Skip to content

feat(release): add docker publishing to the release process#25

Merged
JonZeolla merged 4 commits into
mainfrom
fix-publishing
Jul 9, 2025
Merged

feat(release): add docker publishing to the release process#25
JonZeolla merged 4 commits into
mainfrom
fix-publishing

Conversation

@JonZeolla

Copy link
Copy Markdown
Member

Contributor Comments

This moves the task publish (i.e. pushing to Docker Hub) to the manual release process, if the user answers yes to the dockerhub question.

Pull Request Checklist

Thank you for submitting a contribution!

Please address the following items:

  • If you are adding a dependency, please explain how it was chosen.
  • If manual testing is needed in order to validate the changes, provide a testing plan and the expected results.
  • Validate that documentation is accurate and aligned to any project updates or additions.

@ai-coding-guardrails ai-coding-guardrails Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've got 5 comments for you to consider

The PR title and description are not accurate. Here are my suggestions:

Title: feat: move docker publishing to release workflow and harden GitHub Actions security

Description: # Contributor Comments

This PR makes two main improvements:

  1. Docker Publishing Workflow Changes: Moves Docker publishing from the CI pipeline to the manual release process, triggered when a release is created. The publishing is now conditional and integrated into the release workflow.

  2. Security Hardening: Adds persist-credentials: false to all GitHub Actions checkout steps across workflows (ci.yml, commit.yml, security.yml, update.yml, release.yml) to prevent credential persistence as a security best practice.

  3. Taskfile Refactoring: Simplifies the Docker build process by using a PUBLISH flag instead of a separate publish task, removing complex cross-platform file handling logic.

Pull Request Checklist

Thank you for submitting a contribution!

Please address the following items:

  • If you are adding a dependency, please explain how it was chosen.
  • If manual testing is needed in order to validate the changes, provide a testing plan and the expected results.
  • Validate that documentation is accurate and aligned to any project updates or additions.

Reviewed with 🤟 by Zenable

@JonZeolla JonZeolla enabled auto-merge (squash) July 9, 2025 01:37
@JonZeolla JonZeolla merged commit 8fa0c77 into main Jul 9, 2025
8 checks passed
@JonZeolla JonZeolla deleted the fix-publishing branch July 9, 2025 01:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant