fix(ci): key per-job SHA256SUMS by os and arch
The runtime-release matrix builds linux+darwin × amd64+arm64, but each job wrote its checksum to SHA256SUMS-<arch> (arch only). The linux/<arch> and darwin/<arch> jobs therefore emitted the same filename, which clobbered each other under the publish job's `merge-multiple: true` download. The merged SHA256SUMS ended up with only 2 of the 4 platforms, so consumers of the missing tarballs (notably xworkmate-bridge-linux-arm64.tar.gz) failed with "missing checksum" — breaking the console offline arm64 package build. Name the per-job file SHA256SUMS-<os>-<arch> so all four are unique and the merged SHA256SUMS lists every published tarball. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Haitao Pan
parent
9a8dd2dfe1
commit
b8f4ed6102
8
.github/workflows/runtime-release.yml
vendored
8
.github/workflows/runtime-release.yml
vendored
@ -62,7 +62,13 @@ jobs:
|
|||||||
-C dist/runtime xworkmate-bridge
|
-C dist/runtime xworkmate-bridge
|
||||||
(
|
(
|
||||||
cd dist/assets
|
cd dist/assets
|
||||||
sha256sum -- ./*.tar.gz | sed 's# \./# #' > "SHA256SUMS-${TARGET_ARCH}"
|
# Name the per-job checksum file by OS *and* ARCH. Keying on ARCH
|
||||||
|
# alone makes the linux/darwin jobs of the same arch both emit
|
||||||
|
# SHA256SUMS-<arch>, which then clobber each other under the
|
||||||
|
# publish job's merge-multiple download — leaving SHA256SUMS with
|
||||||
|
# only 2 of the 4 platforms and breaking arm64 (and darwin-amd64)
|
||||||
|
# consumers with "missing checksum".
|
||||||
|
sha256sum -- ./*.tar.gz | sed 's# \./# #' > "SHA256SUMS-${TARGET_OS}-${TARGET_ARCH}"
|
||||||
)
|
)
|
||||||
|
|
||||||
- uses: actions/upload-artifact@v4
|
- uses: actions/upload-artifact@v4
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user