From c85b0f28660cefcc62ad306a26a7662eb18738cc Mon Sep 17 00:00:00 2001 From: Arvind Arikatla Date: Fri, 24 Apr 2026 18:51:34 -0700 Subject: [PATCH] ci: fix race condition in PyPI release artifact download --- .github/workflows/release.yml | 20 ++++++++++---------- .github/workflows/update-formula.yml | 16 +++++++++------- 2 files changed, 19 insertions(+), 17 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1a6f42f..b88a8ec 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -31,9 +31,11 @@ jobs: VERSION="${{ steps.meta.outputs.version }}" echo "Waiting for gemstack $VERSION on PyPI..." for i in $(seq 1 30); do - if curl -sf "https://pypi.org/pypi/gemstack/$VERSION/json" > /dev/null 2>&1; then - echo "✅ Package available on PyPI" - exit 0 + if curl -sf "https://pypi.org/pypi/gemstack/$VERSION/json" > pypi.json; then + if python3 -c "import sys,json; data=json.load(open('pypi.json')); sys.exit(0 if any(u['packagetype']=='sdist' for u in data.get('urls', [])) else 1)" 2>/dev/null; then + echo "✅ Package and sdist available on PyPI" + exit 0 + fi fi echo " Attempt $i/30 — waiting 10s..." sleep 10 @@ -45,16 +47,14 @@ jobs: run: | VERSION="${{ steps.meta.outputs.version }}" mkdir -p dist/ - # Fetch PyPI metadata once and extract both URLs - PYPI_JSON=$(curl -sf "https://pypi.org/pypi/gemstack/$VERSION/json") - if [ -z "$PYPI_JSON" ]; then + # Fetch PyPI metadata and extract both URLs + curl -sf "https://pypi.org/pypi/gemstack/$VERSION/json" > pypi.json + if [ ! -s pypi.json ]; then echo "::error::Failed to fetch PyPI metadata for gemstack $VERSION" exit 1 fi - WHEEL_URL=$(echo "$PYPI_JSON" \ - | python3 -c "import sys,json; urls=json.load(sys.stdin)['urls']; print(next(u['url'] for u in urls if u['packagetype']=='bdist_wheel'))") - SDIST_URL=$(echo "$PYPI_JSON" \ - | python3 -c "import sys,json; urls=json.load(sys.stdin)['urls']; print(next(u['url'] for u in urls if u['packagetype']=='sdist'))") + WHEEL_URL=$(python3 -c "import sys,json; urls=json.load(open('pypi.json'))['urls']; print(next(u['url'] for u in urls if u['packagetype']=='bdist_wheel'))") + SDIST_URL=$(python3 -c "import sys,json; urls=json.load(open('pypi.json'))['urls']; print(next(u['url'] for u in urls if u['packagetype']=='sdist'))") curl -fSL "$WHEEL_URL" -o "dist/gemstack-${VERSION}-py3-none-any.whl" curl -fSL "$SDIST_URL" -o "dist/gemstack-${VERSION}.tar.gz" ls -lh dist/ diff --git a/.github/workflows/update-formula.yml b/.github/workflows/update-formula.yml index 26717cd..490b29c 100644 --- a/.github/workflows/update-formula.yml +++ b/.github/workflows/update-formula.yml @@ -26,11 +26,13 @@ jobs: VERSION="${{ steps.version.outputs.version }}" echo "Waiting for gemstack $VERSION on PyPI..." for i in $(seq 1 30); do - if curl -sf "https://pypi.org/pypi/gemstack/$VERSION/json" > /dev/null 2>&1; then - echo "Package available on PyPI" - exit 0 + if curl -sf "https://pypi.org/pypi/gemstack/$VERSION/json" > pypi.json; then + if python3 -c "import sys,json; data=json.load(open('pypi.json')); sys.exit(0 if any(u['packagetype']=='sdist' for u in data.get('urls', [])) else 1)" 2>/dev/null; then + echo "✅ Package and sdist available on PyPI" + exit 0 + fi fi - echo "Attempt $i/30 — waiting 10s..." + echo " Attempt $i/30 — waiting 10s..." sleep 10 done echo "::error::Package not found on PyPI after 5 minutes" @@ -40,9 +42,9 @@ jobs: id: sha run: | VERSION="${{ steps.version.outputs.version }}" - # Fetch PyPI metadata once and reuse - PYPI_JSON=$(curl -sf "https://pypi.org/pypi/gemstack/$VERSION/json") - URL=$(echo "$PYPI_JSON" | python3 -c "import sys,json; urls=json.load(sys.stdin)['urls']; print(next(u['url'] for u in urls if u['packagetype']=='sdist'))") + # Fetch PyPI metadata + curl -sf "https://pypi.org/pypi/gemstack/$VERSION/json" > pypi.json + URL=$(python3 -c "import sys,json; urls=json.load(open('pypi.json'))['urls']; print(next(u['url'] for u in urls if u['packagetype']=='sdist'))") echo "Downloading $URL" curl -fSL "$URL" -o gemstack.tar.gz SHA256=$(sha256sum gemstack.tar.gz | cut -d' ' -f1)