more workflow fixes. update indigo, fix ensure crew logic on oauth · evan.jarrett.net/at-container-registry@270fe15

··· 1 - # Tangled Workflow: Release Credential Helper to Tangled.org 1 + # Tangled Workflow: Release Credential Helper 2 2 # 3 - # This workflow builds the docker-credential-atcr binary and publishes it 4 - # to Tangled.org for distribution via Homebrew. 3 + # This workflow builds cross-platform binaries for the credential helper. 4 + # Creates tarballs for curl/bash installation and provides instructions 5 + # for updating the Homebrew formula. 5 6 # 6 7 # Triggers on version tags (v*) pushed to the repository. 7 8 ··· 20 21 - gnutar # Required for creating tarballs 21 22 - gzip # Required for compressing tarballs 22 23 - coreutils # Required for sha256sum 23 - # - goat # TODO: Add goat CLI for uploading to Tangled (if available in nixpkgs) 24 24 25 25 environment: 26 26 CGO_ENABLED: "0" # Build static binaries ··· 52 52 53 53 - name: Build binaries with GoReleaser 54 54 command: | 55 - # Read version from previous step 56 55 VERSION=$(cat .version) 57 56 export VERSION 58 57 59 58 # Build for all platforms using GoReleaser 60 - # This creates artifacts in dist/ directory 61 59 goreleaser build --clean --snapshot --config .goreleaser.yaml 62 60 63 61 # List what was built ··· 83 81 if [ -d "credential-helper_darwin_amd64_v1" ]; then 84 82 tar czf "docker-credential-atcr_${VERSION_NO_V}_Darwin_x86_64.tar.gz" \ 85 83 -C credential-helper_darwin_amd64_v1 docker-credential-atcr 84 + echo "Created: docker-credential-atcr_${VERSION_NO_V}_Darwin_x86_64.tar.gz" 86 85 fi 87 86 88 87 # Darwin arm64 ··· 90 89 if [ -d "$dir" ]; then 91 90 tar czf "docker-credential-atcr_${VERSION_NO_V}_Darwin_arm64.tar.gz" \ 92 91 -C "$dir" docker-credential-atcr 92 + echo "Created: docker-credential-atcr_${VERSION_NO_V}_Darwin_arm64.tar.gz" 93 93 break 94 94 fi 95 95 done ··· 98 98 if [ -d "credential-helper_linux_amd64_v1" ]; then 99 99 tar czf "docker-credential-atcr_${VERSION_NO_V}_Linux_x86_64.tar.gz" \ 100 100 -C credential-helper_linux_amd64_v1 docker-credential-atcr 101 + echo "Created: docker-credential-atcr_${VERSION_NO_V}_Linux_x86_64.tar.gz" 101 102 fi 102 103 103 104 # Linux arm64 ··· 105 106 if [ -d "$dir" ]; then 106 107 tar czf "docker-credential-atcr_${VERSION_NO_V}_Linux_arm64.tar.gz" \ 107 108 -C "$dir" docker-credential-atcr 109 + echo "Created: docker-credential-atcr_${VERSION_NO_V}_Linux_arm64.tar.gz" 108 110 break 109 111 fi 110 112 done 111 113 112 - echo "Created tarballs:" 113 - ls -lh *.tar.gz 2>/dev/null || echo "No tarballs created" 114 + echo "" 115 + echo "Tarballs ready:" 116 + ls -lh *.tar.gz 2>/dev/null || echo "Warning: No tarballs created" 114 117 115 - - name: Upload to Tangled.org 118 + - name: Generate checksums 116 119 command: | 117 120 VERSION=$(cat .version) 118 121 VERSION_NO_V=${VERSION#v} 119 122 120 - # TODO: Authenticate with goat CLI 121 - # You'll need to set up credentials/tokens for goat 122 - # Example (adjust based on goat's actual auth mechanism): 123 - # goat login --pds https://your-pds.example.com --handle your.handle 123 + cd dist 124 124 125 - # TODO: Upload each artifact to Tangled.org 126 - # This creates sh.tangled.repo.artifact records in your ATProto PDS 127 - # Adjust these commands based on scripts/publish-artifact.sh pattern 128 - 129 - # Example structure (you'll need to fill in actual goat commands): 130 - # for artifact in dist/*.tar.gz; do 131 - # echo "Uploading $artifact..." 132 - # goat upload \ 133 - # --repo "at-container-registry" \ 134 - # --tag "$VERSION" \ 135 - # --file "$artifact" 136 - # done 137 - 138 - echo "TODO: Implement goat upload commands" 139 - echo "See scripts/publish-artifact.sh for reference" 140 125 echo "" 141 - echo "After uploading, you'll receive a TAG_HASH from Tangled." 142 - echo "Update Formula/docker-credential-atcr.rb with:" 143 - echo " VERSION = \"$VERSION_NO_V\"" 144 - echo " TAG_HASH = \"<hash-from-tangled>\"" 126 + echo "==========================================" 127 + echo "SHA256 Checksums" 128 + echo "==========================================" 145 129 echo "" 146 - echo "Then run: scripts/update-homebrew-formula.sh $VERSION_NO_V <tag-hash>" 130 + 131 + # Generate checksums file 132 + sha256sum docker-credential-atcr_${VERSION_NO_V}_*.tar.gz 2>/dev/null | tee checksums.txt || echo "No checksums generated" 147 133 148 - - name: Generate checksums for verification 134 + - name: Next steps 149 135 command: | 150 136 VERSION=$(cat .version) 151 - VERSION_NO_V=${VERSION#v} 152 137 153 - cd dist 154 - 155 - echo "SHA256 checksums for Homebrew formula:" 156 - echo "=======================================" 157 - 158 - for file in docker-credential-atcr_${VERSION_NO_V}_*.tar.gz; do 159 - if [ -f "$file" ]; then 160 - sha256sum "$file" 161 - fi 162 - done 163 - 138 + echo "" 139 + echo "==========================================" 140 + echo "Release $VERSION is ready!" 141 + echo "==========================================" 142 + echo "" 143 + echo "Distribution tarballs are in: dist/" 144 + echo "" 145 + echo "Next steps:" 146 + echo "" 147 + echo "1. Upload tarballs to your hosting/CDN (or GitHub releases)" 148 + echo "" 149 + echo "2. For Homebrew users, update the formula:" 150 + echo " ./scripts/update-homebrew-formula.sh $VERSION" 151 + echo " # Then update Formula/docker-credential-atcr.rb and push to homebrew-tap" 164 152 echo "" 165 - echo "Copy these checksums to Formula/docker-credential-atcr.rb" 153 + echo "3. For curl/bash installation, users can download directly:" 154 + echo " curl -L <your-cdn>/docker-credential-atcr_<version>_<os>_<arch>.tar.gz | tar xz" 155 + echo " sudo mv docker-credential-atcr /usr/local/bin/"

