Conversation
🎯 Coverage Target Met!📈 Coverage Metrics
📊 Test Statistics
🔍 Files Needing Coverage
📝 Report generated on Node.js v24.13.1 • View workflow • Coverage by Vitest + v8 |
There was a problem hiding this comment.
Pull request overview
Updates the container publishing workflow so that, after publishing a versioned multi-arch image to GHCR, it also publishes a :latest multi-arch manifest pointing at the same architecture-specific images.
Changes:
- Add creation of a GHCR
:latestmanifest list using the existing${IMAGE_TAG}-amd64/${IMAGE_TAG}-arm64images - Push the
:latestmanifest to GHCR as part of thecreate-manifestjob
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # Create and push 'latest' tag manifest list | ||
| docker manifest create "${GHCR_REGISTRY}:latest" \ | ||
| --amend "${GHCR_REGISTRY}:${IMAGE_TAG}-amd64" \ | ||
| --amend "${GHCR_REGISTRY}:${IMAGE_TAG}-arm64" | ||
| docker manifest push "${GHCR_REGISTRY}:latest" |
There was a problem hiding this comment.
Pushing the :latest manifest is currently unconditional within create-manifest. Since this workflow also runs on workflow_dispatch and on any release publish (including pre-releases), this can unintentionally overwrite ghcr.io/<repo>:latest with a manual/dev build or a pre-release image. Consider gating this step (or adding a separate step) so latest is only pushed for non-prerelease releases (e.g., if: github.event_name == 'release' && github.event.release.prerelease == false) and/or behind an explicit workflow_dispatch input.
sazap10
changed the title
|
bundled into #330 |
Goal
Push github image to latest tag as part of publish step, also allow configuring builder image for local builds when using zscaler
Design
Allow using in development with latest image
Changeset
Testing
No functional change