@@ -531,6 +531,9 @@ jobs:
531531 steps :
532532 - name : Checkout repository
533533 uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
534+ with :
535+ token : ${{ secrets.GITHUB_TOKEN }}
536+ fetch-depth : 0
534537
535538 - name : Download all artifacts
536539 uses : actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
@@ -590,21 +593,47 @@ jobs:
590593 echo " Assets: ${ASSET_COUNT}"
591594
592595 if [ "$IS_DRAFT" = "false" ] && [ "$ASSET_COUNT" -eq 0 ]; then
593- echo "❌ ERROR: Published release exists with no assets (likely from previous failed run)"
594- echo " Deleting broken release to allow recreation..."
595- gh release delete "v${VERSION}" --repo "${{ github.repository }}" --yes
596- echo "✅ Broken release deleted"
596+ echo "❌ ERROR: Published release v${VERSION} exists with no assets (broken release)"
597+ echo ""
598+ echo "This version is now PERMANENTLY UNUSABLE due to GitHub's immutable release protection."
599+ echo "Once a non-draft release is published, that tag name is permanently reserved."
600+ echo ""
601+ echo "You MUST use a different version number. Options:"
602+ echo " 1. Bump patch version: v0.1.3 (recommended)"
603+ echo " 2. Use patch suffix: v0.1.2.1 or v0.1.2-retry"
604+ echo ""
605+ echo "To proceed:"
606+ echo " 1. Update version in Cargo.toml to 0.1.3 (or chosen version)"
607+ echo " 2. Commit the change"
608+ echo " 3. Let release-plz create the new tag, OR"
609+ echo " 4. Re-run this workflow with the new version"
610+ echo ""
611+ echo "Note: Deleting the broken release will not help - the tag is tainted forever."
612+ exit 1
597613 elif [ "$IS_DRAFT" = "false" ]; then
598614 echo "❌ ERROR: Published release already exists with ${ASSET_COUNT} assets"
599615 echo " Cannot overwrite published releases. Please:"
600616 echo " 1. Delete the release manually: gh release delete v${VERSION}"
601- echo " 2. Or create a new version"
617+ echo " 2. Delete the tag: git push origin --delete v${VERSION}"
618+ echo " 3. Or create a new version"
602619 exit 1
603620 else
604621 echo "✅ Draft release exists - will be updated"
605622 fi
606623 else
607- echo "✅ No existing release found - will create new one"
624+ echo "✅ No existing release found"
625+
626+ # Check if tag exists when using workflow_dispatch
627+ if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
628+ if git ls-remote --tags origin | grep -q "refs/tags/v${VERSION}$"; then
629+ echo "⚠️ WARNING: Tag v${VERSION} already exists"
630+ echo " Using existing tag for release creation"
631+ else
632+ echo "✅ Tag v${VERSION} does not exist - will create it in next step"
633+ fi
634+ else
635+ echo "✅ Tag v${VERSION} exists (triggered by tag push)"
636+ fi
608637 fi
609638env :
610639 GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
@@ -691,6 +720,23 @@ jobs:
691720 *Released with ❤️ using GitHub Actions, release-plz, and Sigstore*
692721 EOF
693722
723+ name : Create release tag
724+ if : github.event_name == 'workflow_dispatch'
725+ run : |
726+ VERSION="${{ needs.prepare-release.outputs.version }}"
727+
728+ echo "Creating tag v${VERSION} for manual release..."
729+
730+ # Configure git for the workflow
731+ git config user.name "github-actions[bot]"
732+ git config user.email "github-actions[bot]@users.noreply.github.com"
733+
734+ # Create and push the tag
735+ git tag -a "v${VERSION}" -m "Release v${VERSION}"
736+ git push origin "v${VERSION}"
737+
738+ echo "✅ Tag v${VERSION} created and pushed"
739+
694740name : Create GitHub Release
695741 uses : softprops/action-gh-release@6cbd405e2c4e67a21c47fa9e383d020e4e28b836 # v2.3.3
696742 with :
0 commit comments