From cf6a119142e9fdeaca3f02fd5694c5b7893f5e44 Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Tue, 21 Apr 2026 20:24:18 +0300 Subject: [PATCH 1/3] Bundle CRD manifests as a release asset MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds a `thv-crds.tar.gz` tarball to each release containing the CRD YAML manifests from `deploy/charts/operator-crds/files/crds/`. Motivation: downstream consumers of the CRDs (notably stacklok/docs-website, which generates per-CRD reference pages) currently have to clone the entire toolhive repo at each release tag just to read these 13 manifests. Shipping them as a ~94KB tarball asset lets those consumers skip the clone and just `gh release download` like they already do for `thv-cli-docs.tar.gz` and `swagger.yaml`. Purely additive — no changes to existing release assets or workflows. Co-Authored-By: Claude Opus 4.7 (1M context) --- .github/workflows/releaser.yml | 5 +++++ .goreleaser.yaml | 1 + 2 files changed, 6 insertions(+) diff --git a/.github/workflows/releaser.yml b/.github/workflows/releaser.yml index d0e7015560..07337b20fb 100644 --- a/.github/workflows/releaser.yml +++ b/.github/workflows/releaser.yml @@ -145,6 +145,11 @@ jobs: mkdir -p build tar -czf build/thv-cli-docs.tar.gz -C docs/cli . + - name: Bundle CRD manifests + run: | + mkdir -p build + tar -czf build/thv-crds.tar.gz -C deploy/charts/operator-crds/files/crds . + - name: Remove existing release assets (allows re-runs) env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 6229397734..2df2460508 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -101,6 +101,7 @@ release: name: toolhive extra_files: - glob: build/thv-cli-docs.tar.gz + - glob: build/thv-crds.tar.gz - glob: docs/server/swagger.yaml - glob: docs/server/swagger.json - glob: docs/operator/crd-api.md From efaa2dfb7cd7b3228380ca9c204b7f667f660b4f Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Tue, 21 Apr 2026 20:31:58 +0300 Subject: [PATCH 2/3] Re-export toolhive-core schemas as release assets MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reads the toolhive-core version from go.mod at release time, downloads the four JSON schema files from that version of stacklok/toolhive-core, and ships them alongside toolhive's own release assets. Motivation: downstream consumers (notably stacklok/docs-website) currently have to replicate this logic: read go.mod, derive the core version, then fetch from a different repo's release. Re-exporting the schemas here makes toolhive's release self-contained — one `gh release download` call gets everything. Paired with https://github.com/stacklok/toolhive/pull/4982 (CRD manifests as release asset); together these eliminate the need for docs-website to clone toolhive or hit a second repo during its release-doc regeneration. Co-Authored-By: Claude Opus 4.7 (1M context) --- .github/workflows/releaser.yml | 24 ++++++++++++++++++++++++ .goreleaser.yaml | 4 ++++ 2 files changed, 28 insertions(+) diff --git a/.github/workflows/releaser.yml b/.github/workflows/releaser.yml index 07337b20fb..dd9da5e70b 100644 --- a/.github/workflows/releaser.yml +++ b/.github/workflows/releaser.yml @@ -150,6 +150,30 @@ jobs: mkdir -p build tar -czf build/thv-crds.tar.gz -C deploy/charts/operator-crds/files/crds . + - name: Download toolhive-core schemas at pinned version + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + # Resolve the toolhive-core version this release was built against + # (from go.mod, since we ship binaries compiled against that version). + # Re-exporting the schemas here lets downstream consumers (notably + # docs-website) skip the two-repo dance of deriving the version and + # fetching from a separate release. + mkdir -p build + CORE_VERSION=$(grep 'github.com/stacklok/toolhive-core' go.mod | awk '{print $2}' | head -1) + if [ -z "$CORE_VERSION" ]; then + echo "::error::Could not determine toolhive-core version from go.mod" + exit 1 + fi + echo "Using toolhive-core version: $CORE_VERSION" + gh release download "$CORE_VERSION" \ + --repo stacklok/toolhive-core \ + --pattern "toolhive-legacy-registry.schema.json" \ + --pattern "upstream-registry.schema.json" \ + --pattern "publisher-provided.schema.json" \ + --pattern "skill.schema.json" \ + --dir build/ + - name: Remove existing release assets (allows re-runs) env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 2df2460508..bbfbea5055 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -102,6 +102,10 @@ release: extra_files: - glob: build/thv-cli-docs.tar.gz - glob: build/thv-crds.tar.gz + - glob: build/toolhive-legacy-registry.schema.json + - glob: build/upstream-registry.schema.json + - glob: build/publisher-provided.schema.json + - glob: build/skill.schema.json - glob: