No Label
backport/v1.19
bug
depdendency
Chroma
dependency
Chi
dependency
F3
dependency
Gitea
dependency
Goth
dependency
Helm
dependency
Mermaid
dependency
minio-go
dependency
PDFobject
dependency
Runner
dependency
Woodpecker CI
dependency
XORM
Discussion
duplicate
enhancement/feature
forgejo/accessibility
forgejo/actions
forgejo/branding
forgejo/ci
forgejo/documentation
forgejo/federation
forgejo/internationalization
forgejo/privacy
forgejo/rebase
forgejo/release
forgejo/scaling
forgejo/security
forgejo/ui
issue
closed
issue
do-not-exist-yet
issue
open
OS
FreeBSD
OS
Gnu&Linux
OS
MacOS
OS
Windows
No Milestone
No Assignees
3 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: forgejo/forgejo#344
Loading…
Reference in New Issue
There is no content yet.
Delete Branch '%!s(<nil>)'
Deleting a branch is permanent. It CANNOT be undone. Continue?
The tag is no set to the right commit (
8e8037a64d), it should be at4e5be58493which is where it was copied from.The content of the files are correct: they are identical to those found in https://codeberg.org/forgejo-integration/forgejo/releases/tag/v1.18.3-1
The following releases show the same inconsistencies:
The SHA they must be set to are found in the integration repository:
The recommended action to fix past releases is to force push the tag with the SHA found in the integration organization.
The solution seems to be force pushing the tag to have the value it should have.
I tried to force push a tag on an existing release on the forgejo-integration repository and check if that fixes it
https://codeberg.org/forgejo-integration/forgejo/releases/tag/v200.0.0-3 currently is at
695f6f9ce0.And now the tag v200.0.0-3 is at
a055570b60and the files from the release can be downloaded. The same could be done for the release 1.18.3-1.The question is... how did that happen?
[RELEASE] inconsitent tag for 1.18.3-1to [CI] inconsitent tagging of releases 4 months agohttps://codeberg.org/forgejo/forgejo/src/commit/forgejo/releases/binaries-pull-push.sh is the script that copies the binary files from integration to forgejo
And when it does here the tag is implicitly set as a side effect of creating the release. I have no clue where and how it picks the commit to set the tag with. But it does pick one.
So the solution to this bug it to set the tag prior to uploading. It will not trigger any CI job because the experimental & the forgejo main repositories are not set to run on tags.
I'm pretty sure it's just using the current HEAD of the so-called "default" branch as defined in the branches settings. We should create the tag at the HEAD that we know was used to build the binaries before uploading the release.
Working theory at this point: if the API is required to create a release given a tag that does not exist, it will create one with the tip of the default branch. Creating the tag before uploading the release should fix the problem.
Does the tag actually get pushed to Codeberg before the release is created? It looks like the tags in forgejo-integration are correct, for the record.
No, the tag is not pushed, it is a bug in the release scripts.
I force pushed https://codeberg.org/forgejo/forgejo/releases/tag/v1.18.1-0 which is now at
dd1486af80as it should have been. I also updated the description of the issue with a detailed and hopefully exhaustive description of the problem and the recommended action. There also is a PR expecting review to fix the root cause.Before I proceed with force pushing the remaining tags, I'll wait for review.
@crystal @Gusted ?
There has been no observable negative side effect of force pushing the tag for v1.18.1-0 so I force pushed the others. The current situation is wrong anyway so I felt it was best to not wait for too long:
dd1486af801df08aab97480a0244917fa34500c94e5be58493I'm inclined to think this issue is information enough in case someone ran into the same problem before it was fixed. Or if someone wonders why the SHA of the tags moved.
If you think this should be more prominently advertised, please speak up.
Just to thank @crystal for discovering this bug
It has come to my attention (thanks to tomgus1 in the Forgejo Matrix Space, which everyone should join btw), that this issue caused Arch Linux to distribute defective Forgejo packages for a few weeks, which are now preventing users who took the upgrade to the latest (fixed) package from starting the service because they're technically downgrading. I suppose the next step is to get in touch with the Arch team so they can publicize the problem and propose solutions for their users.
Re-opening to work on how to properly communicate this problem and potential impact.
https://floss.social/@forgejo/109854218136296565
Compiled by @crystal
Associated blog post at forgejo/website#95
I merged the blog post as I thought it would be good to get it out before a large number of users start experiencing issues.
And with that the issue can now be closed. It is linked from the blog post which makes it easy to find.