fix(ci): use Craft action directly instead of reusable workflow#33
Conversation
Semver Impact of This PR🟢 Patch (bug fixes) 📋 Changelog PreviewThis is how your changes will appear in the changelog. Bug Fixes 🐛
🤖 This preview updates automatically when you update the PR. |
BYK
force-pushed
the
fix/use-craft-action-directly
branch
from
b3f4df6 to
45e237d
Compare
The reusable workflow has a bug where it runs Craft's internal build jobs for external callers. Using the action directly avoids this issue. Uses the release bot token for proper permissions, matching sentry-python.
BYK
force-pushed
the
fix/use-craft-action-directly
branch
from
45e237d to
d91a736
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
| env: | ||
| GITHUB_TOKEN: ${{ steps.token.outputs.token }} | ||
| with: | ||
| version: ${{ inputs.version }} |
There was a problem hiding this comment.
Missing version default could cause release failures
Medium Severity
The version input previously had default: 'auto', ensuring a valid value was always passed to the craft action. Now with required: false and no default, triggering the workflow without specifying a version passes an empty string to version: ${{ inputs.version }}. If the craft action doesn't treat empty string as equivalent to 'auto', the release could fail or behave unexpectedly. A fallback like ${{ inputs.version || 'auto' }} would preserve the previous behavior.
Additional Locations (1)
1 participant
Summary
The reusable Craft workflow has a bug where it runs Craft's internal build/test jobs for external callers (see getsentry/craft#727).
Use the
getsentry/craft@v2action directly instead, like sentry-python does.