Skip to content

Always update semver tags consistently + support building/tagging/publishing non-main kernel builds#152

Open
bleggett wants to merge 4 commits intomainfrom
bleggett/disallow-semver-tag-violations
Open

Always update semver tags consistently + support building/tagging/publishing non-main kernel builds#152
bleggett wants to merge 4 commits intomainfrom
bleggett/disallow-semver-tag-violations

Conversation

@bleggett
Copy link
Contributor

@bleggett bleggett commented Mar 5, 2026
edited
Loading

Fixes #149

Now, if you pass any semver to a build with publish=true, we will always update all semver tags in the registry:

Ex (before):

hack/build/generate-matrix.sh  manual:exact=6.18.16;flavor=host
generated 1 builds
build host 6.18.16 for x86_64 with tags 6.18.16 to ghcr.io/edera-dev/host-kernel, ghcr.io/edera-dev/host-kernel-sdk on edera-large

Ex (now):

hack/build/generate-matrix.sh  manual:exact=6.18.16;flavor=host 
generated 1 builds
build host 6.18.16 for x86_64 with tags 6, 6.18, 6.18.16 to ghcr.io/edera-dev/host-kernel, ghcr.io/edera-dev/host-kernel-sdk on edera-large

Before, this meant that even if we built and published off of main, the 6 and 6.18 refs would not get updated, only the 6.18.16 ref would get updated. You can work around this by passing tags in the build arg, if you remember the complete set and if you pass them, but that's not fail-closed since we let you partially update a public ref, and it's too easy to footgun and end up with inconsistent semver refs in the public registry this way, and we really have no reason not to keep all semver tags forcibly in sync with all published main builds, regardless.

...with the exception of wanting to build one-off/oneshot/test kernels that do not update any official refs. So this also supports doing that via the following:

If you trigger the GH Action with publish=true against main, you now get "official" tags above:

hack/build/generate-matrix.sh  manual:exact=6.18.16;flavor=host 
generated 1 builds
build host 6.18.16 for x86_64 with tags 6, 6.18, 6.18.16 to ghcr.io/edera-dev/host-kernel, ghcr.io/edera-dev/host-kernel-sdk on edera-large

If you trigger the GH Acton with publish=true against any other branch, you now get the Github ref branchname of that branch appended to all published tag names:

 GITHUB_REF_NAME=bleggett/my-test-kernel hack/build/generate-matrix.sh  manual:exact=6.18.16;flavor=host
generated 1 builds
build host 6.18.16 for x86_64 with tags 6-bleggett_my-test-kernel, 6.18-bleggett_my-test-kernel, 6.18.16-bleggett_my-test-kernel to ghcr.io/edera-dev/host-kernel, ghcr.io/edera-dev/host-kernel-sdk on edera-large

So in this way we can create branches and publish images to unique tags if we want, but all main builds always update all semver tags, so we can never collide.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@azenla azenla Awaiting requested review from azenla

@alexandermerritt alexandermerritt Awaiting requested review from alexandermerritt

@ecpullen ecpullen Awaiting requested review from ecpullen

@found-it found-it Awaiting requested review from found-it

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

CI OCI autotagging should be smarter

1 participant

@bleggett