Skip to content

Update GitHub Actions workflows to use 'beta-latest' tag for images and add new workflows for releasing dashboard and Python SDK #278

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
NiveditJain merged 1 commit into from
Aug 24, 2025
Merged

Update GitHub Actions workflows to use 'beta-latest' tag for images and add new workflows for releasing dashboard and Python SDK #278

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 1 addition & 2 deletions .github/workflows/publish-dashboard.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,9 +44,8 @@ jobs:
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest
type=raw,value=beta-latest
type=sha,format=short
type=ref,event=tag # v1.2.3 → v1.2.3

- name: Build and push
uses: docker/build-push-action@v5
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/publish-state-mangaer.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ jobs:
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw, value=latest
type=raw, value=beta-latest
type=sha, value=${{ env.SHA_TAG }}

- name: Build and push
Expand Down
54 changes: 54 additions & 0 deletions .github/workflows/release-dashboard.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
name: Publish Dashboard image to GHCR and Deploy to K8s

on:
release:
types: [published]

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository_owner }}/exosphere-dashboard
SHA_TAG: ${{ github.sha }}

jobs:
publish-image:
runs-on: ubuntu-latest

permissions:
contents: read
packages: write

outputs:
tags: ${{ steps.meta.outputs.tags }}
json: ${{ steps.meta.outputs.json }}

steps:
- uses: actions/checkout@v4

- uses: docker/setup-buildx-action@v3

- name: Log in to GHCR
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Generate tags & labels
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=short

- name: Build and push
uses: docker/build-push-action@v5
with:
context: ./dashboard
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
0 .../workflows/publish-python-sdk-release.yml → .github/workflows/release-python-sdk.yml
View file
Open in desktop
File renamed without changes.
113 changes: 113 additions & 0 deletions .github/workflows/release-state-manager.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
name: Publish State Manager image to GHCR and Deploy to K8s

on:
push:
branches: [main]
paths:
- 'state-manager/**'
release:
types: [published]
workflow_dispatch:

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository_owner }}/exosphere-state-manager
SHA_TAG: ${{ github.sha }}

Comment on lines +12 to +16
Copy link
Contributor

@coderabbitai coderabbitai bot Aug 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Optional: add concurrency to avoid parallel publishes of the same release.

 env:
   REGISTRY: ghcr.io
   IMAGE_NAME: ${{ github.repository_owner }}/exosphere-state-manager
   SHA_TAG: ${{ github.sha }}
 
+concurrency:
+  group: release-state-manager-${{ github.event.release.tag_name || github.run_id }}
+  cancel-in-progress: true
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository_owner }}/exosphere-state-manager
SHA_TAG: ${{ github.sha }}
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository_owner }}/exosphere-state-manager
SHA_TAG: ${{ github.sha }}
concurrency:
group: release-state-manager-${{ github.event.release.tag_name || github.run_id }}
cancel-in-progress: true
🤖 Prompt for AI Agents 
In .github/workflows/release-state-manager.yml around lines 12 to 16, the
workflow lacks a concurrency setting which can allow parallel runs to publish
the same image; add a concurrency block at the top level (e.g., concurrency:
group: release-state-manager-${{ github.ref }} or include image name/owner, and
cancel-in-progress: true) so that concurrent workflow runs for the same
ref/release are serialized or the in-progress run is cancelled before a new one
starts.

jobs:
test:
runs-on: ubuntu-latest
services:
mongodb:
image: mongo:7
ports:
- 27017:27017
options: >-
--health-cmd "mongosh --eval 'db.runCommand(\"ping\")'"
--health-interval 10s
--health-timeout 5s
--health-retries 5
Comment on lines +22 to +29
Copy link
Contributor

@coderabbitai coderabbitai bot Aug 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Harden MongoDB health check for reliability.

Ensure the command exists on the container and returns non-zero on failure; add --quiet and use adminCommand.

         options: >-
-          --health-cmd "mongosh --eval 'db.runCommand(\"ping\")'"
+          --health-cmd "mongosh --quiet --eval 'db.adminCommand({ ping: 1 })'"
           --health-interval 10s
           --health-timeout 5s
           --health-retries 5

If your base image lacks mongosh, switch to mongo --eval 'db.adminCommand({ ping: 1 })'.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
image: mongo:7
ports:
- 27017:27017
options: >-
--health-cmd "mongosh --eval 'db.runCommand(\"ping\")'"
--health-interval 10s
--health-timeout 5s
--health-retries 5
image: mongo:7
ports:
- 27017:27017
options: >-
--health-cmd "mongosh --quiet --eval 'db.adminCommand({ ping: 1 })'"
--health-interval 10s
--health-timeout 5s
--health-retries 5
🤖 Prompt for AI Agents 
In .github/workflows/release-state-manager.yml around lines 22 to 29, the
MongoDB container health check should be made more reliable: change the health
command to use the adminCommand ping and suppress extra output so failures
return non-zero. Replace the current health-cmd with a command that runs either
"mongosh --quiet --eval 'db.adminCommand({ ping: 1 })'" and, if the base image
may not contain mongosh, use the fallback "mongo --quiet --eval
'db.adminCommand({ ping: 1 })'"; keep the same interval/timeout/retries options
so the runner uses the adminCommand ping and --quiet to ensure proper non-zero
exit on failure.


steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'

- name: Install uv
uses: astral-sh/setup-uv@v2

- name: Install dev dependencies with uv
working-directory: state-manager
run: |
uv sync --group dev

- name: Run unit tests with pytest and coverage
working-directory: state-manager
run: |
uv run pytest tests/unit/ --cov=app --cov-report=xml --cov-report=term-missing -v --junitxml=pytest-report.xml

- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
slug: exospherehost/exospherehost
files: state-manager/coverage.xml
flags: state-manager-unittests
name: state-manager-coverage-report
fail_ci_if_error: true

- name: Upload test results
uses: actions/upload-artifact@v4
if: always()
with:
name: state-manager-test-results
path: state-manager/pytest-report.xml
retention-days: 30

publish-image:
runs-on: ubuntu-latest
needs: test

permissions:
contents: read
packages: write

Comment on lines +75 to +78
Copy link
Contributor

@coderabbitai coderabbitai bot Aug 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Trailing whitespace.

YAML linters (and your static analysis) flag trailing spaces on Line 78. Remove them.

     permissions:
       contents: read
-      packages: write 
+      packages: write
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
permissions:
contents: read
packages: write
permissions:
contents: read
packages: write
🧰 Tools
🪛 YAMLlint (1.37.1)

[error] 78-78: trailing spaces

(trailing-spaces)

🤖 Prompt for AI Agents 
.github/workflows/release-state-manager.yml around lines 75 to 78: there is
trailing whitespace on line 78 causing YAML linter/static analysis failures;
remove the trailing spaces at the end of that line (and scan the file for any
other trailing whitespace), save the file, and re-run the linter/CI to confirm
the warning is resolved.

outputs:
tags: ${{ steps.meta.outputs.tags }}
json: ${{ steps.meta.outputs.json }}

steps:
- uses: actions/checkout@v4

- uses: docker/setup-buildx-action@v3

- name: Log in to GHCR
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Generate tags & labels
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=short

Comment on lines +95 to +106
Copy link
Contributor

@coderabbitai coderabbitai bot Aug 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Semver tags won’t be created on release events unless you pass the release tag to metadata-action.

Inject github.event.release.tag_name into the semver lines.

           tags: |
             type=raw,value=latest
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-            type=semver,pattern={{major}}
+            type=semver,pattern={{version}},value=${{ github.event.release.tag_name }}
+            type=semver,pattern={{major}}.{{minor}},value=${{ github.event.release.tag_name }}
+            type=semver,pattern={{major}},value=${{ github.event.release.tag_name }}
             type=sha,format=short
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Generate tags & labels
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=short
- name: Generate tags & labels
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest
type=semver,pattern={{version}},value=${{ github.event.release.tag_name }}
type=semver,pattern={{major}}.{{minor}},value=${{ github.event.release.tag_name }}
type=semver,pattern={{major}},value=${{ github.event.release.tag_name }}
type=sha,format=short
🤖 Prompt for AI Agents 
.github/workflows/release-state-manager.yml around lines 95 to 106: the semver
tag lines passed to docker/metadata-action don't include the release tag so
semver tags aren't created on release events; update each semver tag entry to
inject the release tag by appending value=${{ github.event.release.tag_name }}
(e.g. type=semver,pattern={{version}},value=${{ github.event.release.tag_name
}}) so when the workflow runs on a release the action will emit the release tag;
keep the other tag lines unchanged.

- name: Build and push
uses: docker/build-push-action@v5
with:
context: ./state-manager
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}