Make Scoop digest helper fetch raw attachment bodies #1431

Closed
opened 2026-07-15 12:34:20 +00:00 by coilyco-ops · 2 comments
Member

Problem

PR #1429 closed #1420, but the post-merge release run still fails in bump-scoop-manifest with release asset metadata JSON where the Scoop job needs the raw 64-hex .sha256 body.

Run evidence:

run 8547 (#2266) failure release.yml push release "Make Scoop release digest helper return raw sidecar body (#1429)"
job bump-scoop-manifest
::error::sidecar digest '{"id":4316,"name":"ward-windows-amd64.exe.sha256","size":65,"download_count":0,"created_at":"2026-07-15T12:32:23Z","uuid":"c2a3d796-517a-44be-86b7-cfdfeacb2061","browser_download_url":"https://forgejo.coilysiren.me/attachments/c2a3d796-517a-44be-86b7-cfdfeacb2061","type":"attachment"}' is not a 64-hex sha256; refusing to write manifest
Job bump-scoop-manifest failed

PR #1429 added a metadata fallback in scripts/forgejo-release-asset.sh, but release still receives metadata JSON for the sidecar digest. The failing asset has size:65, which suggests the raw attachment body may be the desired digest plus newline, but the current job path still returns the Forgejo attachment metadata envelope.

This is a missed acceptance follow-up for #1420 / #1412. The release path still does not prove that bump-scoop-manifest reads raw .sha256 bodies after the #1416 checkout fix.

Acceptance

  • Make bump-scoop-manifest read the raw 64-hex .sha256 body for both Windows sidecar assets in the actual release job after #1429.
  • Preserve #1414 best-effort behavior for missing Scoop token / bucket push side effects.
  • Add or update contract coverage so the helper catches the current failure mode where the fallback URL still yields attachment metadata JSON instead of the digest.
  • Confirm release.yml succeeds for the current release branch SHA including bump-scoop-manifest, or leave exact blocker evidence if an external service prevents confirmation.

Related: #1420, #1429, #1412, #1416, run 8547 / #2266.

## Problem PR #1429 closed #1420, but the post-merge release run still fails in `bump-scoop-manifest` with release asset metadata JSON where the Scoop job needs the raw 64-hex `.sha256` body. Run evidence: ```text run 8547 (#2266) failure release.yml push release "Make Scoop release digest helper return raw sidecar body (#1429)" job bump-scoop-manifest ::error::sidecar digest '{"id":4316,"name":"ward-windows-amd64.exe.sha256","size":65,"download_count":0,"created_at":"2026-07-15T12:32:23Z","uuid":"c2a3d796-517a-44be-86b7-cfdfeacb2061","browser_download_url":"https://forgejo.coilysiren.me/attachments/c2a3d796-517a-44be-86b7-cfdfeacb2061","type":"attachment"}' is not a 64-hex sha256; refusing to write manifest Job bump-scoop-manifest failed ``` PR #1429 added a metadata fallback in `scripts/forgejo-release-asset.sh`, but release still receives metadata JSON for the sidecar digest. The failing asset has `size:65`, which suggests the raw attachment body may be the desired digest plus newline, but the current job path still returns the Forgejo attachment metadata envelope. This is a missed acceptance follow-up for #1420 / #1412. The release path still does not prove that `bump-scoop-manifest` reads raw `.sha256` bodies after the #1416 checkout fix. ## Acceptance - Make `bump-scoop-manifest` read the raw 64-hex `.sha256` body for both Windows sidecar assets in the actual release job after #1429. - Preserve #1414 best-effort behavior for missing Scoop token / bucket push side effects. - Add or update contract coverage so the helper catches the current failure mode where the fallback URL still yields attachment metadata JSON instead of the digest. - Confirm `release.yml` succeeds for the current release branch SHA including `bump-scoop-manifest`, or leave exact blocker evidence if an external service prevents confirmation. Related: #1420, #1429, #1412, #1416, run 8547 / #2266.
Author
Member

DISPATCH-DEFERRED: capacity blocked. Attempted warded engineer coilyco-flight-deck/ward#1431 --harness codex --workflow pull-request-and-merge at 2026-07-15T12:34Z from the director surface. Ward rejected the launch because coilyco-flight-deck/ward already has 3 active engineers at the repo limit. Broker evidence: repo engineer limit is reached for coilyco-flight-deck/ward: 3 active engineer(s) (limit 3). Dispatch log: /Users/kai/.ward/agent-logs/dispatch/20260715T123426Z-director-codex-jp85-coilyco-flight-deck-ward-1431.log. Retry this remaining release/Scoop digest blocker as soon as a slot opens.

DISPATCH-DEFERRED: capacity blocked. Attempted `warded engineer coilyco-flight-deck/ward#1431 --harness codex --workflow pull-request-and-merge` at 2026-07-15T12:34Z from the director surface. Ward rejected the launch because coilyco-flight-deck/ward already has 3 active engineers at the repo limit. Broker evidence: repo engineer limit is reached for coilyco-flight-deck/ward: 3 active engineer(s) (limit 3). Dispatch log: /Users/kai/.ward/agent-logs/dispatch/20260715T123426Z-director-codex-jp85-coilyco-flight-deck-ward-1431.log. Retry this remaining release/Scoop digest blocker as soon as a slot opens.
Author
Member

DUPLICATE/SUPERSEDED: #1430 was already filed and dispatched before this issue, and it is actively running as engineer-codex-ward-1430 for the same post-#1429 release failure (run 8547 / #2266). This issue kept the identical-label #1420 follow-up evidence, but the repair lane should continue through #1430 to avoid duplicate engineers.

DUPLICATE/SUPERSEDED: #1430 was already filed and dispatched before this issue, and it is actively running as `engineer-codex-ward-1430` for the same post-#1429 release failure (run 8547 / #2266). This issue kept the identical-label #1420 follow-up evidence, but the repair lane should continue through #1430 to avoid duplicate engineers.
Sign in to join this conversation.
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
coilyco-flight-deck/ward#1431
No description provided.