fix: correct bash variable expansion in PyPI verification step#147
Merged
Conversation
The heredoc on line 152 used single quotes ('PYEOF'), preventing bash
from expanding $PKG_NAME and $VERSION variables. This caused the Python
verification script to query PyPI with literal '$PKG_NAME' string,
resulting in HTTP 404 errors despite successful package upload.
Removing the quotes allows proper variable interpolation, fixing the
verification step for both initial runs and re-runs (when packages
already exist on PyPI).
Fixes v0.3.7 promote-release workflow failure.
Signed-off-by: Jason Farrar <farrar.jason1@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The
promote-release.ymlworkflow is failing to verify packages on PyPI with HTTP 404 errors, even though the package upload succeeds. This is a bash variable expansion bug in the PyPI verification step.Root Cause
Line 152 of the workflow uses a single-quoted heredoc:
Single quotes prevent bash from expanding variables. This causes
$PKG_NAMEand$VERSIONto be passed as literal strings to the Python verification script, which then queries PyPI with a malformed URL:Instead of:
Solution
Remove the single quotes from the heredoc delimiter (line 152):
Before:
After:
Unquoted heredocs allow bash variable expansion, so the Python script receives the actual package name and version.
Impact
Testing
Re-run the
promote-release.ymlworkflow for tagv0.3.7: