From 0185497c94665a7114045fbd5e9e6dbc5533230a Mon Sep 17 00:00:00 2001 From: plutoless Date: Mon, 29 Jun 2026 07:20:19 -0700 Subject: [PATCH] ci: disable npm publishing; skip apt-repo job when GPG key unset - Disable the publish-npm job in the release workflow (if: false; original condition preserved in a comment for easy re-enable). - Gate the update-apt-repo job on vars.APT_SIGNING_KEY_ID so it skips cleanly when the GPG signing key/variable are not configured, instead of failing the Sign Release with GPG step with 'no valid OpenPGP data found'. Co-Authored-By: Claude Opus 4.8 --- .github/workflows/apt-repo.yml | 5 ++++- .github/workflows/release.yml | 10 ++++++---- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/.github/workflows/apt-repo.yml b/.github/workflows/apt-repo.yml index 07144d8..cc6a83b 100644 --- a/.github/workflows/apt-repo.yml +++ b/.github/workflows/apt-repo.yml @@ -34,7 +34,10 @@ permissions: jobs: update-apt-repo: - if: startsWith(github.ref_name, 'v') + # Only run when the GPG signing key is configured. Without APT_SIGNING_KEY / + # APT_SIGNING_KEY_ID (the one-time setup documented above), the signing step + # fails with "no valid OpenPGP data found"; skip the job cleanly instead. + if: startsWith(github.ref_name, 'v') && vars.APT_SIGNING_KEY_ID != '' runs-on: ubuntu-latest steps: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 226671a..e4a4027 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -99,10 +99,12 @@ jobs: name: Publish npm packages # Run after goreleaser on tag pushes; on workflow_dispatch run independently in dry-run mode. needs: [goreleaser] - if: | - always() && - (github.event_name == 'workflow_dispatch' || - (github.event_name == 'push' && needs.goreleaser.result == 'success')) + # DISABLED: npm publishing is turned off. To re-enable, restore the condition: + # if: | + # always() && + # (github.event_name == 'workflow_dispatch' || + # (github.event_name == 'push' && needs.goreleaser.result == 'success')) + if: false runs-on: ubuntu-latest steps: