CyberCoveLLC/Triple-C
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 12 Wiki Activity

Compare commits

base: CyberCoveLLC:v0.3.12-mac
Branches Tags
CyberCoveLLC:main CyberCoveLLC:feature/docker-install-helper CyberCoveLLC:feature/stt
CyberCoveLLC:v0.3.14 CyberCoveLLC:v0.3.14-win CyberCoveLLC:v0.3.14-mac CyberCoveLLC:v0.3.13 CyberCoveLLC:v0.3.13-win CyberCoveLLC:v0.3.13-mac CyberCoveLLC:v0.3.12 CyberCoveLLC:v0.3.12-win CyberCoveLLC:v0.3.12-mac CyberCoveLLC:v0.3.11 CyberCoveLLC:v0.3.10-win CyberCoveLLC:v0.3.10-mac CyberCoveLLC:v0.3.4 CyberCoveLLC:v0.3.4-win CyberCoveLLC:v0.3.4-mac CyberCoveLLC:v0.3.143 CyberCoveLLC:v0.3.143-win CyberCoveLLC:v0.3.143-mac CyberCoveLLC:v0.2.101 CyberCoveLLC:v0.2.101-win CyberCoveLLC:v0.2.101-mac
...
compare: CyberCoveLLC:main
Branches Tags
CyberCoveLLC:main CyberCoveLLC:feature/docker-install-helper CyberCoveLLC:feature/stt
CyberCoveLLC:v0.3.14 CyberCoveLLC:v0.3.14-win CyberCoveLLC:v0.3.14-mac CyberCoveLLC:v0.3.13 CyberCoveLLC:v0.3.13-win CyberCoveLLC:v0.3.13-mac CyberCoveLLC:v0.3.12 CyberCoveLLC:v0.3.12-win CyberCoveLLC:v0.3.12-mac CyberCoveLLC:v0.3.11 CyberCoveLLC:v0.3.10-win CyberCoveLLC:v0.3.10-mac CyberCoveLLC:v0.3.4 CyberCoveLLC:v0.3.4-win CyberCoveLLC:v0.3.4-mac CyberCoveLLC:v0.3.143 CyberCoveLLC:v0.3.143-win CyberCoveLLC:v0.3.143-mac CyberCoveLLC:v0.2.101 CyberCoveLLC:v0.2.101-win CyberCoveLLC:v0.2.101-mac

2 Commits
v0.3.12-ma ... main

Author SHA1 Message Date
Josh Knapp
4588bdf40c Make macOS release upload idempotent across re-runs
All checks were successful
Build App / compute-version (push) Successful in 2s
Details
Build App / build-macos (push) Successful in 2m25s
Details
Build App / build-windows (push) Successful in 4m42s
Details
Build App / build-linux (push) Successful in 8m54s
Details
Build App / create-tag (push) Successful in 3s
Details
Build App / sync-to-github (push) Successful in 10s
Details 
Previous fix only addressed the network flake; a re-run after any
upload failure still tripped over the leftover release record. The
naive POST /releases got 409 from Gitea, the grep-pipe parser yielded
an empty RELEASE_ID, and pipefail aborted with an opaque exit 1.

Now:
- Look up the release by tag first; reuse on 200, create on 404, fail
  loudly on anything else.
- Validate RELEASE_ID is non-empty and surface the response body if
  parsing fails.
- Before uploading each asset, check whether the release already has
  an asset with that name (from a partial prior run) and DELETE it so
  the POST is replace-not-conflict.
- Set -euo pipefail explicitly so the script's failure modes are
  predictable rather than dependent on the runner's default flags.

Network hardening from the previous commit (HTTP/1.1, retries, -f) is
preserved. Linux and Windows blocks unchanged.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-01 18:13:25 -07:00
Josh Knapp
b607cf3681 Harden macOS release upload against curl exit 92
Some checks failed
Build App / compute-version (push) Successful in 3s
Details
Build App / build-windows (push) Successful in 4m5s
Details
Build App / build-linux (push) Successful in 9m53s
Details
Build App / build-macos (push) Failing after 2m30s
Details
Build App / create-tag (push) Has been skipped
Details
Build App / sync-to-github (push) Has been skipped
Details 
macOS upload has been intermittently failing with curl exit 92
("HTTP/2 stream not closed cleanly") for several releases (v0.3.12,
v0.3.10, v0.3.1 all landed with empty asset arrays despite the per-tag
release record being created). It is not a size issue — Linux uploads
the 81MB AppImage on the same Gitea instance without trouble while the
Mac dmg is only 13.6MB.

