Pulp Engine Document Rendering
Get started
Release v0.75.7

Release v0.75.7 — SDK publish workflow honesty

Date: 2026-04-23 Tag: v0.75.7

Summary

Workflow-only release. No runtime changes. Ships three fixes that make the SDK publish pipeline actually honest about what it does and doesn’t publish — v0.75.6 surfaced that the TypeScript workflow was reporting green while silently masking auth failures, and the Go workflow was failing on a stale build pattern the .NET workflow had already outgrown.

What shipped

1. publish-sdk-typescript.yml — stop masking publish errors

Before:

pnpm publish --no-git-checks --access public || {
  STATUS=$?
  if [ $STATUS -eq 1 ]; then
    echo "::warning::Publish returned non-zero — likely 'version already exists' (idempotent no-op). Continuing."
    exit 0
  fi
  exit $STATUS
}

The $STATUS -eq 1 branch matched EVERY pnpm publish failure: duplicate version (idempotent retry, exit 0 correct), empty NPM_TOKEN auth error (exit 0 wrong — nothing published), registry outage (exit 0 wrong), name collision (exit 0 wrong). Registry 404s on @pulp-engine/sdk + @pulp-engine/template-model confirmed that no v0.75.X TypeScript SDK ever reached npm despite every tag’s workflow reporting success.

After:

set +e
OUTPUT=$(pnpm publish --no-git-checks --access public 2>&1)
STATUS=$?
echo "$OUTPUT"
set -e
if [ $STATUS -ne 0 ]; then
  if echo "$OUTPUT" | grep -qE "cannot publish over (the )?previously published version|EPUBLISHCONFLICT"; then
    echo "::warning::<pkg> at this version is already on npm — treating as idempotent no-op."
    exit 0
  fi
  echo "::error::pnpm publish failed with exit $STATUS and the error was NOT a duplicate-version conflict."
  echo "::error::Common causes: NPM_TOKEN not set or lacks publish scope on @pulp-engine/*, npm registry outage, or package-name collision."
  exit $STATUS
fi

Exit 0 only on confirmed duplicate-version conflict. Applied to both publish steps (template-model first, sdk second).

2. publish-sdk-go.yml — build apps/api via turbo, skip Chromium warmup

v0.75.6’s Go SDK workflow failed at Start API in background (file mode, no creds) with ~80 TypeScript errors all of the form Cannot find module '@pulp-engine/template-model', because pnpm --filter @pulp-engine/api build doesn’t walk the workspace dep graph — it builds only apps/api, but apps/api imports from packages/* which had no dist/*.d.ts yet.

Switched to pnpm exec turbo run build --filter=@pulp-engine/api, which does walk the graph — same pattern the .NET workflow already uses. Also added SKIP_RENDERER_WARMUP=true + PREVIEW_ROUTES_ENABLED=false and switched the readiness poll from /health/ready to /health (the runner has no Chromium so warmup blocks /health/ready).

3. ci.yml — add workflow_dispatch trigger

v0.75.6’s initial retag cycle moved the tag to an intermediate commit that had never been the tip of a main-push. GitHub only fires push-event CI on the tip of a push, so CI never ran on the tag commit, and the Release workflow’s CI gate couldn’t pass. workflow_dispatch gives the release operator a recovery path: gh workflow run ci.yml --ref <sha> on any ref.

Operational status

After v0.75.7 dispatches complete:

  • ✅ GitHub Release v0.75.7 (always green, unchanged path)
  • ✅ Docker image on GHCR (always green, unchanged path)
  • @pulp-engine/sdk + @pulp-engine/template-model on npm — will now FAIL LOUDLY with a diagnostic message pointing at NPM_TOKEN. Operator must set the secret to unblock. First honest failure surfaces here.
  • PulpEngine.Sdk on NuGet — unchanged: fails loudly on empty NUGET_API_KEY (operator-owned)
  • pulp-engine-go on the mirror repo — should publish for the first time (v0.75.6 build bug fixed)
  • pulp-engine on PyPI — unchanged: operator-blocked on trusted-publisher config at pypi.org

Verification

Local: node scripts/check-version.mjs + pnpm lint + pnpm typecheck all green on pre-tag commit.

The three workflow files have no local test harness — they will be exercised by the v0.75.7 tag push itself. Expected signals:

  • TS SDK workflow exits non-zero with the new diagnostic (confirms the fix works; operator unblocks by setting NPM_TOKEN)
  • Go SDK workflow passes the turbo run build step and proceeds to the Go smoke test
  • gh workflow run ci.yml --ref v0.75.7 is a valid command after this release (confirms dispatch trigger works)
← Back to releases