Skip to content

ci(release): Switch from action-prepare-release to Craft #7631

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
BYK wants to merge 6 commits into
base: master
Choose a base branch
from
Open

ci(release): Switch from action-prepare-release to Craft #7631

BYK wants to merge 6 commits into from

Conversation

@BYK
Copy link
Member

@BYK BYK commented Jan 9, 2026

Summary

This PR migrates from the deprecated action-prepare-release to the new Craft GitHub Actions.

Changes

  • Migrated .github/workflows/release.yml to Craft reusable workflow
  • Updated .craft.yml with versioning.policy: calver

Documentation

See https://getsentry.github.io/craft/github-actions/ for more information.

@BYK
ci(release): Switch from action-prepare-release to Craft
662c17a 
This PR migrates from the deprecated action-prepare-release to the new
Craft GitHub Actions (reusable workflow or composite action).

Changes:
- Migrate .github/workflows/release.yml to Craft reusable workflow
- Update .craft.yml with versioning.policy: calver
@BYK BYK requested review from a team as code owners January 9, 2026 18:04
@github-actions
Copy link

github-actions bot commented Jan 9, 2026
edited
Loading

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

New Features ✨

  • (consumers) Send logs for tracing events at or above INFO by lcian in #7250
  • (eap) Gdpr export endpoint by xurui-c in #7586
  • (health) Allow clickhouse check bypass by onewland in #7600
  • Add metric that tracks "partitions left to optimize" by kylemumma in #7620

Build / dependencies / internal 🔧

Deps

  • Update rdkafka to 0.38 and librdkafka to 2.10.0 by Dav1dde in #7630
  • Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 by dependabot in #7608
  • Bump js-yaml from 3.14.1 to 3.14.2 in /snuba/admin by dependabot in #7544
  • Bump tracing-subscriber from 0.3.18 to 0.3.20 in /rust_snuba by dependabot in #7613
  • Bump actions/upload-artifact from 5 to 6 by dependabot in #7593
  • Bump actions/download-artifact from 6 to 7 by dependabot in #7594
  • Bump actions/cache from 4 to 5 by dependabot in #7595

Other

  • (deletes) Make error log a metric instead by MeredithAnya in #7627
  • (gocd) Bump gocd lib version to v2.18.0 by dmajere in #7617
  • (metrics) Don't write the histogram timing metrics by volokluev in #7616
  • (release) Switch from action-prepare-release to Craft by BYK in #7631
  • Upgrade to action-setup-venv 3.2.0 by joshuarli in #7607

Other

  • remove documentation from the rust test image by volokluev in #7633
  • upgrade datadog client by volokluev in #7554
  • debug(deletes): log out data so we can inspect allowlist not working by onewland in #7626
  • cleanup(ci): remove useless test and useless function by volokluev in #7618
  • cleanup(gocd): remove pipeline that deploys everything by onewland in #7587
  • deploy: add eap-items LW delete consumer to deploy list in non-STs by onewland in #7612
  • meta: Bump new development version in ddc2e223

🤖 This preview updates automatically when you update the PR.

BYK added 4 commits January 9, 2026 23:19
@BYK
ci(release): Restore GitHub App token authentication
ad52e83 
The previous migration incorrectly removed the GitHub App token
authentication step. This commit restores it by switching to the
composite action pattern which preserves the auth flow.
@BYK
fix: Pin actions to SHA and add permissions blocks
e8c2183
@BYK
fix: Use correct action version SHAs (restore original versions)
125c7d8
@BYK
fix: Use correct action version SHAs (restore original versions)
047c638
sentry[bot]
sentry bot reviewed Jan 10, 2026
View reviewed changes
.github/workflows/release.yml
Comment on lines 5 to 10
version:
description: Version to release (optional)
description: Version to release (or "auto")
required: false
force:
description: Force a release even when there are release-blockers (optional)
description: Force a release even when there are release-blockers
required: false
Copy link

@sentry sentry bot Jan 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: The scheduled release.yml workflow passes empty strings for version and force inputs because no defaults are set, which may cause the craft action to fail.
Severity: MEDIUM

🔍 Detailed Analysis

The release.yml workflow is configured to run on a schedule. Scheduled triggers in GitHub Actions do not provide any inputs. The version and force inputs in this workflow lack default values, causing them to be passed as empty strings to the getsentry/craft action. While the action might be designed to handle this scenario (e.g., by defaulting to an "auto" version), this is an implicit dependency. If the craft action does not correctly handle empty string inputs, the scheduled release workflow will fail.

💡 Suggested Fix

To make the workflow's behavior explicit and prevent potential failures, set default values for the version and force inputs. For example, set version to "auto" and force to "false" to ensure the scheduled run behaves predictably.

🤖 Prompt for AI Agent 
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: .github/workflows/release.yml#L5-L10

Potential issue: The `release.yml` workflow is configured to run on a schedule.
Scheduled triggers in GitHub Actions do not provide any inputs. The `version` and
`force` inputs in this workflow lack `default` values, causing them to be passed as
empty strings to the `getsentry/craft` action. While the action might be designed to
handle this scenario (e.g., by defaulting to an "auto" version), this is an implicit
dependency. If the `craft` action does not correctly handle empty string inputs, the
scheduled release workflow will fail.

Did we get this right? 👍 / 👎 to inform future reviews.
Reference ID: 8433115

sentry[bot]
sentry bot reviewed Jan 12, 2026
View reviewed changes
phacops
phacops requested changes Jan 12, 2026
View reviewed changes
.github/workflows/admin-sourcemaps.yml
NODE_VERSION: 20.8.1
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
Copy link
Contributor

@phacops phacops Jan 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't want to revert back to a single commit, this creates random dependabot PRs to update those regularly. I'd rather keep the tag.

Also, it seems unrelated to your PR to have to change all theses since you're focusing on action-prepare-release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@phacops phacops phacops requested changes

+1 more reviewer

@sentry sentry[bot] sentry[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@BYK @phacops