+4 -2

cmd/appview/serve.go

··· 320 320 } 321 321 // Register crew regardless of migration (outside the migration block) 322 322 // Run in background to avoid blocking OAuth callback if hold is offline 323 + // Use background context - don't inherit request context which gets canceled on response 323 324 slog.Debug("Attempting crew registration", "component", "appview/callback", "did", did, "hold_did", holdDID) 324 - go func(ctx context.Context, client *atproto.Client, refresher *oauth.Refresher, holdDID string) { 325 + go func(client *atproto.Client, refresher *oauth.Refresher, holdDID string) { 326 + ctx := context.Background() 325 327 storage.EnsureCrewMembership(ctx, client, refresher, holdDID) 326 - }(ctx, client, refresher, holdDID) 328 + }(client, refresher, holdDID) 327 329 328 330 } 329 331

+1 -1

go.mod

··· 4 4 5 5 require ( 6 6 github.com/aws/aws-sdk-go v1.55.5 7 - github.com/bluesky-social/indigo v0.0.0-20251021193747-543ab1124beb 7 + github.com/bluesky-social/indigo v0.0.0-20251031012455-0b4bd2478a61 8 8 github.com/distribution/distribution/v3 v3.0.0 9 9 github.com/distribution/reference v0.6.0 10 10 github.com/earthboundkid/versioninfo/v2 v2.24.1

+2 -2

go.sum

··· 20 20 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= 21 21 github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932 h1:mXoPYz/Ul5HYEDvkta6I8/rnYM5gSdSV2tJ6XbZuEtY= 22 22 github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932/go.mod h1:NOuUCSz6Q9T7+igc/hlvDOUdtWKryOrtFyIVABv/p7k= 23 - github.com/bluesky-social/indigo v0.0.0-20251021193747-543ab1124beb h1:zzyqB1W/itfdIA5cnOZ7IFCJ6QtqwOsXltmLunL4sHw= 24 - github.com/bluesky-social/indigo v0.0.0-20251021193747-543ab1124beb/go.mod h1:GuGAU33qKulpZCZNPcUeIQ4RW6KzNvOy7s8MSUXbAng= 23 + github.com/bluesky-social/indigo v0.0.0-20251031012455-0b4bd2478a61 h1:lU2NnyuvevVWtE35sb4xWBp1AQxa1Sv4XhexiWlrWng= 24 + github.com/bluesky-social/indigo v0.0.0-20251031012455-0b4bd2478a61/go.mod h1:GuGAU33qKulpZCZNPcUeIQ4RW6KzNvOy7s8MSUXbAng= 25 25 github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 h1:DDGfHa7BWjL4YnC6+E63dPcxHo2sUxDIu8g3QgEJdRY= 26 26 github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= 27 27 github.com/bshuster-repo/logrus-logstash-hook v1.0.0 h1:e+C0SB5R1pu//O4MQ3f9cFuPGoOVeF2fE4Og9otCc70=