From 5793269be3445cf5be73566fa4f1d0741f8af836 Mon Sep 17 00:00:00 2001 From: Boshen Date: Thu, 14 May 2026 10:43:25 +0800 Subject: [PATCH 1/2] ci: gate release publish on environment approval with Discord notice Co-Authored-By: Claude Opus 4.7 (1M context) --- .github/workflows/release.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b533f42c4f..2aa8a5ac76 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -60,9 +60,19 @@ jobs: version: ${{ needs.prepare.outputs.version }} cache-key: release - Release: + request-approval: runs-on: ubuntu-latest needs: [prepare, build-rust] + steps: + - uses: tsickert/discord-webhook@b217a69502f52803de774ded2b1ab7c282e99645 # v7.0.0 + with: + webhook-url: ${{ secrets.DISCORD_RELEASES_WEBHOOK_URL }} + content: "Requesting approval: ${{ github.server_url }}/${{ github.repository }}/actions/workflows/release.yml" + + Release: + runs-on: ubuntu-latest + environment: release + needs: [prepare, build-rust, request-approval] permissions: contents: write packages: write From 317187fda924206382a95aeb797bc7eeafd3575b Mon Sep 17 00:00:00 2001 From: Boshen Date: Thu, 14 May 2026 10:56:10 +0800 Subject: [PATCH 2/2] chore: fmt Co-Authored-By: Claude Opus 4.7 (1M context) --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2aa8a5ac76..8068270c07 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -67,7 +67,7 @@ jobs: - uses: tsickert/discord-webhook@b217a69502f52803de774ded2b1ab7c282e99645 # v7.0.0 with: webhook-url: ${{ secrets.DISCORD_RELEASES_WEBHOOK_URL }} - content: "Requesting approval: ${{ github.server_url }}/${{ github.repository }}/actions/workflows/release.yml" + content: 'Requesting approval: ${{ github.server_url }}/${{ github.repository }}/actions/workflows/release.yml' Release: runs-on: ubuntu-latest