11name : publish-docker
22
3- # Orchestrator: generates the image matrix via ci_matrix.py, then calls
4- # _docker-pipeline.yml for each image (build → test → push → floating tag).
3+ # Builds, tests, and publishes the socket-basics image to GHCR and Docker Hub.
4+ #
5+ # Flow: resolve-version → build-test-push → create-release
56#
67# Tag convention:
78# v2.0.0 — immutable exact release
@@ -32,25 +33,17 @@ concurrency:
3233
3334jobs :
3435
35- # ── Job 1: Generate matrix ─────────────────────────────────────────────────
36- # Runs ci_matrix.py to discover images and resolve the release version.
37- # Downstream jobs consume these outputs — no image config is hardcoded in YAML.
38- generate-matrix :
36+ # ── Job 1: Resolve version ─────────────────────────────────────────────────
37+ # Computes a clean semver string (no v prefix) consumed by downstream jobs.
38+ resolve-version :
3939 runs-on : ubuntu-latest
4040 outputs :
41- matrix : ${{ steps.matrix.outputs.json }}
4241 version : ${{ steps.version.outputs.clean }}
4342 steps :
4443 - uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4544 with :
4645 ref : ${{ github.event_name == 'workflow_dispatch' && format('v{0}', inputs.tag) || github.ref }}
4746
48- - name : 🐍 Generate image matrix
49- id : matrix
50- run : |
51- JSON=$(python scripts/ci_matrix.py --target docker)
52- echo "json=$JSON" >> "$GITHUB_OUTPUT"
53-
5447 - name : 🏷️ Resolve version
5548 id : version
5649 run : |
@@ -62,42 +55,38 @@ jobs:
6255 fi
6356 echo "clean=$CLEAN" >> "$GITHUB_OUTPUT"
6457
65- # ── Job 2: Build → test → push (one run per image in the matrix) ───────────
58+ # ── Job 2: Build → test → push ────────────────────────────────── ───────────
6659 # Delegates all Docker steps to the reusable _docker-pipeline workflow.
67- # Adding a new image to ci_matrix.py automatically creates a new parallel run.
6860 build-test-push :
69- name : publish (${{ matrix.image.name }} )
70- needs : generate-matrix
61+ name : publish (socket-basics )
62+ needs : resolve-version
7163 permissions :
7264 contents : write # force-update the floating major version tag (e.g. v2)
7365 packages : write # push images to GHCR
74- strategy :
75- fail-fast : false
76- matrix :
77- image : ${{ fromJSON(needs.generate-matrix.outputs.matrix) }}
7866 uses : ./.github/workflows/_docker-pipeline.yml
7967 with :
80- name : ${{ matrix.image.name }}
81- dockerfile : ${{ matrix.image.dockerfile }}
82- context : ${{ matrix.image.context }}
83- check_set : ${{ matrix.image.check_set }}
68+ name : socket-basics
69+ dockerfile : Dockerfile
70+ context : .
71+ check_set : main
8472 push : true
85- version : ${{ needs.generate-matrix.outputs.version }}
73+ tag_push : ${{ github.ref_type == 'tag' }}
74+ version : ${{ needs.resolve-version.outputs.version }}
8675 secrets : inherit
8776
8877 # ── Job 3: Create GitHub release + update CHANGELOG ────────────────────────
89- # Runs once after all images are successfully pushed (not for workflow_dispatch
78+ # Runs once after the image is successfully pushed (not for workflow_dispatch
9079 # re-publishes — those don't create new releases).
9180 # Generates categorised release notes from merged PR labels (.github/release.yml),
9281 # creates the GitHub Release, then commits the CHANGELOG update back to main.
9382 create-release :
94- needs : [generate-matrix , build-test-push]
83+ needs : [resolve-version , build-test-push]
9584 if : github.ref_type == 'tag'
9685 permissions :
9786 contents : write # create GitHub release + commit CHANGELOG back to main
9887 runs-on : ubuntu-latest
9988 env :
100- VERSION : ${{ needs.generate-matrix .outputs.version }}
89+ VERSION : ${{ needs.resolve-version .outputs.version }}
10190 steps :
10291 - uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
10392 with :
0 commit comments