chore(ci): run full E2E suites in tag-staging workflow#261
Conversation
Unify E2E verification logic used by release-gate and tag-staging into a single reusable workflow (verify-e2e.yml). This ensures both workflows use the same robust checks (polling, run_executed_tests, fallback range search) instead of tag-staging having a weaker version. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Entire-Checkpoint: ee51045241e7
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review infoConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro 📒 Files selected for processing (2)
🚧 Files skipped from review as they are similar to previous changes (2)
WalkthroughRestructures the tag-staging workflow into separate jobs: Changes
Sequence Diagram(s)sequenceDiagram
autonumber
participant User as Release Operator
participant GH as GitHub Actions
participant Validator as Validate Tag Job
participant WebE2E as Web E2E (reusable)
participant DesktopE2E as Desktop E2E (reusable)
participant Stager as Create Staging Tag Job
participant Deployer as Deploy Job
User->>GH: trigger tag-staging workflow (with release_tag)
GH->>Validator: run Validate Release Tag
Validator-->>GH: validation result
GH->>WebE2E: invoke e2e.yml with ref
GH->>DesktopE2E: invoke e2e-desktop.yml with ref
WebE2E-->>GH: e2e result
DesktopE2E-->>GH: e2e result
GH->>Stager: run Create Staging Tag (needs web-e2e, desktop-e2e)
Stager-->>GH: outputs.staging_tag
GH->>Deployer: run deploy (uses staging_tag)
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Possibly related PRs
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/workflows/tag-staging.yml:
- Around line 31-33: The script currently assigns SHA using git rev-parse on the
tag itself and later creates the staging tag from ${RELEASE_TAG}, which yields a
tag-object SHA and mismatches Actions headSha; change the rev-parse to return
the peeled commit (e.g., use git rev-parse "refs/tags/${RELEASE_TAG}^{}" or git
rev-parse --verify "refs/tags/${RELEASE_TAG}^{commit}") to set SHA to the commit
SHA, and then use that resolved SHA variable when creating the staging tag
instead of the literal ${RELEASE_TAG} so verify-e2e and tag creation use the
same commit SHA.
In @.github/workflows/verify-e2e.yml:
- Around line 94-97: The gh run list invocation that sets E2E_CONCLUSION (and
the similar invocations for e2e-desktop.yml) uses a fixed --limit which can miss
older commits; update the lookup to either (preferred) use the Actions API / gh
run list filtering by head_sha (headSha) to directly select runs for COMMIT_SHA,
or implement pagination (looping gh run list with page tokens) until the run
with headSha == COMMIT_SHA is found; modify the commands that compute
E2E_CONCLUSION (and the desktop equivalents) to stop relying on --limit and
instead query/filter by head_sha or paginate and then evaluate the returned
.conclusion for the matched headSha.
- Around line 27-40: The PREV_TAG selection (variable PREV_TAG) currently picks
the latest global non-staging tag which can cause a self-diff when
inputs.commit_sha is a release tag; change the selection to choose the most
recent non-staging tag that is reachable before (relative to) the provided
commit SHA (inputs.commit_sha) so the workflow diffs the previous release, not
the tag itself. Locate the PREV_TAG assignment and replace its git tag listing
to filter/sort tags relative to the commit SHA (e.g., list tags merged/ancestors
of the commit or otherwise scoped by the commit) and then grep -v 'staging' and
pick head -1; keep the existing handling when no PREV_TAG is found and preserve
the rest of the logic that writes prev_tag and desktop outputs.
ℹ️ Review info
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (3)
.github/workflows/release-gate.yml.github/workflows/tag-staging.yml.github/workflows/verify-e2e.yml
Instead of verifying previous E2E runs passed, tag-staging now calls the actual e2e.yml and e2e-desktop.yml workflows directly. Both run in parallel at the release tag ref before the staging tag is created. - Add workflow_call trigger with optional ref input to e2e.yml and e2e-desktop.yml so they can be called as reusable workflows - Replace tag-staging's inline verification with direct calls to both E2E workflows - Revert release-gate.yml to its original inline form (no need for a separate reusable workflow when only one caller exists) - Remove verify-e2e.yml (superseded by this approach) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Entire-Checkpoint: 8e8faf6e56bf
There was a problem hiding this comment.
Pull request overview
Refactors the staging tagging workflow to run full web + desktop E2E suites at the chosen release tag by converting the existing E2E workflows into reusable workflows callable from tag-staging.
Changes:
- Added
workflow_call+ optionalrefinput toe2e.ymlande2e-desktop.yml. - Updated
tag-staging.ymlto invoke both reusable E2E workflows (in parallel) before creating the staging RC tag. - Split staging tagging into validation → E2E → tag creation → deploy steps.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| .github/workflows/tag-staging.yml | Runs web + desktop E2E via reusable workflows before creating/pushing the staging RC tag. |
| .github/workflows/e2e.yml | Adds workflow_call support and attempts to parameterize checkout ref. |
| .github/workflows/e2e-desktop.yml | Adds workflow_call support and attempts to parameterize checkout ref for desktop E2E. |
You can also share your feedback on Copilot code review. Take the survey.
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
.github/workflows/tag-staging.yml (1)
46-59:⚠️ Potential issue | 🔴 CriticalUse peeled commit SHA for staging tag creation (annotated tags).
