ci: gate merging on a single Release Validation summary job#775
Merged
elijahbenizzy merged 2 commits intoMay 11, 2026
Conversation
Adds a "summary" job to release-validation.yml that depends on
check-paths, build-artifacts, and install-and-smoke and runs
with if: always(). It translates the upstream conclusions into
a single binary verdict — success/skipped → pass, failure or
cancelled → fail — so the required check has a stable name and
a definite state regardless of whether upstream jobs ran or
were path-filtered out.
In .asf.yaml the required contexts drop from two matrix-suffixed
names ("Release Validation / build-artifacts", "Release Validation
/ install-and-smoke (3.12)") to one: "Release Validation / summary".
Why this is needed:
- PRs that only touch docs/ or website/ trigger check-paths to
set should_run=false, which skips the heavy jobs.
- GitHub treats SKIPPED jobs as non-passing for required-status-
checks, so those PRs were stuck in BLOCKED state forever
(see commit a655edf for the previous attempt that didn't
work for this exact reason).
- The summary job sidesteps the SKIPPED ambiguity because it
always runs and always produces a definite SUCCESS or FAILURE.
Real code PRs are unaffected: if any release-validation job
fails, the summary fails, and merging is blocked.
Drive-by fix — `f7a1750d` (rename shadowed `format` builtin) left this file black-non-compliant for line-length=100. Caught by pre-commit on this branch.
skrawcz
approved these changes
May 11, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Replaces the two matrix-suffixed required checks (
Release Validation / build-artifacts,Release Validation / install-and-smoke (3.12)) with a single new required check:Release Validation / summary.The new summary job sits at the end of
release-validation.yml, depends on all the other jobs, and runs withif: always(). It translates upstream job conclusions into one binary verdict:build-artifactsinstall-and-smokesuccesssuccessskipped(path-filtered docs PR)skipped(path-filtered docs PR)failurefailureBecause the summary job is the only required check, branch protection cares only about that single stable name.
Why this is needed
PRs touching only
docs/orwebsite/(like #771) were stuck inBLOCKEDstate. The path filter intentionally skips the heavy validation jobs, but GitHub treatsSKIPPEDas non-passing for required-status-checks. Commita655edf2tried to fix it by adding thecheck-pathsgate; that didn't work becauseSKIPPEDis stillSKIPPED.The
if: always()summary job sidesteps the ambiguity — it always produces a definiteSUCCESSorFAILURE, neverSKIPPED. So branch protection has a stable signal regardless of upstream skip semantics.What this preserves
Real code PRs still get gated. If
build-artifactsorinstall-and-smokefails, the summary fails, and the merge button stays disabled.(Reopens the work from #774, which GitHub wouldn't allow to be reopened after the force-push.)
Test plan