From 6242217db7c020c2153d902e328b1a0ba49aa752 Mon Sep 17 00:00:00 2001 From: Jose Perez Rodriguez Date: Mon, 18 May 2026 22:48:39 -0700 Subject: [PATCH 1/2] Add PrepareArtifacts to GitHubTasks stage dependsOn so ReleaseVersionEffective resolves The GitHubTasks stage's jobs reference stageDependencies.PrepareArtifacts.PrepareJob.outputs['deriveReleaseVersion.releaseVersionEffective'] but the stage previously only declared dependsOn: Release. AzDO does not make stageDependencies transitive, so the variable resolved to empty and the workflow dispatch failed with: HTTP 422: Required input 'release_version' not provided Confirmed in https://dev.azure.com/dnceng/internal/_build/results?buildId=2978542 (log id 137). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- eng/pipelines/release-publish-nuget.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/eng/pipelines/release-publish-nuget.yml b/eng/pipelines/release-publish-nuget.yml index fe7d6e589f2..8647d1b4f27 100644 --- a/eng/pipelines/release-publish-nuget.yml +++ b/eng/pipelines/release-publish-nuget.yml @@ -763,7 +763,16 @@ extends: # without performing a real release. - stage: GitHubTasks displayName: 'Dispatch GitHub Release Tasks' - dependsOn: Release + # PrepareArtifacts is listed explicitly (in addition to Release) so the + # jobs in this stage can resolve + # stageDependencies.PrepareArtifacts.PrepareJob.outputs['deriveReleaseVersion.releaseVersionEffective']. + # AzDO only exposes stageDependencies for stages named directly in dependsOn — + # the relationship is NOT transitive through Release. Without this, the + # ReleaseVersionEffective variable silently evaluates to empty and the GitHub + # workflow dispatch fails with HTTP 422 "Required input 'release_version' not provided". + dependsOn: + - Release + - PrepareArtifacts condition: | and( in(dependencies.Release.result, 'Succeeded', 'SucceededWithIssues'), From 344a0a7ff44a7a73d4a839aba3d568d4010a6c1d Mon Sep 17 00:00:00 2001 From: Jose Perez Rodriguez Date: Mon, 18 May 2026 23:55:08 -0700 Subject: [PATCH 2/2] Fix aspire-cli-* download pattern to match artifact-prefixed paths The download task enumerates artifact items with the artifact name as a path prefix (e.g. 'BlobArtifacts/aspire-cli-linux-x64-13.3.4.tar.gz'), so the bare 'aspire-cli-*' minimatch glob excluded every file. Result: 0 files downloaded, target directory never created, and the next step failed with 'Assets directory ... does not exist. Did the download step run?' Confirmed in https://dev.azure.com/dnceng/internal/_build/results?buildId=2978586 (log id 163 shows '0 matches' and every aspire-cli-* file 'Item excluded'). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- eng/pipelines/release-publish-nuget.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/eng/pipelines/release-publish-nuget.yml b/eng/pipelines/release-publish-nuget.yml index 8647d1b4f27..c80b92d45e9 100644 --- a/eng/pipelines/release-publish-nuget.yml +++ b/eng/pipelines/release-publish-nuget.yml @@ -898,7 +898,12 @@ extends: - download: aspire-build displayName: 'Download aspire-cli-* from Source Build' artifact: BlobArtifacts - patterns: 'aspire-cli-*' + # The download task enumerates artifact items with the artifact + # name as a path prefix (e.g. 'BlobArtifacts/aspire-cli-...'), so + # a bare 'aspire-cli-*' minimatch glob excludes every file and + # the target directory never gets created. Use '**/aspire-cli-*' + # to match files under the artifact root. + patterns: '**/aspire-cli-*' # pwsh (not powershell): publish-release-cli-assets.ps1 calls # Get-AspireBotInstallationToken.ps1, which uses RSA.ImportFromPem