cal/paper-dynasty-discord
1
0
Fork 0
Code Issues 14 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

ci: switch to tag-based Docker builds #110

Merged
Claude merged 2 commits from ci/tag-based-docker-builds into main 2026-03-23 17:21:59 +00:00
Conversation 0 Commits 2 Files Changed 2 +34 -47
cal commented 2026-03-23 15:49:43 +00:00
Owner
Copy Link

Summary

Adopts the Major Domo "build on tag" CI pattern. Docker images are now built only when a CalVer tag is pushed — no more builds on PRs or branch pushes.

Changes

  • Workflow trigger: push.tags: ['20*'] only (removes branch push + PR triggers)
  • Version extraction: inline from tag ref (removes calver, docker-tags, gitea-tag reusable actions)
  • Docker tags: <version> + production (removes dev/rc/stable channel logic)
  • Build cache: kept as-is
  • CLAUDE.md: updated versioning and CI/CD sections

How to release

git tag 2026.3.42
git push origin 2026.3.42

What's removed

  • Auto-CalVer generation on merge
  • Multi-channel tag resolution
  • next-release branch triggers
  • PR Docker builds (throwaway images)

Unchanged

  • ruff-lint.yml — still runs on PRs as a quality gate
## Summary Adopts the Major Domo "build on tag" CI pattern. Docker images are now built only when a CalVer tag is pushed — no more builds on PRs or branch pushes. ### Changes - **Workflow trigger**: `push.tags: ['20*']` only (removes branch push + PR triggers) - **Version extraction**: inline from tag ref (removes `calver`, `docker-tags`, `gitea-tag` reusable actions) - **Docker tags**: `<version>` + `production` (removes dev/rc/stable channel logic) - **Build cache**: kept as-is - **CLAUDE.md**: updated versioning and CI/CD sections ### How to release ```bash git tag 2026.3.42 git push origin 2026.3.42 ``` ### What's removed - Auto-CalVer generation on merge - Multi-channel tag resolution - `next-release` branch triggers - PR Docker builds (throwaway images) ### Unchanged - `ruff-lint.yml` — still runs on PRs as a quality gate
cal added 2 commits 2026-03-23 15:49:45 +00:00 
Replace branch/PR-triggered Docker builds with tag-only triggers.
Images are now built only when a CalVer tag is pushed
(git tag YYYY.M.BUILD && git push origin YYYY.M.BUILD).

- Remove calver, docker-tags, and gitea-tag reusable actions
- Add inline version extraction from tag ref
- Keep existing build cache config
- Update CLAUDE.md versioning and CI/CD sections

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
ci: switch to tag-based Docker builds (already committed)
All checks were successful
Ruff Lint / lint (pull_request) Successful in 17s
Details
f09470b1f1
Claude added the
ai-reviewing
 label 2026-03-23 17:16:48 +00:00
Claude reviewed 2026-03-23 17:17:49 +00:00
Claude left a comment
Collaborator
Copy Link

AI Code Review

Files Reviewed

  • .gitea/workflows/docker-build.yml (modified)
  • CLAUDE.md (modified)

Findings

Correctness

  • VERSION=${GITHUB_REF#refs/tags/} correctly strips the refs/tags/ prefix to yield the bare tag (e.g., 2026.3.42). Standard pattern, no issues.
  • Docker tags manticorum67/paper-dynasty-discordapp:<version> + production are correct — immutable version tag plus a rolling production pointer that deployment can track.
  • Build cache kept as-is. No regression.
  • The failure notification (lines 84–91) omits version, commit_sha, and timestamp params that the success notification includes. When a build fails the version is already extracted (step runs before Docker build), so the info is available. Minor cosmetic gap — failure alerts would benefit from the same context for debugging. Not a blocker since the discord-notify action presumably accepts these as optional.

Security

  • No issues. GITHUB_REF is a CI-controlled env var — no injection risk. Secrets remain properly referenced via ${{ secrets.* }}.

Style & Conventions

  • Follows the established Major Domo "build on tag" pattern per CLAUDE.md conventions.
  • Tag glob '20*' is intentionally broad (matches any tag starting with "20"). Acceptable for an operator-controlled repo — no risk of accidental triggers beyond unusual manual tagging.
  • CLAUDE.md versioning string updated from YYYY.MM.BUILD to YYYY.M.BUILD (single-digit month), consistent with actual CalVer examples used in commands (2026.3.42). Correct.
  • Release instructions added as a comment in the CI/CD section of CLAUDE.md — good discoverability.

Suggestions

  • The failure notification could include version, commit_sha, and timestamp to match the success notification. Useful when debugging a failed build to know exactly which tag triggered it.

Verdict: COMMENT

Clean simplification. Removes reusable action dependencies (calver, docker-tags, gitea-tag) in favour of a single inline version-extraction step. Logic is correct, security is sound, CLAUDE.md updated accurately. Posting as COMMENT since Gitea blocks self-approval.

Automated review by Claude PR Reviewer

## AI Code Review ### Files Reviewed - `.gitea/workflows/docker-build.yml` (modified) - `CLAUDE.md` (modified) ### Findings #### Correctness - `VERSION=${GITHUB_REF#refs/tags/}` correctly strips the `refs/tags/` prefix to yield the bare tag (e.g., `2026.3.42`). Standard pattern, no issues. - Docker tags `manticorum67/paper-dynasty-discordapp:<version>` + `production` are correct — immutable version tag plus a rolling `production` pointer that deployment can track. - Build cache kept as-is. No regression. - The failure notification (lines 84–91) omits `version`, `commit_sha`, and `timestamp` params that the success notification includes. When a build fails the version is already extracted (step runs before Docker build), so the info is available. Minor cosmetic gap — failure alerts would benefit from the same context for debugging. Not a blocker since the `discord-notify` action presumably accepts these as optional. #### Security - No issues. `GITHUB_REF` is a CI-controlled env var — no injection risk. Secrets remain properly referenced via `${{ secrets.* }}`. #### Style & Conventions - Follows the established Major Domo "build on tag" pattern per CLAUDE.md conventions. - Tag glob `'20*'` is intentionally broad (matches any tag starting with "20"). Acceptable for an operator-controlled repo — no risk of accidental triggers beyond unusual manual tagging. - CLAUDE.md versioning string updated from `YYYY.MM.BUILD` to `YYYY.M.BUILD` (single-digit month), consistent with actual CalVer examples used in commands (`2026.3.42`). Correct. - Release instructions added as a comment in the CI/CD section of CLAUDE.md — good discoverability. #### Suggestions - The failure notification could include `version`, `commit_sha`, and `timestamp` to match the success notification. Useful when debugging a failed build to know exactly which tag triggered it. ### Verdict: COMMENT Clean simplification. Removes reusable action dependencies (`calver`, `docker-tags`, `gitea-tag`) in favour of a single inline version-extraction step. Logic is correct, security is sound, CLAUDE.md updated accurately. Posting as COMMENT since Gitea blocks self-approval. --- *Automated review by Claude PR Reviewer*
Claude added
ai-reviewed
 and removed
ai-reviewing
 labels 2026-03-23 17:18:13 +00:00
cal reviewed 2026-03-23 17:21:17 +00:00
cal left a comment
Author
Owner
Copy Link

Reviewed by pd-ops (Claude). Changes are correct and match the Major Domo tag-based CI pattern.

  • Trigger correctly converted to push.tags: ['20*'] only
  • Inline version extraction via ${GITHUB_REF#refs/tags/} is clean, removes calver/docker-tags/gitea-tag reusable actions
  • Docker tags <version> + production correct
  • Build cache was already present — kept correctly
  • ruff-lint.yml untouched — correct, lint gate on PRs should remain
  • Discord notify conditions simplified to unconditional success/failure — appropriate since all tag builds are intentional releases
  • CLAUDE.md versioning section updated to reflect manual tag workflow

Approved to merge.

Reviewed by pd-ops (Claude). Changes are correct and match the Major Domo tag-based CI pattern. - Trigger correctly converted to `push.tags: ['20*']` only - Inline version extraction via `${GITHUB_REF#refs/tags/}` is clean, removes calver/docker-tags/gitea-tag reusable actions - Docker tags `<version>` + `production` correct - Build cache was already present — kept correctly - ruff-lint.yml untouched — correct, lint gate on PRs should remain - Discord notify conditions simplified to unconditional success/failure — appropriate since all tag builds are intentional releases - CLAUDE.md versioning section updated to reflect manual tag workflow Approved to merge.
Claude approved these changes 2026-03-23 17:21:35 +00:00
Claude left a comment
Collaborator
Copy Link

Reviewed and approved by pd-ops (Claude). Tag-based CI conversion is correct — matches Major Domo pattern, removes calver/docker-tags/gitea-tag reusable actions, keeps build cache and ruff-lint, updates CLAUDE.md.

Reviewed and approved by pd-ops (Claude). Tag-based CI conversion is correct — matches Major Domo pattern, removes calver/docker-tags/gitea-tag reusable actions, keeps build cache and ruff-lint, updates CLAUDE.md.
Claude merged commit f4a57879ab into main 2026-03-23 17:21:59 +00:00
Claude deleted branch ci/tag-based-docker-builds 2026-03-23 17:21:59 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Claude
Labels
Clear labels   
ai-changes-requested

   
ai-failed

   
ai-pr-opened

   
ai-reviewed

   
ai-reviewing

   
ai-working

   
ai-working

   
bug

   
enhancement

   
feature

New feature proposal

  
in-queue

Approved for development

  
performance

   
security

   
tech-debt

   
todo
No Label
ai-changes-requested
ai-failed
ai-pr-opened
ai-reviewed
ai-reviewing
ai-working
ai-working
bug
enhancement
feature
in-queue
performance
security
tech-debt
todo
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: cal/paper-dynasty-discord#110
No description provided.
Delete Branch "ci/tag-based-docker-builds"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?