Three bugs in the hourly deploy's change-detection logic caused the Play
Store to silently fall behind whenever a deploy failed or was skipped:
1. commit_sha → head_sha: Forgejo's API returns head_sha; commit_sha was
always None, so LAST_DEPLOYED_SHA was always empty and the diff fell
back to HEAD~1..HEAD (only one commit).
2. Skipped runs are no longer trusted: previously a workflow run where
deploy-playstore was skipped (android=false) was treated as 'deployed'.
Now the code queries each run's job results and only counts a run where
the 'Build & Deploy to Play Store' job actually succeeded.
3. Safe fallback: when LAST_DEPLOYED_SHA cannot be determined (API error,
SHA not in local history) the workflow now defaults to android=true /
linux=true instead of the dangerously narrow HEAD~1..HEAD diff.
Also adds:
- ::error:: / ::warning:: / ::notice:: workflow annotations so skips and
failures surface in the Actions UI rather than buried in log output.
- scripts/verify_playstore_deploy.py: post-deploy check that queries the
internal track and fails if the latest version code is more than 1 hour
old (version codes are Unix timestamps), catching silent deploy failures.
- A matching test suite for the verify script.
Closes#361
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
