ci: disable npm publishing; skip apt-repo when GPG key unset#45
Merged
Conversation
- Disable the publish-npm job in the release workflow (if: false; original condition preserved in a comment for easy re-enable). - Gate the update-apt-repo job on vars.APT_SIGNING_KEY_ID so it skips cleanly when the GPG signing key/variable are not configured, instead of failing the Sign Release with GPG step with 'no valid OpenPGP data found'. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes the two failing jobs from the
v0.2.7release run. (goreleaserand the newmirror-to-s3job already succeeded.)publish-npminrelease.yml— the job is set toif: false; the original condition is preserved in a comment for easy re-enable.update-apt-repoonvars.APT_SIGNING_KEY_ID != ''so it skips cleanly when the GPG signing key/variable aren't configured, instead of failing the "Sign Release with GPG" step withno valid OpenPGP data found. OnceAPT_SIGNING_KEY(secret) +APT_SIGNING_KEY_ID(variable) are set, the job runs for real.Test Plan
v0.2.7tag → Release run showsgoreleaser✅,mirror-to-s3✅,publish-npmskipped; Apt Repository run skips (or runs, once the GPG key is configured).🤖 Generated with Claude Code