ci: cherry-pick release pipeline improvements#222
Merged
mohammeds1992 merged 6 commits intoaudit-fixesfrom May 6, 2026
Merged
Conversation
Mirrors release.yml for the puniversald binary. Triggers on tags matching puniversald/v* (independent from chain releases on v*) and supports manual dispatch. Builds linux/amd64, linux/arm64, and darwin/arm64 with Apple signing + notarization.
puniversald links libgodkls (via universalClient/tss/dkls) but the workspace-root cargo build skips the go-dkls crate. Mirror the Linux build by entering wrapper/go-dkls and adding the hd-migration path patch so the local garbling tree is used (no GitHub auth in cargo).
cd-ing into wrapper/go-dkls picks up a .cargo/config.toml that injects `-Wl,-soname=...` (Linux-only ld flag) into every link command — including build-script compiles — failing on macOS. Use `cargo build -p go-dkls --release` from dkls23-rs root so the wrapper config stays out of scope.
Drop the branch, commit_id, and compare_from inputs from both pchaind and puniversald release workflows. The dispatch form now shows just the version tag and pre-release toggle alongside the built-in 'Use workflow from' branch dropdown. Removed the resolve-ref steps (checkout uses github.ref by default) and dropped commit_id plumbing from the tag-creation step (tags HEAD of the dispatched branch). Changelog still auto-detects the prior tag.
Companion to the previous dispatch-UI simplification. Removed the COMMIT_REF plumbing but missed the git tag -a line that still referenced the now-undefined variable, breaking workflow_dispatch.
Each pchaind release now publishes a ready-to-paste JSON payload matching the format expected by `--upgrade-info` on a software-upgrade governance proposal. URLs are constructed from the actual release tag and the existing .sha256 companion files (single source of truth for checksums), covering linux/amd64, linux/arm64, and darwin/arm64.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Cherry-picks the 6 release-pipeline commits from PR #221 onto `audit-fixes`. No code changes from the originals — all applied cleanly with no conflicts.
Commits (chronological)
Net effect
Test plan