Adds `--http1.1` to sidestep HTTP/2 stream multiplexing flakes on the
macOS runner, `-f` so HTTP errors no longer fail silently under `-s`,
and `--retry 5 --retry-all-errors --retry-delay 5 --max-time 600` to
absorb transient drops. Linux and Windows blocks unchanged; an inline
note in the YAML calls out where to mirror this if those start
failing.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-01 17:28:08 -07:00
1 changed files with 59 additions and 8 deletions
Expand all files Collapse all files

61
.gitea/workflows/build-app.yml
View File

@@ -264,21 +264,72 @@ jobs:
env: env:
TOKEN: ${{ secrets.REGISTRY_TOKEN }} TOKEN: ${{ secrets.REGISTRY_TOKEN }}
run: | run: |
set -euo pipefail
TAG="v${{ needs.compute-version.outputs.version }}-mac" TAG="v${{ needs.compute-version.outputs.version }}-mac"
# Create release
curl -s -X POST \ # Idempotent get-or-create. macOS upload has historically failed
# mid-stream (curl exit 92, exit 28), leaving the release record
# with empty assets. A naive POST /releases on the next run hits
# 409 from Gitea for the duplicate tag, the JSON parse below
# then yields an empty RELEASE_ID, and pipefail aborts with an
# opaque exit 1. Look the release up by tag first; create only
# if it doesn't exist; reuse the existing id otherwise.
HTTP_CODE=$(curl -sS -o release.json -w '%{http_code}' \
-H "Authorization: token ${TOKEN}" \
"${GITEA_URL}/api/v1/repos/${REPO}/releases/tags/${TAG}")
case "${HTTP_CODE}" in
200)
echo "Release ${TAG} already exists, reusing"
;;
404)
echo "Release ${TAG} not found, creating"
curl -fsS -X POST \
-H "Authorization: token ${TOKEN}" \ -H "Authorization: token ${TOKEN}" \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-d "{\"tag_name\": \"${TAG}\", \"name\": \"Triple-C v${{ needs.compute-version.outputs.version }} (macOS)\", \"body\": \"Automated build from commit ${{ gitea.sha }}\"}" \ -d "{\"tag_name\": \"${TAG}\", \"name\": \"Triple-C v${{ needs.compute-version.outputs.version }} (macOS)\", \"body\": \"Automated build from commit ${{ gitea.sha }}\"}" \
"${GITEA_URL}/api/v1/repos/${REPO}/releases" > release.json "${GITEA_URL}/api/v1/repos/${REPO}/releases" > release.json
RELEASE_ID=$(cat release.json | grep -o '"id":[0-9]*' | head -1 | grep -o '[0-9]*') ;;
*)
echo "Unexpected HTTP ${HTTP_CODE} from get-release-by-tag" >&2
cat release.json >&2 || true
exit 1
;;
esac
RELEASE_ID=$(grep -o '"id":[0-9]*' release.json | head -1 | grep -o '[0-9]*' || true)
if [ -z "${RELEASE_ID}" ]; then
echo "Failed to parse release id; response was:" >&2
cat release.json >&2
exit 1
fi
echo "Release ID: ${RELEASE_ID}" echo "Release ID: ${RELEASE_ID}"
# Upload each artifact
# Upload each artifact. If an asset with the same name already
# exists on the release (left over from a partial prior run),
# delete it first so the upload is replace-not-conflict.
# Network hardening: HTTP/1.1 to dodge HTTP/2 stream flakes
# the macOS runner has hit, retries with backoff for transient
# drops, and -f so HTTP errors stop being silently swallowed.
for file in artifacts/*; do for file in artifacts/*; do
[ -f "$file" ] || continue [ -f "$file" ] || continue
filename=$(basename "$file") filename=$(basename "$file")
EXISTING_ID=$(curl -sS \
-H "Authorization: token ${TOKEN}" \
"${GITEA_URL}/api/v1/repos/${REPO}/releases/${RELEASE_ID}/assets" \
| python3 -c "import json,sys; t=sys.argv[1]; print(next((a['id'] for a in json.load(sys.stdin) if a.get('name')==t), ''))" "${filename}" || true)
if [ -n "${EXISTING_ID}" ]; then
echo "Deleting existing asset ${filename} (id ${EXISTING_ID})"
curl -fsS -X DELETE \
-H "Authorization: token ${TOKEN}" \
"${GITEA_URL}/api/v1/repos/${REPO}/releases/${RELEASE_ID}/assets/${EXISTING_ID}"
fi
echo "Uploading ${filename}..." echo "Uploading ${filename}..."
curl -s -X POST \ curl -fsS --http1.1 \
--retry 5 --retry-all-errors --retry-delay 5 \
--max-time 600 \
-X POST \
-H "Authorization: token ${TOKEN}" \ -H "Authorization: token ${TOKEN}" \
-H "Content-Type: application/octet-stream" \ -H "Content-Type: application/octet-stream" \
--data-binary "@${file}" \ --data-binary "@${file}" \