From 4587fdb398a0ca8c1e3366ac3bc6d4fd936408bb Mon Sep 17 00:00:00 2001 From: jross Date: Wed, 10 Jun 2026 16:23:15 -0600 Subject: [PATCH 1/2] ci: sync uv.lock in forward-merge PRs after release version bump release-please bumps the project version in pyproject.toml when cutting releases on production and hotfix/v* branches, but never updates uv.lock, which records the editable ocotilloapi package version. tests.yml runs `uv sync --locked`, so every back-merge and hotfix forward-merge PR failed CI until someone manually ran `uv lock` (see 27751110 for PR #714). - back-merge-to-staging: after the manifest sync, install uv, run `uv lock`, and commit the lockfile to the merge branch if it changed. - forward-merge-to-production: the PR head is the hotfix branch itself, so check out the hotfix branch explicitly, run `uv lock`, and push a sync commit directly to it before opening the PR. Plain push (not force) so an out-of-date checkout fails loudly. Both steps are idempotent: lockfile already in sync -> no commit, no push. Existing-PR checks and --force-with-lease behavior unchanged. Co-Authored-By: Claude Fable 5 --- .github/workflows/forward-merge.yml | 48 +++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/.github/workflows/forward-merge.yml b/.github/workflows/forward-merge.yml index 9567229a..0d0b0490 100644 --- a/.github/workflows/forward-merge.yml +++ b/.github/workflows/forward-merge.yml @@ -97,6 +97,25 @@ jobs: git commit -m "chore: sync staging release-please manifest to ${TAG}" fi + # release-please bumps the project version in pyproject.toml but never + # touches uv.lock, which records the editable ocotilloapi version. + # tests.yml runs `uv sync --locked`, so the back-merge PR fails CI until + # the lockfile is re-locked (see commit 27751110). Idempotent: no + # lockfile change -> no commit. + - name: Install uv + uses: astral-sh/setup-uv@v8.2.0 + with: + enable-cache: true + cache-dependency-glob: uv.lock + + - name: Sync uv.lock to released version + run: | + uv lock + if ! git diff --quiet -- uv.lock; then + git add uv.lock + git commit -m "chore: sync uv.lock to released version ${TAG#v}" + fi + # Retry-safe: skip if a PR is already open for this merge; force-with-lease # handles a branch left behind by a previous partial run. - name: Push branch and open PR @@ -131,6 +150,35 @@ jobs: SOURCE: ${{ inputs.source_branch }} steps: - uses: actions/checkout@v6.0.3 + with: + ref: ${{ inputs.source_branch }} + token: ${{ secrets.FORWARD_MERGE_TOKEN || github.token }} + + - name: Set up git user + run: | + git config user.name "github-actions[bot]" + git config user.email "41898282+github-actions[bot]@users.noreply.github.com" + + # The PR head is the hotfix branch itself, so the lockfile sync commit + # (release-please bumped pyproject.toml but not uv.lock; tests run + # `uv sync --locked`) is pushed directly to the hotfix branch before the + # PR is opened. Idempotent: lockfile already in sync -> no commit, no + # push. Plain push (not force) so an out-of-date checkout fails loudly + # instead of clobbering newer hotfix commits. + - name: Install uv + uses: astral-sh/setup-uv@v8.2.0 + with: + enable-cache: true + cache-dependency-glob: uv.lock + + - name: Sync uv.lock to released version + run: | + uv lock + if ! git diff --quiet -- uv.lock; then + git add uv.lock + git commit -m "chore: sync uv.lock to released version ${TAG#v}" + git push origin "HEAD:${SOURCE}" + fi # Retry-safe: skip if a PR is already open from this hotfix branch. - name: Open PR hotfix -> production From 053ab9392156157240a7efea619f1a691cf42d51 Mon Sep 17 00:00:00 2001 From: Jake Ross Date: Thu, 11 Jun 2026 09:25:34 -0600 Subject: [PATCH 2/2] Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- .github/workflows/forward-merge.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/forward-merge.yml b/.github/workflows/forward-merge.yml index 0d0b0490..024e07c0 100644 --- a/.github/workflows/forward-merge.yml +++ b/.github/workflows/forward-merge.yml @@ -151,9 +151,9 @@ jobs: steps: - uses: actions/checkout@v6.0.3 with: + fetch-depth: 0 ref: ${{ inputs.source_branch }} token: ${{ secrets.FORWARD_MERGE_TOKEN || github.token }} - - name: Set up git user run: | git config user.name "github-actions[bot]"