From b5d0e4df70a5eebb732bb9fbb2ec6a0a24d5bf08 Mon Sep 17 00:00:00 2001 From: Kailas Mahavarkar <66670953+KailasMahavarkar@users.noreply.github.com> Date: Fri, 10 Apr 2026 17:28:38 +0530 Subject: [PATCH] fix(ci): merge release + Docker build into one job GITHUB_TOKEN-created releases do not re-trigger the release: workflow event (GitHub blocks this to prevent loops), so build-and-push-image never fired after auto-release. Merges release creation and Docker build into a single release-and-publish job. Both steps are gated on steps.check.outputs.new == 'true' so they only run when the version in package.json is new. Also removes the release: trigger from the workflow since it is no longer needed. Co-Authored-By: Claude Sonnet 4.6 --- .github/workflows/publish.yml | 30 ++++++++++-------------------- tests/workflow-behaviour.test.ts | 6 +----- 2 files changed, 11 insertions(+), 25 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 046932e..44267e5 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -4,8 +4,6 @@ on: push: branches: ['main'] pull_request: - release: - types: [published] env: REGISTRY: ghcr.io @@ -39,12 +37,14 @@ jobs: - name: Type-check run: bun run build - release: + release-and-publish: if: github.event_name == 'push' && github.ref == 'refs/heads/main' needs: verify runs-on: ubuntu-latest permissions: contents: write + packages: write + steps: - name: Checkout repository uses: actions/checkout@v4 @@ -57,13 +57,13 @@ jobs: VERSION=$(jq -r .version package.json) echo "version=$VERSION" >> $GITHUB_OUTPUT if git ls-remote --tags origin | grep -q "refs/tags/v${VERSION}$"; then - echo "exists=true" >> $GITHUB_OUTPUT + echo "new=false" >> $GITHUB_OUTPUT else - echo "exists=false" >> $GITHUB_OUTPUT + echo "new=true" >> $GITHUB_OUTPUT fi - - name: Create release - if: steps.check.outputs.exists == 'false' + - name: Create GitHub release + if: steps.check.outputs.new == 'true' env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | @@ -71,19 +71,8 @@ jobs: --title "v${{ steps.check.outputs.version }}" \ --generate-notes - build-and-push-image: - if: github.event_name == 'release' - needs: verify - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: Log in to GitHub Container Registry + if: steps.check.outputs.new == 'true' uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} @@ -91,16 +80,17 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata (tags, labels) for Docker + if: steps.check.outputs.new == 'true' id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - name: Build and push Docker image + if: steps.check.outputs.new == 'true' uses: docker/build-push-action@v5 with: context: . push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - diff --git a/tests/workflow-behaviour.test.ts b/tests/workflow-behaviour.test.ts index dabaa9e..811a251 100644 --- a/tests/workflow-behaviour.test.ts +++ b/tests/workflow-behaviour.test.ts @@ -15,10 +15,6 @@ test("publish workflow verifies the package across the supported OS and Bun matr ); assert.match(workflow, /bun-version:/, "workflow should verify with Bun"); assert.match(workflow, /needs:\s*verify/, "publish job should wait for the verification matrix"); - assert.match( - workflow, - /if:\s*github\.event_name\s*==\s*'release'/, - "publish job should only run on release events", - ); assert.match(workflow, /gh release create/, "workflow should auto-create a release on version bump"); + assert.match(workflow, /docker\/build-push-action/, "workflow should build and push Docker image"); });