Files
GitHop/wiki/Release-Checklist.md
T
Hop 853acec229 Require user-provisioned release credentials
Hop-State: A_06FN6KM758JV6S44F6CA6W0
Hop-Proposal: R_06FN6KJWAY5XWVMCVQHCXKR
Hop-Task: T_06FN6GZKFMRV2HP5N7XMNSR
Hop-Attempt: AT_06FN6GZKFP22ZCFRXGB7V00
2026-07-11 15:31:23 -07:00

3.7 KiB

Release checklist

Hop releases are built on a trusted maintainer machine and uploaded by GoReleaser as draft Gitea Releases. Gitea Actions and act runners are not required; the server only stores source, tags, release metadata, and assets.

The canonical repository is githop.xyz/GnosysLabs/Hop.

One-time Gitea setup

  • Create the GnosysLabs/Hop repository and set its default branch to main.
  • Configure origin as https://githop.xyz/GnosysLabs/Hop.git.
  • Keep Gitea Actions disabled when the instance does not have dedicated runner capacity; Hop's release process does not depend on it.
  • Provision a narrowly scoped maintainer access token outside the agent session and store it in the operating system's secret store. Agents and release scripts may use that existing credential, but must never create, rotate, list, or revoke account tokens through Gitea's website or API. Export it as GITEA_TOKEN only for the local publish command, then unset it.
  • When upgrading GoReleaser, update its pinned version and four archive checksums in scripts/release-local.sh from the official checksum file.
  • Permit release attachment MIME types for .tar.gz, .zip, and .txt in Gitea's [attachment] ALLOWED_TYPES configuration.
  • Enable the repository wiki, then push the files in wiki/ to its wiki Git repository.

Public-launch gates

  • Choose and add a LICENSE. The local publishing script intentionally fails without one; this is a product/legal decision, not a build default.
  • Add SECURITY.md with a monitored private disclosure address.
  • Create an offline-controlled release-signing key, publish its public key, and add detached signing for checksums.txt before general availability.
  • Confirm the githop.xyz/GnosysLabs/Hop Go import path serves valid go-import metadata.
  • Back up the Gitea database, repositories, and release attachments.

Validate before tagging

scripts/release-local.sh --snapshot

Inspect dist/ and test at least one archive on each operating system family. Confirm hop version reports the snapshot/tag-injected version and hop skill install --force installs identical Hop-managed files at both default skill destinations while preserving unrelated user files.

Create a release

  1. Update release notes. The signed Git tag is the version source and is injected into the binaries automatically.
  2. Run scripts/release-local.sh --snapshot and inspect the artifacts.
  3. Create a signed semantic-version tag such as v0.1.0-alpha.1 and push it.
  4. Read a pre-provisioned, locally stored scoped token into GITEA_TOKEN. Do not generate a task-specific token from an agent session.
  5. Run scripts/release-local.sh --publish. It reruns race tests, vet, installer checks, builds six platform archives, generates checksums.txt, and uploads a draft without executing build work on the Gitea server.
  6. Immediately run unset GITEA_TOKEN.
  7. Download the draft assets and independently verify checksums, version output, skill installation, and a disposable Hop project.
  8. Publish the Gitea draft only after those checks pass.
  9. Test both one-command installers against the now-published release.

Expected assets

hop_darwin_amd64.tar.gz
hop_darwin_arm64.tar.gz
hop_linux_amd64.tar.gz
hop_linux_arm64.tar.gz
hop_windows_amd64.zip
hop_windows_arm64.zip
checksums.txt

After the first release

  • Create a Gitea-hosted Homebrew tap/cask fed by immutable release URLs and checksums; do not publish placeholder hashes.
  • Add Windows package-manager metadata only after the Windows artifact has been tested on a real signed build.
  • Establish release retention, package cleanup, rollback, and incident-response procedures for the custom Gitea instance.