From 4cbe14c44236e594287bfb994605ce682a6e514a Mon Sep 17 00:00:00 2001 From: Jon Langevin Date: Mon, 1 Jun 2026 01:07:03 -0400 Subject: [PATCH 1/2] ci: canonical registry notify (repo_dispatch_token, bare-name payload) Replaces the old notify-registry dispatch step (REGISTRY_PAT, full github.repository as plugin name, peter-evans/repository-dispatch@v3, guarded by continue-on-error) with a dedicated notify-workflow-registry job using the fleet-canonical shape: - token: secrets.repo_dispatch_token - client-payload plugin field: bare name "azure" (not github.repository) - pinned SHA peter-evans/repository-dispatch@28959ce... # v4 - if-guard: no deleted events, no pre-release tags, correct repo The old REGISTRY_PAT reference is removed entirely; the publish-GitHub- release github-script step is retained in its existing notify-registry job unchanged. Co-Authored-By: Claude Opus 4.8 (1M context) --- .github/workflows/release.yml | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0e6c2fb..9b39ecb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -82,18 +82,6 @@ jobs: needs: [release] runs-on: ubuntu-latest steps: - - name: Notify workflow-registry - if: env.GH_TOKEN != '' - uses: peter-evans/repository-dispatch@v3 - with: - token: ${{ secrets.REGISTRY_PAT }} - repository: GoCodeAlone/workflow-registry - event-type: plugin-release - client-payload: >- - {"plugin": "${{ github.repository }}", "tag": "${{ github.ref_name }}"} - env: - GH_TOKEN: ${{ secrets.REGISTRY_PAT }} - continue-on-error: true - name: Publish GitHub release uses: actions/github-script@v7 with: @@ -116,3 +104,23 @@ jobs: draft: false, }); } + + notify-workflow-registry: + name: Notify workflow-registry + runs-on: ubuntu-latest + permissions: + contents: read + needs: release + if: >- + !github.event.deleted + && !contains(github.ref_name, '-') + && github.repository == 'GoCodeAlone/workflow-plugin-azure' + steps: + - name: Trigger registry manifest sync + uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4 + with: + token: ${{ secrets.repo_dispatch_token }} + repository: GoCodeAlone/workflow-registry + event-type: plugin-release + client-payload: |- + {"plugin": "azure", "tag": "${{ github.ref_name }}"} From bdd30385ac93e002e4ec7f763dbcba43e4191cbc Mon Sep 17 00:00:00 2001 From: Jon Langevin Date: Mon, 1 Jun 2026 01:20:04 -0400 Subject: [PATCH 2/2] ci: rename leftover notify-registry job -> publish-release The job now only flips the release draft->non-draft; rename it for clarity and chain notify-workflow-registry after it (needs: publish-release), matching the rest of the fleet. No functional change to publishing. Co-Authored-By: Claude Opus 4.8 (1M context) --- .github/workflows/release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9b39ecb..c15ffdf 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -77,7 +77,7 @@ jobs: wfctl plugin validate-contract --for-publish --tag "${{ inputs.tag || github.ref_name }}" --release-dir . . fi - notify-registry: + publish-release: if: startsWith(github.ref, 'refs/tags/v') needs: [release] runs-on: ubuntu-latest @@ -110,7 +110,7 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - needs: release + needs: publish-release if: >- !github.event.deleted && !contains(github.ref_name, '-')