Slipstream/auto_review
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases 27 Packages Activity Actions

fix(release): publish version tags and Forgejo releases #108

Merged
jwilger merged 1 commit from fix/release-publish-tags-releases into main 2026-05-06 08:47:50 -07:00
Conversation 1 Commits 1 Files changed 4 +199 -25
jwilger commented 2026-05-06 08:36:57 -07:00
Owner
Copy link

Summary

  • Promote release Docker images with merge SHA, raw semver version, and latest tags.
  • Create a Forgejo Release entry pinned to the validated merge SHA with changelog-derived notes and a Docker image link.
  • Update release tooling tests, operations docs, and threat model for the broadened publish-token scope.

Verification

  • nix develop --command bash tests/release_tooling_test.sh
  • nix flake check

Follow-up

  • Release-candidate image promotion flow tracked in #107.
## Summary - Promote release Docker images with merge SHA, raw semver version, and `latest` tags. - Create a Forgejo Release entry pinned to the validated merge SHA with changelog-derived notes and a Docker image link. - Update release tooling tests, operations docs, and threat model for the broadened publish-token scope. ## Verification - `nix develop --command bash tests/release_tooling_test.sh` - `nix flake check` ## Follow-up - Release-candidate image promotion flow tracked in #107.
fix(release): publish version tags and Forgejo releases
All checks were successful
CI / Nix flake check (pull_request) Successful in 2m39s
Details
CI / auto_review semantic review (pull_request) Successful in 1s
Details
auto_review auto_review: 3 warnings
Publish release / release-publish (pull_request) Has been skipped
Details
a5e95a16c7
auto-review approved these changes 2026-05-06 08:40:28 -07:00
auto-review left a comment
Copy link

The PR enhances the release process by promoting Docker images with multiple tags and creating Forgejo Release entries. It updates documentation and tests to reflect these changes. The changes appear safe to merge, but ensure that all new processes are thoroughly tested and documented.

Walkthrough

  • .forgejo/workflows/release-publish.yml:
    • Adds steps to derive the release version from Cargo.toml and promote Docker images with multiple tags.
    • Introduces a step to create a Forgejo Release entry with changelog-derived notes.
  • docs/OPERATIONS.md and docs/THREAT-MODEL.md:
    • Updates to reflect the broadened scope of the release publishing token.
  • tests/release_tooling_test.sh:
    • Adds tests to verify the new release process, including version derivation and release note generation.
The PR enhances the release process by promoting Docker images with multiple tags and creating Forgejo Release entries. It updates documentation and tests to reflect these changes. The changes appear safe to merge, but ensure that all new processes are thoroughly tested and documented. ## Walkthrough - **.forgejo/workflows/release-publish.yml**: - Adds steps to derive the release version from `Cargo.toml` and promote Docker images with multiple tags. - Introduces a step to create a Forgejo Release entry with changelog-derived notes. - **docs/OPERATIONS.md** and **docs/THREAT-MODEL.md**: - Updates to reflect the broadened scope of the release publishing token. - **tests/release_tooling_test.sh**: - Adds tests to verify the new release process, including version derivation and release note generation.
.forgejo/workflows/release-publish.yml
auto-review commented 2026-05-06 08:40:27 -07:00
Owner
Copy link

🟡 Warning: Ensure that the RELEASE_VERSION is correctly derived from the Cargo.toml file and that the file is present in the expected location. This is crucial for the release process to function correctly.

🟡 **Warning:** Ensure that the `RELEASE_VERSION` is correctly derived from the `Cargo.toml` file and that the file is present in the expected location. This is crucial for the release process to function correctly.
jwilger marked this conversation as resolved
.forgejo/workflows/release-publish.yml
@ -103,3 +118,25 @@ jobs:
exit 1
auto-review commented 2026-05-06 08:40:27 -07:00
Owner
Copy link

🟡 Warning: Verify that the latest tag is applied correctly and does not overwrite any important existing tags. This can prevent potential issues with versioning and deployment.

🟡 **Warning:** Verify that the `latest` tag is applied correctly and does not overwrite any important existing tags. This can prevent potential issues with versioning and deployment.
auto-review commented 2026-05-06 08:40:27 -07:00
Owner
Copy link

🟡 Warning: Ensure that the RELEASE_PUBLISH_TOKEN is securely handled and not exposed in logs or error messages. This is critical for maintaining the security of the release process.

🟡 **Warning:** Ensure that the `RELEASE_PUBLISH_TOKEN` is securely handled and not exposed in logs or error messages. This is critical for maintaining the security of the release process.
jwilger marked this conversation as resolved
jwilger deleted branch fix/release-publish-tags-releases 2026-05-06 08:47:50 -07:00
Sign in to join this conversation.
Reviewers
No reviewers
auto-review
Labels
Clear labels   
bug

   
discussion

   
enhancement
  
bug
Something is not working

  
duplicate
This issue or pull request already exists

  
enhancement
New feature

  
help wanted
Need some help

  
invalid
Something is wrong

  
question
More information is needed

  
wontfix
This won't be fixed

No labels
bug
discussion
enhancement
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
Slipstream/auto_review!108
No description provided.