docs/server/swagger.yaml - glob: docs/server/swagger.json - glob: docs/operator/crd-api.md From a85b118938a50b0f77372ff529febd735f0ad996 Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Tue, 21 Apr 2026 20:53:14 +0300 Subject: [PATCH 3/3] Retire the docs-website repository_dispatch chain MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit docs-website no longer consumes `repository_dispatch: published-release` events — its reference-doc regeneration now runs via a Renovate-driven pipeline that reads the new `thv-crds.tar.gz` and re-exported core schemas introduced earlier in this PR. See https://github.com/stacklok/docs-website/pull/748 for context. Changes: - Delete `.github/workflows/update-docs-website.yml` (the dispatch sender, called via workflow_call from `releaser.yml`). - Remove the `update-docs-website` job from `releaser.yml` along with its `extract-release-actor` dependency, which only existed to feed the dispatch's `assign_to` input. - Update `notify-release-failure`'s `needs:` list to drop the removed jobs. Follow-up for maintainers: the `DOCS_REPO_DISPATCH_TOKEN` repo secret can be retired — nothing references it after this change. Co-Authored-By: Claude Opus 4.7 (1M context) --- .github/workflows/releaser.yml | 40 ------------------ .github/workflows/update-docs-website.yml | 51 ----------------------- 2 files changed, 91 deletions(-) delete mode 100644 .github/workflows/update-docs-website.yml diff --git a/.github/workflows/releaser.yml b/.github/workflows/releaser.yml index dd9da5e70b..efe5fa0fb1 100644 --- a/.github/workflows/releaser.yml +++ b/.github/workflows/releaser.yml @@ -242,44 +242,6 @@ jobs: id-token: write uses: ./.github/workflows/helm-publish.yml - extract-release-actor: - name: Extract Release Actor - runs-on: ubuntu-slim - outputs: - triggered_by: ${{ steps.extract.outputs.triggered_by }} - permissions: - contents: read - steps: - - name: Extract actor from release body - id: extract - env: - GH_TOKEN: ${{ github.token }} - run: | - # Fetch the release body and extract the Release-Triggered-By metadata - RELEASE_BODY=$(gh release view "${{ github.ref_name }}" --repo "${{ github.repository }}" --json body --jq '.body') - - # Extract username from HTML comment: - TRIGGERED_BY=$(echo "$RELEASE_BODY" | grep -oP '(?<=)' || true) - - if [ -n "$TRIGGERED_BY" ]; then - echo "Found release triggering actor: $TRIGGERED_BY" - echo "triggered_by=$TRIGGERED_BY" >> $GITHUB_OUTPUT - else - echo "No Release-Triggered-By metadata found, falling back to github.actor" - echo "triggered_by=${{ github.actor }}" >> $GITHUB_OUTPUT - fi - - update-docs-website: - name: Trigger Docs Update - needs: [ publish-helm, extract-release-actor ] - permissions: {} - uses: ./.github/workflows/update-docs-website.yml - with: - version: ${{ github.ref_name }} - assign_to: ${{ needs.extract-release-actor.outputs.triggered_by }} - secrets: - DOCS_REPO_DISPATCH_TOKEN: ${{ secrets.DOCS_REPO_DISPATCH_TOKEN }} - # provenance: # name: Generate provenance (SLSA3) # needs: @@ -340,9 +302,7 @@ jobs: - release-binaries - image-build-and-push - skills-build-and-push - - update-docs-website - publish-helm - - extract-release-actor if: ${{ failure() }} runs-on: ubuntu-slim permissions: {} diff --git a/.github/workflows/update-docs-website.yml b/.github/workflows/update-docs-website.yml deleted file mode 100644 index c96210c009..0000000000 --- a/.github/workflows/update-docs-website.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: Trigger Docs Update - -permissions: {} - -on: - workflow_call: - inputs: - version: - description: 'Version tag for the release' - required: true - type: string - assign_to: - description: 'GitHub username to assign the PR to' - required: false - type: string - secrets: - DOCS_REPO_DISPATCH_TOKEN: - required: true - -jobs: - trigger-docs-update: - name: Trigger Documentation Update - runs-on: ubuntu-slim - - steps: - - name: Trigger docs update workflow - run: | - repo="stacklok/docs-website" - event_type="published-release" - version="${{ inputs.version }}" - assign_to="${{ inputs.assign_to }}" - - echo "Triggering docs update for $repo with version $version" - if [ -n "$assign_to" ]; then - echo "Will assign PR to: $assign_to" - fi - - # Build client_payload JSON - payload="{\"version\": \"$version\"" - if [ -n "$assign_to" ]; then - payload="$payload, \"assign_to\": \"$assign_to\"" - fi - payload="$payload}" - - curl --fail -L \ - -X POST \ - -H "Accept: application/vnd.github+json" \ - -H "Authorization: Bearer ${{ secrets.DOCS_REPO_DISPATCH_TOKEN }}" \ - -H "X-GitHub-Api-Version: 2022-11-28" \ - https://api.github.com/repos/$repo/dispatches \ - -d "{\"event_type\": \"$event_type\", \"client_payload\": $payload}"