mirrors/at-container-registry
1
0
Fork 0
mirror of https://tangled.org/evan.jarrett.net/at-container-registry synced 2026-04-20 00:20:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

serialize goreleaser

Browse Source
This commit is contained in:
Evan Jarrett
2026-04-04 14:24:39 -05:00
parent 9bb5ae0e84
commit b54d33ccf8
1 changed files with 45 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
scripts/publish-artifact.sh
View File

@@ -1,10 +1,38 @@
#!/usr/bin/env bash
set -e
goat account login -u "${TANGLED_REPO_DID}" -p "${APP_PASSWORD}"
# Serialize across parallel invocations from goreleaser. goat stores its session
# in a single file (~/.local/state/goat/auth-session.json), so concurrent logins
# race on it, and the PDS gets slammed by simultaneous uploads.
exec 9>/tmp/atcr-publish-artifact.lock
flock 9
retry() {
local max=5 attempt=1
while true; do
if "$@"; then return 0; fi
[ $attempt -ge $max ] && { echo "giving up after $max attempts: $*" >&2; return 1; }
local sleep_s=$((attempt * 3))
echo "attempt $attempt failed; retrying in ${sleep_s}s..." >&2
sleep $sleep_s
attempt=$((attempt + 1))
done
}
retry goat account login -u "${TANGLED_REPO_DID}" -p "${APP_PASSWORD}"
TAG_HASH=$(git rev-parse "$TANGLED_REF_NAME")
TAG_BYTES=$(printf "$(printf '%s' "$TAG_HASH" | sed 's/../\\x&/g')" | base64 | tr -d '=')
BLOB_OUTPUT=$(goat blob upload "$ARTIFACT_PATH")
BLOB_OUTPUT=$(retry goat blob upload "$ARTIFACT_PATH")
echo "$BLOB_OUTPUT"
# Deterministic rkey from (tag, artifact name) makes record create idempotent.
# Needed because tangled's PDS returns HTTP 500 (not 409) on duplicate rkey,
# so a retry after a mid-write 500 would otherwise create a duplicate record.
RKEY=$(printf '%s|%s' "$TANGLED_REF_NAME" "$ARTIFACT_NAME" | sha256sum | cut -c1-24)
RECORD_URI="at://${TANGLED_REPO_DID}/sh.tangled.repo.artifact/${RKEY}"
CREATED_AT=$(date -Iseconds)
cat > temp_artifact.json <<EOF
{
@@ -17,6 +45,20 @@ cat > temp_artifact.json <<EOF
}
EOF
cat temp_artifact.json
goat record create temp_artifact.json -n
# Attempt create; on failure, check whether the record actually landed.
# Handles both transient 5xx and tangled's 500-on-duplicate-rkey behaviour.
for attempt in 1 2 3 4 5; do
if goat record create --rkey "$RKEY" temp_artifact.json -n; then
break
fi
if goat record get "$RECORD_URI" >/dev/null 2>&1; then
echo "record already exists at $RECORD_URI — treating as success"
break
fi
[ $attempt -eq 5 ] && { echo "record create failed and record does not exist" >&2; exit 1; }
sleep $((attempt * 3))
done
rm temp_artifact.json
sleep 2