release-pipeline.yml•1.16 kB
name: Release Pipeline
on:
push:
tags:
- 'v*'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Trigger CI workflow for testing and validation
ci:
uses: ./.github/workflows/test-and-validate.yml
permissions:
contents: read
# Update version in codebase (must run before builds)
update-version:
needs: ci
uses: ./.github/workflows/update-version.yml
secrets: inherit
permissions:
contents: write
# Build binaries (needs updated version)
binaries:
needs: update-version
uses: ./.github/workflows/build-binaries.yml
permissions:
contents: write
# Publish to npm (needs binaries for release)
release:
needs: [update-version, binaries]
uses: ./.github/workflows/publish-to-npm.yml
secrets: inherit
permissions:
contents: write
id-token: write
# Build and publish Docker images (needs updated version)
docker:
needs: update-version
uses: ./.github/workflows/build-docker-images.yml
secrets: inherit
permissions:
contents: read
packages: write
security-events: write