This remains risky for annotated tags: creating the staging tag from
${RELEASE_TAG}can reference tag-object semantics instead of an explicitly peeled commit SHA. Resolve once, then tag from that commit SHA.🔧 Suggested fix
jobs: + resolve-sha: + name: Resolve Release Commit SHA + needs: validate-tag + runs-on: ubuntu-latest + outputs: + commit_sha: ${{ steps.resolve.outputs.commit_sha }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - id: resolve + env: + RELEASE_TAG: ${{ inputs.release_tag }} + run: | + SHA=$(git rev-list -n 1 "refs/tags/${RELEASE_TAG}") + echo "commit_sha=${SHA}" >> "$GITHUB_OUTPUT" + tag-staging: @@ - needs: [web-e2e, desktop-e2e] + needs: [web-e2e, desktop-e2e, resolve-sha] @@ - name: Create and push staging tag env: STAGING_TAG: ${{ steps.rc.outputs.staging_tag }} - RELEASE_TAG: ${{ inputs.release_tag }} + COMMIT_SHA: ${{ needs.resolve-sha.outputs.commit_sha }} run: | - git tag "${STAGING_TAG}" "${RELEASE_TAG}" + git tag "${STAGING_TAG}" "${COMMIT_SHA}" git push origin "${STAGING_TAG}"#!/bin/bash set -euo pipefail tmpdir="$(mktemp -d)" trap 'rm -rf "$tmpdir"' EXIT cd "$tmpdir" git init -q git config user.email "ci@example.com" git config user.name "ci" echo "x" > f.txt git add f.txt git commit -qm "init" commit_sha="$(git rev-parse HEAD)" git tag -a v1.0.0 -m "annotated" tag_obj_sha="$(git rev-parse refs/tags/v1.0.0)" peeled_sha="$(git rev-list -n 1 refs/tags/v1.0.0)" echo "commit_sha=$commit_sha" echo "tag_obj_sha=$tag_obj_sha" echo "peeled_sha=$peeled_sha" echo "tag_obj_equals_commit=$([ "$tag_obj_sha" = "$commit_sha" ] && echo yes || echo no)" echo "peeled_equals_commit=$([ "$peeled_sha" = "$commit_sha" ] && echo yes || echo no)"🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/tag-staging.yml around lines 46 - 59, The staging tag creation should use the peeled commit SHA of the source tag instead of the tag object; update the job so the step that produces staging_tag (steps.rc) resolves the release tag to its peeled commit (e.g., use git rev-parse "${RELEASE_TAG}^{ }" or git rev-list -n1 "${RELEASE_TAG}" to obtain the commit SHA) and then create the new tag from that commit SHA, ensuring outputs.staging_tag is set from the resolved commit SHA rather than the raw tag ref.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/workflows/e2e-desktop.yml:
- Around line 7-12: Update the e2e-desktop job's if condition to allow execution
when the workflow is invoked as a reusable workflow by checking
github.event_name == 'workflow_call' (in addition to the existing
paths-filter/changes output checks); locate the e2e-desktop job and modify its
if expression to include an OR clause like github.event_name == 'workflow_call'
|| <existing condition> so the job won't be skipped when github.event.before is
undefined. Ensure you reference the e2e-desktop job name and use
github.event_name and the existing steps.changes.outputs/... values in the
updated conditional.
---
Duplicate comments:
In @.github/workflows/tag-staging.yml:
- Around line 46-59: The staging tag creation should use the peeled commit SHA
of the source tag instead of the tag object; update the job so the step that
produces staging_tag (steps.rc) resolves the release tag to its peeled commit
(e.g., use git rev-parse "${RELEASE_TAG}^{ }" or git rev-list -n1
"${RELEASE_TAG}" to obtain the commit SHA) and then create the new tag from that
commit SHA, ensuring outputs.staging_tag is set from the resolved commit SHA
rather than the raw tag ref.
ℹ️ Review info
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (3)
.github/workflows/e2e-desktop.yml.github/workflows/e2e.yml.github/workflows/tag-staging.yml
- Use github.sha as ref fallback instead of empty string in e2e.yml and e2e-desktop.yml checkout steps - Change e2e-desktop.yml change detection to only run on push events (more explicit than excluding workflow_dispatch) - Update e2e-desktop job condition to run for all non-push events (covers both workflow_dispatch and workflow_call callers) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Entire-Checkpoint: 5296a75e2f2b
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #261 +/- ##
==========================================
+ Coverage 46.31% 46.68% +0.37%
==========================================
Files 106 106
Lines 8266 8255 -11
Branches 591 594 +3
==========================================
+ Hits 3828 3854 +26
+ Misses 4271 4233 -38
- Partials 167 168 +1
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
Summary
workflow_calltrigger with optionalrefinput toe2e.ymlande2e-desktop.ymlso they can be called as reusable workflowstag-staging.yml's weak inline E2E verification (which only checked if previous runs passed) with direct calls to both E2E workflows, running the full test suites at the release tag refTest plan
e2e.ymlande2e-desktop.ymlstill trigger normally on push to maintag-stagingmanually and verify both E2E suites run at the release tag ref🤖 Generated with Claude Code
Summary by CodeRabbit