From 8ed8226e205960a8a3f553eb0fd9d1d73b57c01c Mon Sep 17 00:00:00 2001 From: Barcode Betty Date: Wed, 3 Jun 2026 22:05:37 +0000 Subject: [PATCH] ci: never hard-fail deploy-dev/deploy-uat on infra-PR merge outcome (CAR-1216) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The CI bot cannot self-approve cartsnitch/infra main's required human review, so the in-job auto-merge attempt is structurally impossible and would always fail with SOME message (checks-pending, then approvals, then transient errors). Special-casing individual error strings is fragile — CAR-1212's 'Does not have enough approvals' branch proved it (deploy-dev run 4999 hit the final else-branch instead). Make job success depend only on the infra PR being OPENED (and cs_savannah review requested), NOT on the merge outcome. Replace both the approvals-elif branch and the final else (exit 1) branch with a single non-failing branch: emit a ::notice:: with the merge response and exit 0. The ONLY remaining hard-fail is the empty PR_NUM check (PR could not be created). Same change applied symmetrically to deploy-uat. Refs CAR-1195, CAR-1194, CAR-1212, CAR-1216. --- .gitea/workflows/ci.yml | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index 7efee44..07afdec 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -585,17 +585,17 @@ jobs: MERGED=$(echo "$MERGE_RESP" | jq -r '.merged // false') if [ "$MERGED" = "true" ]; then echo "PR #${PR_NUM} merged into cartsnitch/infra main" - elif echo "$MERGE_RESP" | grep -qi 'does not have enough approvals'; then - # GitOps approval gate: the PR is correctly opened and surfaces in - # the CTO queue via the reviewers request above. Treat as success - # (exit 0) so the deploy job does not hard-fail on the approvals - # requirement that only a human maintainer can satisfy. - echo "::notice::infra PR #${PR_NUM} opened and awaiting CTO (cs_savannah) approve+merge — GitOps approval gate, not a failure" - exit 0 else - echo "::error::Auto-merge of cartsnitch/infra PR #${PR_NUM} failed: $MERGE_RESP" - echo "::error::Reassign to cs_savannah (authorized merger for cartsnitch/infra main) for backstop merge." - exit 1 + # GitOps approval gate (CAR-1216): the CI bot cannot self-approve + # cartsnitch/infra main's required human review, so the in-job + # auto-merge is structurally impossible and will always fail with + # SOME message (checks-pending, then approvals, then transient + # errors). Special-casing individual messages is fragile. The PR + # is correctly opened, cs_savannah is requested as reviewer, and + # the CTO will backstop-merge — that is the success condition. + # Treat every merge-outcome failure as success (exit 0). + echo "::notice::infra PR #${PR_NUM} opened and awaiting CTO (cs_savannah) approve+merge — GitOps approval gate, not a failure: $MERGE_RESP" + exit 0 fi deploy-uat: @@ -729,15 +729,15 @@ jobs: MERGED=$(echo "$MERGE_RESP" | jq -r '.merged // false') if [ "$MERGED" = "true" ]; then echo "PR #${PR_NUM} merged into cartsnitch/infra main" - elif echo "$MERGE_RESP" | grep -qi 'does not have enough approvals'; then - # GitOps approval gate: the PR is correctly opened and surfaces in - # the CTO queue via the reviewers request above. Treat as success - # (exit 0) so the deploy job does not hard-fail on the approvals - # requirement that only a human maintainer can satisfy. - echo "::notice::infra PR #${PR_NUM} opened and awaiting CTO (cs_savannah) approve+merge — GitOps approval gate, not a failure" - exit 0 else - echo "::error::Auto-merge of cartsnitch/infra PR #${PR_NUM} failed: $MERGE_RESP" - echo "::error::Reassign to cs_savannah (authorized merger for cartsnitch/infra main) for backstop merge." - exit 1 + # GitOps approval gate (CAR-1216): the CI bot cannot self-approve + # cartsnitch/infra main's required human review, so the in-job + # auto-merge is structurally impossible and will always fail with + # SOME message (checks-pending, then approvals, then transient + # errors). Special-casing individual messages is fragile. The PR + # is correctly opened, cs_savannah is requested as reviewer, and + # the CTO will backstop-merge — that is the success condition. + # Treat every merge-outcome failure as success (exit 0). + echo "::notice::infra PR #${PR_NUM} opened and awaiting CTO (cs_savannah) approve+merge — GitOps approval gate, not a failure: $MERGE_RESP" + exit 0 fi