Skip to content

fix(ci): use env, not secrets context, in beta-release if condition#748

Merged
netchampfaris merged 1 commit into
mainfrom
fix/beta-release-secrets-if
Jun 2, 2026
Merged

fix(ci): use env, not secrets context, in beta-release if condition#748
netchampfaris merged 1 commit into
mainfrom
fix/beta-release-secrets-if

Conversation

@netchampfaris
Copy link
Copy Markdown
Contributor

@netchampfaris netchampfaris commented Jun 2, 2026
edited by github-actions Bot
Loading

Problem

PR #718 (feat(editor): Editor molecule) was merged with the beta-release label, but no beta was published.

The Bump Beta Version workflow (beta-release.yml) failed at parse time on every push/merge to main — GitHub reports "This run likely failed because of a workflow file issue" and the run log is not found. No job ever ran, so the version was never bumped and publish.yml never published.

Root cause

- name: Require RELEASE_TOKEN
  if: ${{ secrets.RELEASE_TOKEN == '' }}   # ❌ secrets context not allowed in step if:

The secrets context is not available in step if: conditions (allowed contexts: github, needs, strategy, matrix, job, runner, env, vars, steps, inputs). This makes the workflow file invalid. The guard added in d721c92 to "fail loudly if RELEASE_TOKEN is missing" instead silently broke the whole pipeline.

package.json on main is still 1.0.0-beta.0, confirming the bump never ran.

Fix

Hoist the token to a job-level env var and test env.RELEASE_TOKEN (the standard pattern for gating on a secret's presence). One-line behavior change; the with: token: usage is untouched (secrets is valid in with).

Follow-up (not in this PR)

The fix only affects future labeled merges. #718's beta won't release retroactively — a manual bump/publish (or an empty beta-release-labeled PR) is needed to ship 1.0.0-beta.1 now.

🤖 Generated with Claude Code

Docs preview: https://ui.frappe.io/pr-preview/pr-748/

Coverage: 56.13% (±0.00% vs main)

@netchampfaris @claude
fix(ci): use env, not secrets context, in beta-release if condition
48dd6b6 
The `secrets` context is not available in step `if:` conditions, so
`if: ${{ secrets.RELEASE_TOKEN == '' }}` made beta-release.yml invalid.
GitHub failed every run at parse time ("workflow file issue"), so PR #718
(labeled `beta-release`) never bumped the version or published a beta.

Hoist RELEASE_TOKEN to a job-level env var and test `env.RELEASE_TOKEN`.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@barista-for-frappe
Copy link
Copy Markdown

barista-for-frappe Bot commented Jun 2, 2026
edited
Loading

Looks good — fixes the invalid beta-release.yml that failed at parse time.

  • .github/workflows/beta-release.yml:35 — correct fix. The secrets context genuinely isn't available in step if: conditions; hoisting to a job-level env and testing env.RELEASE_TOKEN is the standard presence-check pattern.
  • secrets is still valid in with: token: (line 43), so leaving that untouched is right.
  • No public API surface. The follow-up note (this only fixes future merges; feat(editor): Editor molecule #718's beta needs a manual bump) is the correct call-out.

barista · claude-opus-4-8 · 42 in / 2.1k out · 670k cached · 32s · $0.156

@netchampfaris netchampfaris merged commit 928274f into main Jun 2, 2026
7 of 8 checks passed
@netchampfaris netchampfaris deleted the fix/beta-release-secrets-if branch June 2, 2026 00:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@netchampfaris