From efb142239db64aea0d36f95ab720f865717243b8 Mon Sep 17 00:00:00 2001 From: Bryan Van Deusen Date: Mon, 25 May 2026 23:32:58 -0400 Subject: [PATCH] =?UTF-8?q?fix(ext-ci):=20drop=20actions/upload-artifact?= =?UTF-8?q?=20(Forgejo=20Actions=20doesn't=20support=20v4+=20GHES)=20?= =?UTF-8?q?=E2=80=94=20build-web=20reads=20XPI=20directly=20from=20the=20e?= =?UTF-8?q?xt-=20Forgejo=20release=20asset=20=E2=80=94=20Co-Autho?= =?UTF-8?q?red-By:=20Claude=20Opus=204.7=20(1M=20context)=20?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .forgejo/workflows/build.yml | 51 ++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 28 deletions(-) diff --git a/.forgejo/workflows/build.yml b/.forgejo/workflows/build.yml index 838efcf..898419b 100644 --- a/.forgejo/workflows/build.yml +++ b/.forgejo/workflows/build.yml @@ -68,17 +68,11 @@ jobs: echo "No release named ext-$VERSION; will sign via AMO and upload" fi - - name: Download cached signed XPI (cache hit) - if: steps.cache.outputs.cached == 'true' - env: - TOKEN: ${{ secrets.RELEASE_TOKEN }} - run: | - set -eu - mkdir -p extension/web-ext-artifacts - curl -sL -H "Authorization: token $TOKEN" \ - -o "extension/web-ext-artifacts/fabledcurator-${{ steps.extver.outputs.version }}.xpi" \ - "https://git.fabledsword.com/api/v1/repos/bvandeusen/FabledCurator/releases/assets/${{ steps.cache.outputs.asset_id }}" - ls -la extension/web-ext-artifacts/ + # No "download cached XPI in sign-extension" step: build-web + # fetches directly from the Forgejo ext- release asset + # (removed 2026-05-26 alongside the actions/upload-artifact + # removal — sign-extension's job is just to ensure the cache + # exists on Forgejo; the build-web side reads it independently). - name: Sign via AMO (cache miss) if: steps.cache.outputs.cached != 'true' @@ -148,12 +142,11 @@ jobs: trap - EXIT echo "Uploaded fabledcurator-$VERSION.xpi to ext-$VERSION release" - - name: Upload XPI as Actions artifact (handoff to build-web) - uses: actions/upload-artifact@v4 - with: - name: signed-extension - path: extension/web-ext-artifacts/fabledcurator-*.xpi - retention-days: 1 + # No actions/upload-artifact step: Forgejo Actions (and our + # act_runner) doesn't support upload-artifact@v4+ (GHES limitation + # surfaced 2026-05-26). Instead build-web reads the signed XPI + # straight from the ext- Forgejo release we just uploaded + # to. Same source of truth; no double-store. build-web: needs: [sign-extension] @@ -165,22 +158,24 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Download signed extension (main only) - if: github.ref == 'refs/heads/main' - uses: actions/download-artifact@v4 - with: - name: signed-extension - path: extension/web-ext-artifacts/ - - - name: Place signed XPI in build context (main only) + - name: Download signed XPI from Forgejo release asset (main only) if: github.ref == 'refs/heads/main' + env: + TOKEN: ${{ secrets.RELEASE_TOKEN }} run: | set -eux VERSION=$(grep -E '"version"' extension/package.json | head -1 | sed -E 's/.*"version"[[:space:]]*:[[:space:]]*"([^"]+)".*/\1/') - XPI=$(ls extension/web-ext-artifacts/*.xpi | head -1) + # Look up the ext- release + its .xpi asset id. + curl -sf -H "Authorization: token $TOKEN" \ + "https://git.fabledsword.com/api/v1/repos/bvandeusen/FabledCurator/releases/tags/ext-$VERSION" \ + -o release.json + ASSET_ID=$(python3 -c "import json; r=json.load(open('release.json')); xpis=[a for a in r.get('assets', []) if a.get('name','').endswith('.xpi')]; print(xpis[0]['id'])") + test -n "$ASSET_ID" mkdir -p frontend/public/extension - cp "$XPI" "frontend/public/extension/fabledcurator-$VERSION.xpi" - cp "$XPI" "frontend/public/extension/fabledcurator-latest.xpi" + DEST="frontend/public/extension/fabledcurator-$VERSION.xpi" + curl -sL -H "Authorization: token $TOKEN" -o "$DEST" \ + "https://git.fabledsword.com/api/v1/repos/bvandeusen/FabledCurator/releases/assets/$ASSET_ID" + cp "$DEST" "frontend/public/extension/fabledcurator-latest.xpi" ls -la frontend/public/extension/ - name: Determine tag