Skip to content

[codex] Prepare registry-stack v0.8.4 beta-10#192

Merged
jeremi merged 3 commits into
mainfrom
codex/prepare-registry-stack-v0.8.4
Jul 4, 2026
Merged

[codex] Prepare registry-stack v0.8.4 beta-10#192
jeremi merged 3 commits into
mainfrom
codex/prepare-registry-stack-v0.8.4

Conversation

@jeremi

@jeremi jeremi commented Jul 4, 2026

Copy link
Copy Markdown
Member

Summary

  • prepares registry-stack v0.8.4 / registry-stack-beta-10 as the next beta release candidate
  • bumps workspace/package/doc references and adds release/notes/v0.8.4.md
  • adds release/manifests/registry-stack-beta-10.yaml and marks beta-8/beta-9 release candidates as released
  • fixes release-gate issues found during prep: OpenFn sidecar Docker context, duplicate notary credential IDs, monorepo Python client discovery, and OpenCRVS DCI credential handling/auto-skip behavior

Verification

  • release/scripts/registry-release validate release/manifests/registry-stack-beta-10.yaml
  • release/scripts/registry-release validate release/manifests/registry-stack-beta-8.yaml
  • release/scripts/registry-release validate release/manifests/registry-stack-beta-9.yaml
  • release/scripts/registry-release audit release/manifests/import-map-2026-06-24.yaml
  • release/scripts/registry-release classify-warning hosted-publication-held
  • cargo metadata --format-version 1
  • cargo metadata --locked --format-version 1
  • cargo test --locked -p registry-platform-authcommon -p registry-manifest-core -p registry-notary-server -p registry-relay -p registryctl
  • bash -n lab/scripts/release-check.sh
  • bash -n lab/scripts/smoke-opencrvs-dci.sh
  • python3 -m py_compile lab/scripts/smoke-notary-client.py
  • env -u OPENCRVS_DCI_BASE_URL -u OPENCRVS_DCI_CLIENT_ID -u OPENCRVS_DCI_CLIENT_SECRET -u OPENCRVS_DCI_NOTARY_PORT -u OPENCRVS_DEMO_SUBJECT_UIN lab/scripts/smoke-opencrvs-dci.sh (expected missing-credential failure path)
  • REGISTRY_LAB_RELEASE_SOURCE_MODE=monorepo lab/scripts/release-check.sh
  • duplicate auth credential ID scan over lab/demo notary configs
  • python3 -m unittest release/scripts/test_registry_release.py
  • python3 -m unittest lab/scripts/test_check_release_source_model.py
  • uv run --with pyarrow --with openpyxl --with pyyaml python -m unittest scripts/test_generate_fixtures.py from lab/
  • no em dash scan over the diff
  • git diff --check
  • cargo fmt --check
  • cargo check --locked --workspace --all-targets
  • npm --prefix docs/site install
  • npm --prefix docs/site run generate
  • npm --prefix docs/site run check

Notes

The legacy split-repo just ci-preflight helpers under crates/registry-relay and products/notary still fail after the monorepo migration because they copy only the subdirectory and then Cargo cannot inherit root workspace package metadata. I did not change those stale helpers in this release-prep branch; the active monorepo gates above passed.

After this PR merges, the finalize step must update the beta-10 manifest source_ref and the v0.8.4 archived docs refs from the prepare-candidate SHA to the actual merge SHA before tagging v0.8.4.

jeremi added 3 commits July 4, 2026 16:58
Signed-off-by: Jeremi Joslin <jeremi@joslin.fr>
Signed-off-by: Jeremi Joslin <jeremi@joslin.fr>
Signed-off-by: Jeremi Joslin <jeremi@joslin.fr>
@jeremi jeremi marked this pull request as ready for review July 4, 2026 10:23
@jeremi jeremi merged commit 085dc4f into main Jul 4, 2026
10 checks passed
@jeremi jeremi deleted the codex/prepare-registry-stack-v0.8.4 branch July 4, 2026 10:23

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 717aaeb0d7

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

release: beta-10
version: 0.8.4
source_repo: registrystack/registry-stack
source_ref: ebe613a7e712341884d10bf4e5c64e48b2591bad

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Point beta-10 source_ref at the v0.8.4 commit

The SHA here is this commit's parent (ebe613...), whose Cargo.toml still declares 0.8.3, while this manifest advertises 0.8.4 artifacts and release-candidate status. Any release audit or consumer resolving beta-10 from source_ref will land on the previous-version tree and miss the release prep files, so pin this to the actual v0.8.4 candidate/merge commit or keep it draft/HEAD until finalization.

Useful? React with 👍 / 👎.

products:
registry-stack:
version: v0.8.4
ref: ebe613a7e712341884d10bf4e5c64e48b2591bad

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Pin archived v0.8.4 docs to v0.8.4 sources

This archived docset is labeled v0.8.4, but the refs point at the pre-release parent (ebe613...), which still has the workspace and docs metadata at 0.8.3; the same SHA is repeated for the other RegistryStack products below. Archive generation uses these refs for product docs, so /v/0.8.4/ will pull stale product content/OpenAPI sources unless these refs are updated to the actual v0.8.4 release commit.

Useful? React with 👍 / 👎.

trap cleanup EXIT

has_opencrvs_dci_credentials() {
[[ -f "${demo_dir}/.env.local" ]] && return 0

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Check .env.local for actual OpenCRVS credentials

Treating any .env.local as credentials makes the new auto mode sticky after a one-off smoke run with credentials exported: smoke-opencrvs-dci.sh writes .env.local with derived tokens, hashes, port, and the discovered UIN, but it does not persist OPENCRVS_DCI_CLIENT_ID or OPENCRVS_DCI_CLIENT_SECRET. A later release-check.sh run without those exports will enter the smoke instead of auto-skipping and then fail on the missing credential variables, so this helper should verify those keys are present in .env.local rather than checking only file existence.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant