty inputs.commit
instead of bypassing master-ancestry via a github.sha fallback.