feat(release): promote release candidate images #110

Merged

jwilger merged 3 commits from feat/release-candidate-images into main 2026-05-06 09:47:44 -07:00

Conversation 2 Commits 3 Files changed 5 +318 -42

jwilger commented 2026-05-06 09:36:17 -07:00

Owner

Copy link

Summary

• Builds and publishes release PR candidate images with a candidate-scoped token.
• Promotes the exact candidate image during final release publish instead of rebuilding.
• Documents candidate image provenance and release credential blast radii.

Verification

• nix develop --command bash tests/release_tooling_test.sh
• nix flake check

Closes #107

## Summary - Builds and publishes release PR candidate images with a candidate-scoped token. - Promotes the exact candidate image during final release publish instead of rebuilding. - Documents candidate image provenance and release credential blast radii. ## Verification - nix develop --command bash tests/release_tooling_test.sh - nix flake check Closes #107

jwilger added 2 commits 2026-05-06 09:36:17 -07:00

fix(release): publish version tags and Forgejo releases a5e95a16c7

feat(release): promote release candidate images 0bc9196749

auto-review approved these changes 2026-05-06 09:39:24 -07:00

Dismissed

auto-review left a comment

Copy link

This PR introduces changes to the release workflows to promote release candidate images instead of rebuilding them during the final release. It also updates documentation to reflect these changes. The changes appear safe to merge, but testing is recommended to ensure the new workflows function as expected.

Walkthrough

• Workflows:
  • .forgejo/workflows/release-prepare.yml and .forgejo/workflows/release-publish.yml have been updated to handle release candidate images.
  • The skopeo copy command is used to promote candidate images to final release tags.
  • The tea pr create and tea pr edit commands are used to manage PR descriptions with candidate image information.
• Documentation:
  • docs/OPERATIONS.md and docs/THREAT-MODEL.md have been updated to document the new release process and credential usage.
• Testing:
  • tests/release_tooling_test.sh includes new tests to verify the release workflows and ensure they handle candidate images correctly.

This PR introduces changes to the release workflows to promote release candidate images instead of rebuilding them during the final release. It also updates documentation to reflect these changes. The changes appear safe to merge, but testing is recommended to ensure the new workflows function as expected. ## Walkthrough - **Workflows**: - `.forgejo/workflows/release-prepare.yml` and `.forgejo/workflows/release-publish.yml` have been updated to handle release candidate images. - The `skopeo copy` command is used to promote candidate images to final release tags. - The `tea pr create` and `tea pr edit` commands are used to manage PR descriptions with candidate image information. - **Documentation**: - `docs/OPERATIONS.md` and `docs/THREAT-MODEL.md` have been updated to document the new release process and credential usage. - **Testing**: - `tests/release_tooling_test.sh` includes new tests to verify the release workflows and ensure they handle candidate images correctly.

jwilger added 1 commit 2026-05-06 09:43:00 -07:00

Merge origin/main into feat/release-candidate-images 2fdb6a0f42

auto-review approved these changes 2026-05-06 09:46:15 -07:00

auto-review left a comment

Copy link

This PR updates the project to build and publish release candidate images with a candidate-scoped token, promoting the exact candidate image during final release publish. It also updates the version to 0.1.3 across multiple files, ensuring consistency in the release process.

Walkthrough

• CHANGELOG.md: Added a new section for version 0.1.3, documenting fixes and other changes.
• Cargo.lock: Updated the version of several packages to 0.1.3 to reflect the new release.
• Cargo.toml: Bumped the workspace package version to 0.1.3.

This PR updates the project to build and publish release candidate images with a candidate-scoped token, promoting the exact candidate image during final release publish. It also updates the version to `0.1.3` across multiple files, ensuring consistency in the release process. ## Walkthrough - **CHANGELOG.md**: Added a new section for version `0.1.3`, documenting fixes and other changes. - **Cargo.lock**: Updated the version of several packages to `0.1.3` to reflect the new release. - **Cargo.toml**: Bumped the workspace package version to `0.1.3`.

jwilger merged commit 78e451ef3c into main 2026-05-06 09:47:44 -07:00

jwilger deleted branch feat/release-candidate-images 2026-05-06 09:47:45 -07:00

jwilger referenced this pull request from a commit 2026-05-06 09:47:45 -07:00

feat(release): promote release candidate images (#110)

Sign in to join this conversation.

Reviewers

No reviewers

auto-review

Labels

Clear labels   

bug

  

discussion

  

enhancement

  

bug

Something is not working

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

help wanted

Need some help

  

invalid

Something is wrong

  

question

More information is needed

  

wontfix

This won't be fixed

No labels

bug

discussion

enhancement

bug

duplicate

enhancement

help wanted

invalid

question

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

2 participants

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

Slipstream/auto_review!110

No description provided.