chore: Add Gh Workflow for docker image builds

[akshat5302]

Description

This pull request introduces a new GitHub Actions workflow for building, pushing, and releasing Docker images for the Plane MCP Server. The workflow is designed to handle both regular and release builds, including pre-releases, and automates the release process with validation for semantic versioning.

Type of Change

• Improvement (change that would cause existing functionality to not work as expected)

Summary by CodeRabbit

• Chores
  • Implemented automated Docker image building and release publishing infrastructure.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[cursor]

You have run out of free Bugbot PR reviews for this billing cycle. This will reset on December 20.

To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

[coderabbitai]

Walkthrough

A new GitHub Actions workflow is introduced to automate Docker image building and publishing for Plane MCP Server. The workflow accepts inputs for build type, release version, and prerelease status; validates release versions against SemVer format; orchestrates Docker image construction via Buildx; and conditionally creates GitHub releases.

Changes

Cohort / File(s)

Summary

GitHub Actions Workflow \.github/workflows/build-branch.yml

New workflow file for Docker image CI/CD pipeline with three jobs: release_build_setup (validates release version, derives buildx and build flag variables), build_and_push (executes Docker image build and push via makeplane/build-push action), and publish_release (creates GitHub release for Release-type builds only). Includes workflow_dispatch trigger with inputs for build_type, releaseVersion, and isPrerelease.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Validation logic: SemVer regex pattern for release version enforcement requires careful verification
• Job orchestration: Multiple job dependencies and conditional execution (publish_release only on Release builds) should be traced through
• External action integration: Parameters passed to makeplane/build-push action and softprops/action-gh-release should be verified for correctness and security implications

Poem

🐰 A workflow so neat, with jobs that align,
Docker images building in Docker-time!
Versions validated, releases released,
The CI/CD feast has been nicely increased!
*hops with glee* 🚀

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore: Add Gh Workflow for docker image builds' directly corresponds to the main change: introducing a new GitHub Actions workflow for Docker image building and publishing.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch add-gh-workflow

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

.github/workflows/build-branch.yml (3)

48-84: Remove unused output FLAT_RELEASE_VERSION (line 65).

The variable FLAT_RELEASE_VERSION is set and output on line 65 but is never consumed by any downstream job. This is dead code and should be removed.

Apply this diff to remove the unused output:

          if [ "${{ env.BUILD_TYPE }}" == "Release" ]; then
            FLAT_RELEASE_VERSION=$(echo "${{ env.RELEASE_VERSION }}" | sed 's/[^a-zA-Z0-9.-]//g')
-           echo "FLAT_RELEASE_VERSION=${FLAT_RELEASE_VERSION}" >> $GITHUB_OUTPUT

            semver_regex="^v([0-9]+)\.([0-9]+)\.([0-9]+)(-[a-zA-Z0-9]+(-[a-zA-Z0-9]+)*)?$"
-           if [[ ! $FLAT_RELEASE_VERSION =~ $semver_regex ]]; then
+           if [[ ! ${FLAT_RELEASE_VERSION} =~ ${semver_regex} ]]; then

Note: Alternatively, use the variable directly without storing it separately.

---

103-104: Add validation for required Docker Hub secrets.

The workflow depends on secrets.DOCKERHUB_USERNAME and secrets.DOCKERHUB_TOKEN but does not validate their presence before use. Missing or misconfigured secrets will cause the build to fail silently during the makeplane/build-push action execution.

Add a validation step in the build_and_push job to ensure secrets are set:

    steps:
      - id: checkout_files
        name: Checkout Files
        uses: actions/checkout@v4
+     - id: validate_secrets
+       name: Validate DockerHub Secrets
+       run: |
+         if [ -z "${{ secrets.DOCKERHUB_USERNAME }}" ] || [ -z "${{ secrets.DOCKERHUB_TOKEN }}" ]; then
+           echo "Error: DOCKERHUB_USERNAME and/or DOCKERHUB_TOKEN secrets are not set"
+           exit 1
+         fi
      - name: Plane MCP Server Build and Push

This ensures early failure with a clear error message if secrets are missing.

---

58-84: Consider initializing RELVERSION inside the conditional for clarity.

The variable RELVERSION is initialized to "latest" unconditionally (line 61) and then conditionally overwritten for Release builds (line 76). While the logic is correct, it would be clearer to initialize it only within the appropriate conditional block or explicitly document the intent.

Consider restructuring for improved clarity:

-         BUILD_RELEASE=false
-         BUILD_PRERELEASE=false
-         RELVERSION="latest"
-
          if [ "${{ env.BUILD_TYPE }}" == "Release" ]; then
+           BUILD_RELEASE=true
            FLAT_RELEASE_VERSION=$(echo "${{ env.RELEASE_VERSION }}" | sed 's/[^a-zA-Z0-9.-]//g')
            # ... validation ...
-           BUILD_RELEASE=true
            RELVERSION=$FLAT_RELEASE_VERSION

            if [ "${{ env.IS_PRERELEASE }}" == "true" ]; then
              BUILD_PRERELEASE=true
            fi
+         else
+           BUILD_RELEASE=false
+           BUILD_PRERELEASE=false
+           RELVERSION="latest"
          fi

This makes it explicit that RELVERSION="latest" only applies to Build (non-Release) type workflows.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 81218bc and 4a7d782.

📒 Files selected for processing (1)

• .github/workflows/build-branch.yml (1 hunks)

🔇 Additional comments (1)

.github/workflows/build-branch.yml (1)

98-98: Verify external action versions are current and maintained.

The workflow uses two external GitHub Actions:

• makeplane/actions/[email protected] (line 98)
• softprops/[email protected] (line 131)

Ensure these versions are current, actively maintained, and free from security vulnerabilities, especially since these actions have sensitive privileges (Docker Hub credentials, repository write access).

Please verify:

1. That makeplane/actions/[email protected] exists and is the intended version
2. That softprops/[email protected] is the latest stable version
3. Check for any known security advisories or deprecation notices

Also applies to: 131-131