VARASYS/ZDDC - Forgejo: Beyond coding. We forge.

VARASYS/ZDDC

Fork 0

Commit graph

Author	SHA1	Message	Date
ZDDC	b8192c5d7a	fix(ci): chart-bump uses the SHA baked into the embed (not git HEAD) ./build beta runs locally at HEAD=N, generates embed/*.html with build-label SHA=N, then the operator commits the generated bytes as commit N+1. After push, git HEAD on the runner = N+1 but the served website's BUILD_LABEL still encodes N (it's baked into the HTML at build time, before the commit). Previously the bump script computed BETA_VERSION using `git rev-parse --short HEAD` = N+1, so the chart's appVersion (and the dev image's tag, and the kubelet's pull) said N+1 while the served label said N. Two SHAs for the same bytes — confusing when triaging "is this image actually the latest?". Read the SHA from zddc/internal/apps/embedded/versions.txt instead (third pipe-delimited field of any line). That's the single source of truth for what bytes were baked, and it lines up with what users see in every tool's header. Manually re-bumped chart develop after committing this script: appVersion: 0.0.16-beta-9a3e4d8 → 0.0.16-beta-8df0def	2026-05-04 07:49:17 -05:00
ZDDC	a7faeed8fb	refactor(ci): extract chart-bump logic to .forgejo/scripts/ Both notify-chart-dev.yml and the notify-chart-prod job in deploy-release.yml were carrying ~80 lines of inline shell each, duplicating the clone-bump-push flow. Extract to a single script: .forgejo/scripts/notify-chart-bump.sh <beta\|stable> [VERSION] Three benefits: 1. Locally testable. The script is invocable directly: CHART_FORGEJO_TOKEN=$FORGEJO_TOKEN \ .forgejo/scripts/notify-chart-bump.sh beta No more "push to main and watch what the runner does" debug loop. 2. Manual escape hatch. When CI is broken, the same script is how we recover. The 0.0.16-beta-1ddd331 chart bump preceding this commit was performed via this very script. 3. Runner-quirk-immune. The previous three commits chased a Forgejo runner v12.9.0 phantom-SIGPIPE bug that would only surface under the runner's `bash -e -o pipefail {0}` wrapper. A real script with its own `#!/usr/bin/env bash` and explicit error handling sidesteps the wrapper entirely. The workflow YAMLs shrink to checkout + run-script. No GITHUB_OUTPUT plumbing, no inline if/else gates, no shell flag overrides. The behavior is identical to the prior inline versions.	2026-05-04 07:49:16 -05:00

Author

SHA1

Message

Date

ZDDC

b8192c5d7a

fix(ci): chart-bump uses the SHA baked into the embed (not git HEAD)

./build beta runs locally at HEAD=N, generates embed/*.html with
build-label SHA=N, then the operator commits the generated bytes
as commit N+1. After push, git HEAD on the runner = N+1 but the
served website's BUILD_LABEL still encodes N (it's baked into the
HTML at build time, before the commit).

Previously the bump script computed BETA_VERSION using
`git rev-parse --short HEAD` = N+1, so the chart's appVersion
(and the dev image's tag, and the kubelet's pull) said N+1 while
the served label said N. Two SHAs for the same bytes — confusing
when triaging "is this image actually the latest?".

Read the SHA from zddc/internal/apps/embedded/versions.txt instead
(third pipe-delimited field of any line). That's the single source
of truth for what bytes were baked, and it lines up with what users
see in every tool's header.

Manually re-bumped chart develop after committing this script:
  appVersion: 0.0.16-beta-9a3e4d8 → 0.0.16-beta-8df0def

2026-05-04 07:49:17 -05:00

ZDDC

a7faeed8fb

refactor(ci): extract chart-bump logic to .forgejo/scripts/

Both notify-chart-dev.yml and the notify-chart-prod job in
deploy-release.yml were carrying ~80 lines of inline shell each,
duplicating the clone-bump-push flow. Extract to a single script:

  .forgejo/scripts/notify-chart-bump.sh <beta|stable> [VERSION]

Three benefits:

1. **Locally testable**. The script is invocable directly:
     CHART_FORGEJO_TOKEN=$FORGEJO_TOKEN \
       .forgejo/scripts/notify-chart-bump.sh beta
   No more "push to main and watch what the runner does" debug loop.

2. **Manual escape hatch**. When CI is broken, the same script is
   how we recover. The 0.0.16-beta-1ddd331 chart bump preceding
   this commit was performed via this very script.

3. **Runner-quirk-immune**. The previous three commits chased a
   Forgejo runner v12.9.0 phantom-SIGPIPE bug that would only
   surface under the runner's `bash -e -o pipefail {0}` wrapper.
   A real script with its own `#!/usr/bin/env bash` and explicit
   error handling sidesteps the wrapper entirely.

The workflow YAMLs shrink to checkout + run-script. No GITHUB_OUTPUT
plumbing, no inline if/else gates, no shell flag overrides. The
behavior is identical to the prior inline versions.

2026-05-04 07:49:16 -05:00

2 commits