Skip to content

ci(release): add release-please automation#212

Merged
joshishiv4 merged 1 commit into
stagingfrom
ci/release-please
Jun 9, 2026
Merged

ci(release): add release-please automation#212
joshishiv4 merged 1 commit into
stagingfrom
ci/release-please

Conversation

@parth0025

Copy link
Copy Markdown
Collaborator

Summary

Adds release-please for automated SemVer bumps, CHANGELOG generation, git tags, and GitHub Releases. Step 4 of the open-source repo maintenance baseline initiative (#207 license, #208 branching, #209 lint).

Builds directly on the Conventional Commits enforcement from #209 β€” every feat/fix/perf/etc. commit on main becomes a line in the next changelog entry.

What happens after this lands

staging  (active dev β€” feat/fix PRs land here)
    β”‚
    β–Ό
  main  (after staging β†’ main promotion PR merges)
    β”‚
    β–Ό
 release-please runs ──► opens "Release PR":
                          chore(main): release v14.1.0
                            β€’ CHANGELOG.md gets new [14.1.0] section
                            β€’ package.json: 14.0.26 β†’ 14.1.0
    β”‚
    β”‚  maintainer reviews & merges the Release PR
    β–Ό
  πŸš€ git tag v14.1.0 created
  πŸš€ GitHub Release published with changelog body
  πŸš€ package.json + CHANGELOG.md committed to main

Files changed (4, all new)

File Purpose
release-please-config.json Tool config: tracks root package only, SemVer rules, CHANGELOG section visibility (user-facing types shown, engineering types hidden)
.release-please-manifest.json Anchors current version at 14.0.26 (matches existing v14.0.26 git tag)
.github/workflows/release.yml Runs googleapis/release-please-action@v4 on push to main + workflow_dispatch for manual triggering
CHANGELOG.md Bootstrapped with v14.0.26 baseline; release-please appends future entries above

Decisions documented

Decision Choice Rationale
Tool release-please Industry standard for OSS Node; maintainer-gated (matches BRANCHING.md's on-demand promotion model); zero npm deps
Scope Root package.json only Frontend (8.36.0) versioning stays independent. Can add as second component later
Trigger branch main (not staging) Releases cut from main after staging promotion, per BRANCHING.md
Versioning Strict SemVer β€” feat β†’ minor, fix β†’ patch, BREAKING CHANGE β†’ major Standard for Node OSS
Changelog visibility feat, fix, perf, refactor, docs, revert shown; ci, chore, build, test, style hidden Reduces noise in user-facing changelog
Action version Tag-based (@v4) Matches existing main.yml style
Pre-releases Disabled Can enable per package later if you want beta channels
npm install required? No Action runs entirely on GitHub runners. package.json is not touched

⚠️ Caveat β€” branch protection token

When branch protection is enabled on main (per #208), the default GITHUB_TOKEN may not be able to push the Release PR if 1-approval-required is enforced. Two options to handle this once protection is on:

  1. Recommended: add the release-please bot to the bypass-allowlist in branch protection rules
  2. Alternative: create a Personal Access Token (PAT) with repo scope, store as RELEASE_PLEASE_TOKEN secret, and replace ${{ secrets.GITHUB_TOKEN }} in release.yml

Either way, this is a one-time post-merge setup.

⚠️ First release will be a big one

The first time release-please runs (after the next staging β†’ main promotion), it will scan all 235+ Conventional Commits since v14.0.26 and generate one large changelog. That's expected β€” every commit between the existing tag and the new HEAD becomes a line. Subsequent releases will be small per-cycle.

Test plan

  • After merge, push a test commit to main β†’ release-please workflow should trigger (verify in Actions tab)
  • A Release PR should appear titled chore(main): release v... with version bump + CHANGELOG diff
  • On Release PR merge: verify git tag is created, GitHub Release appears with changelog body, and CHANGELOG.md is updated on main
  • Verify package.json version is bumped on main (and that bump didn't get bumped twice somehow)
  • Trigger workflow_dispatch manually from Actions tab β†’ confirm same behavior

Compatibility

βœ… Does NOT touch existing main.yml deploy workflow β€” runs alongside.
βœ… Does NOT add any npm dependencies.
βœ… Does NOT conflict with PRs #207, #208, #209 β€” all touch different files.

πŸ€– Generated with Claude Code

- Add release-please-config.json β€” tracks root package only,
  SemVer bump rules, CHANGELOG sections (user-facing types visible,
  engineering types hidden)
- Add .release-please-manifest.json β€” anchors current version at
  14.0.26 (matches existing v14.0.26 tag)
- Add .github/workflows/release.yml β€” runs on push to main and
  workflow_dispatch; uses googleapis/release-please-action@v4
- Add CHANGELOG.md β€” bootstrapped with v14.0.26 baseline;
  release-please appends new sections from here

Step 4 of the open-source repo maintenance baseline initiative.

How it works: when commits land on main (via the staging promotion
PR from BRANCHING.md), release-please opens a Release PR with the
version bump and grouped Conventional-Commits changelog. Merging
that PR creates the git tag, GitHub Release, and commits the bumps.

Frontend versioning (8.36.0) stays independent for now; can be added
as a second release-please component later if a unified version is
desired.

Zero new npm dependencies β€” the action runs entirely on GitHub
runners.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@coderabbitai

coderabbitai Bot commented Jun 9, 2026

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

βš™οΈ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: f07b683e-484e-4182-a9c1-72316910b82b

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • πŸ” Trigger review
✨ Finishing Touches
πŸ§ͺ Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch ci/release-please

Comment @coderabbitai help to get the list of available commands and usage tips.

@parth0025 parth0025 self-assigned this Jun 9, 2026
@joshishiv4 joshishiv4 merged commit 8f3566f into staging Jun 9, 2026
1 check passed
parth0025 added a commit to joshishiv4/AlianHub that referenced this pull request Jun 15, 2026
- Rewrite Dockerfile as a multi-stage build on node:20-alpine
  (~150MB vs the previous ~1GB), npm ci for reproducibility,
  non-root user, tini for signal handling, HEALTHCHECK via Node
- Drop broken admin/ references from the old Dockerfile (admin
  module is removed from the open-source repo)
- Rewrite docker-compose.yml as a complete stack: MongoDB service,
  persistent volumes (mongo data + app uploads), env_file, health
  checks, depends_on service_healthy gate, restart policies,
  configurable port, dedicated bridge network
- Expand .dockerignore: add .git, .github, .env*, .claude, *.md,
  tests, coverage, logs, IDE/OS files β€” smaller build context and
  prevents accidental secrets leak
- Add .github/workflows/docker.yml: multi-arch builds (amd64+arm64),
  pushes to GHCR on release-published (from release-please in aliansoftwareteam#212)
  and on main pushes, PR builds run image verification only (no
  push). Docker Hub publishing is commented out β€” uncomment after
  adding DOCKERHUB_USERNAME and DOCKERHUB_TOKEN repo secrets.

Step 5 of the open-source repo maintenance baseline initiative.

After this lands and the first release-please release is cut,
end users will be able to:
  docker pull ghcr.io/aliansoftwareteam/alianhub:latest
  docker compose up -d

Image name uses the short branded form (aliansoftwareteam/alianhub)
rather than the auto-derived full repo path.

Zero new npm dependencies β€” the workflow runs entirely on GitHub
runners.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants