Updating CI/CD workflows for version release

S3B4SZ17 · S3B4SZ17 · commit 8b9f672049f6 · 2025-07-01T12:03:11.000-06:00
Signed-off-by: S3B4SZ17 &lt;sebastian.zumbado@sysdig.com&gt;
diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
@@ -4,19 +4,24 @@ on:
   push:
     branches:
       - main
+      - feat/*
     paths:
       - pyproject.toml
   workflow_dispatch:
 
 
 jobs:
+
   push_to_registry:
     name: Push Docker image to GitHub Packages
     runs-on: ubuntu-latest
     permissions:
       contents: read # required for actions/checkout
       packages: write # required for pushing to ghcr.io
       id-token: write # required for signing with cosign
+    outputs:
+      version: ${{ steps.extract_version.outputs.VERSION }}
+      tag: ${{ steps.extract_version.outputs.TAG }}
     steps:
       - name: Check out the repo
         uses: actions/checkout@v4
@@ -26,6 +31,8 @@ jobs:
         run: |
           VERSION=$(grep 'version =' pyproject.toml | sed -e 's/version = "\(.*\)"/\1/')-$(echo $GITHUB_SHA | cut -c1-7)
           echo "VERSION=$VERSION" >> "$GITHUB_OUTPUT"
+          TAG=v$(grep 'version =' pyproject.toml | sed -e 's/version = "\(.*\)"/\1/')
+          echo "TAG=$TAG" >> "$GITHUB_OUTPUT"
 
       - name: Log in to GitHub Container Registry
         uses: docker/login-action@v3
@@ -56,3 +63,36 @@ jobs:
             ghcr.io/sysdiglabs/sysdig-mcp-server:v${{ steps.extract_version.outputs.VERSION }}
           DIGEST: ${{ steps.build-and-push.outputs.digest }}
         run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
+
+  tag_release:
+    name: Tag Release
+    runs-on: ubuntu-latest
+    needs: push_to_registry
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Semantic Release
+        uses: cycjimmy/semantic-release-action@v4
+        id: semantic_release
+        with:
+          dry_run: true
+          branches: |
+            [
+              '+([0-9])?(.{+([0-9]),x}).x',
+              'main',
+              {
+                name: 'beta',
+                prerelease: true
+              },
+              {
+                name: 'alpha',
+                prerelease: true
+              }
+            ]
+
+      - name: Summary
+        run: |
+          echo "## Release Summary
+          - Tag: ${{ steps.semantic_release.outputs.new_release_version }}
+          - Docker Image: ghcr.io/sysdiglabs/sysdig-mcp-server:v${{ steps.extract_version.outputs.VERSION }}" >> $GITHUB_STEP_SUMMARY
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -5,6 +5,7 @@ on:
     branches:
       - main
   pull_request:
+  workflow_dispatch:
 
 jobs:
   test:
@@ -34,3 +35,43 @@ jobs:
 
       - name: Run Unit Tests
         run: make test
+
+  pre_release:
+    name: Tag Release
+    runs-on: ubuntu-latest
+    needs: test
+    permissions:
+      contents: write # required for creating a tag
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Extract current version
+        id: pyproject_version
+        run: |
+          TAG=v$(grep 'version =' pyproject.toml | sed -e 's/version = "\(.*\)"/\1/')
+          echo "TAG=$TAG" >> "$GITHUB_OUTPUT"
+
+      - name: Semantic Release
+        uses: cycjimmy/semantic-release-action@v4
+        id: semantic_release
+        with:
+          ci: false
+          dry_run: true
+        
+      - name: Compare versions
+        run: |
+          echo "Current version: ${{ steps.pyproject_version.outputs.TAG }}"
+          echo "New version: ${{ steps.semantic_release.outputs.new_release_version }}"
+          if [ "${{ steps.pyproject_version.outputs.TAG }}" != "${{ steps.semantic_release.outputs.new_release_version }}" ]; then
+            echo "### Version mismatch detected! :warning:
+            Current version: ${{ steps.pyproject_version.outputs.TAG }}
+            New version: **${{ steps.semantic_release.outputs.new_release_version }}**
+            Please update the version in pyproject.toml." >> $GITHUB_STEP_SUMMARY
+            exit 1
+          else
+            echo "### Version match confirmed! :rocket:
+            Current version: ${{ steps.pyproject_version.outputs.TAG }}
+            New version: **${{ steps.semantic_release.outputs.new_release_version }}**
+            The version is up-to-date." >> $GITHUB_STEP_SUMMARY
+          fi
