threshold-network · piotr-roslaniec · Oct 9, 2025 · Oct 8, 2025 · Oct 8, 2025 · Oct 9, 2025
diff --git a/.github/workflows/client.yml b/.github/workflows/client.yml
@@ -28,7 +28,7 @@ on:
         required: false
         default: "main"
 
-# TODO: Implement automatic releases creation on tags push with https://github.com/softprops/action-gh-release
+# Automatic releases are now handled by the dedicated release.yml workflow
 
 jobs:
   client-detect-changes:

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,116 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+permissions:
+  contents: write
+
+jobs:
+  build-and-release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          # Fetch the whole history for the `git describe` command to work.
+          fetch-depth: 0
+
+      - name: Resolve versions
+        run: |
+          echo "version=$(git describe --tags --match 'v[0-9]*' HEAD)" \
+            >> $GITHUB_ENV
+          echo "revision=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Cache Docker layers
+        uses: actions/cache@v4
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-
+
+      - name: Build Docker Build Image
+        uses: docker/build-push-action@v5
+        with:
+          target: build-docker
+          tags: go-build-env
+          build-args: |
+            VERSION=${{ env.version }}
+            REVISION=${{ env.revision }}
+          # load image to local registry to use it in next steps
+          load: true
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+          context: .
+
+      - name: Run Go tests
+        run: |
+          docker run \
+            --workdir /go/src/github.com/keep-network/keep-core \
+            go-build-env \
+            gotestsum -- -timeout 15m
+
+      - name: Build Client Binaries
+        uses: docker/build-push-action@v5
+        with:
+          target: output-bins
+          outputs: type=local,dest=./out/bin/
+          build-args: |
+            ENVIRONMENT=mainnet
+            VERSION=${{ env.version }}
+            REVISION=${{ env.revision }}
+          push: false
+          context: .
+
+      - name: Generate release notes
+        id: release_notes
+        run: |
+          # Get the previous tag for release notes
+          PREV_TAG=$(git describe --tags --abbrev=0 --match 'v[0-9]*' \
+            HEAD^ 2>/dev/null || echo "")
+
+          # Create release notes
+          echo "RELEASE_NOTES<<EOF" >> $GITHUB_OUTPUT
+          echo "## Keep Core ${{ env.version }}" >> $GITHUB_OUTPUT
+          echo "" >> $GITHUB_OUTPUT
+          echo "Built from commit: ${{ env.revision }}" >> $GITHUB_OUTPUT
+          echo "" >> $GITHUB_OUTPUT
+          echo "### Downloads" >> $GITHUB_OUTPUT
+          echo "- **Linux AMD64**: \`keep-client-mainnet-${{ env.version }}-linux-amd64.tar.gz\`" \
+            >> $GITHUB_OUTPUT
+          echo "- **macOS AMD64**: \`keep-client-mainnet-${{ env.version }}-darwin-amd64.tar.gz\`" \
+            >> $GITHUB_OUTPUT
+          echo "" >> $GITHUB_OUTPUT
+          echo "### Verification" >> $GITHUB_OUTPUT
+          echo "All binaries include MD5 and SHA256 checksums for verification." \
+            >> $GITHUB_OUTPUT
+          echo "" >> $GITHUB_OUTPUT
+          if [ -n "$PREV_TAG" ]; then
+            echo "### Changes since $PREV_TAG" >> $GITHUB_OUTPUT
+            git log --oneline --no-merges "$PREV_TAG..HEAD" | head -20 \
+              >> $GITHUB_OUTPUT
+          fi
+          echo "EOF" >> $GITHUB_OUTPUT
+
+      - name: Create GitHub Release
+        uses: softprops/action-gh-release@v2
+        with:
+          name: Release ${{ env.version }}
+          body: ${{ steps.release_notes.outputs.RELEASE_NOTES }}
+          files: |
+            out/bin/*.tar.gz
+            out/bin/*.md5
+            out/bin/*.sha256
+          draft: false
+          prerelease: ${{ contains(env.version, '-') }}
+          generate_release_notes: false
+
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
diff --git a/docs/release-process.md b/docs/release-process.md
@@ -0,0 +1,95 @@
+# Keep Core Release Process
+
+## Automated Releases
+
+Keep Core now supports fully automated releases through GitHub Actions. When you push a version tag, the system automatically:
+
+1. Builds multi-platform binaries
+2. Runs tests to ensure quality
+3. Creates a GitHub release with artifacts
+4. Generates release notes
+
+## Creating a Release
+
+### 1. Prepare the Release
+
+Ensure you're on the main branch with all changes merged:
+
+```bash
+git checkout main
+git pull origin main
+```
+
+### 2. Create and Push a Version Tag
+
+```bash
+# For a new patch release
+git tag v2.1.1
+
+# For a new minor release
+git tag v2.2.0
+
+# For a pre-release
+git tag v2.2.0-rc.1
+
+# Push the tag to trigger the release
+git push origin v2.1.1
+```
+
+### 3. Monitor the Release
+
+1. Go to the [Actions tab](../../actions) in GitHub
+2. Watch the "Release" workflow complete
+3. Check the [Releases page](../../releases) for the new release
+
+## Release Artifacts
+
+Each release automatically includes:
+
+- **Linux AMD64 binary**: `keep-client-mainnet-{version}-linux-amd64.tar.gz`
+- **macOS AMD64 binary**: `keep-client-mainnet-{version}-darwin-amd64.tar.gz`
+- **Checksums**: `.md5` and `.sha256` files for verification
+
+## Version Numbering
+
+Follow [Semantic Versioning](https://semver.org/):
+
+- **Patch** (`v2.1.1`): Bug fixes, security patches
+- **Minor** (`v2.2.0`): New features, backwards compatible
+- **Major** (`v3.0.0`): Breaking changes
+- **Pre-release** (`v2.2.0-rc.1`): Release candidates, alpha/beta versions
+
+## Pre-releases
+
+Tags containing hyphens (e.g., `v2.2.0-rc.1`, `v2.2.0-alpha.1`) are automatically marked as pre-releases.
+
+## Manual Release (Legacy)
+
+If automatic releases fail, you can still create releases manually:
+
+1. Use `workflow_dispatch` on the client workflow
+2. Download artifacts from the workflow run
+3. Create a GitHub release manually
+4. Upload the downloaded artifacts
+
+## Troubleshooting
+
+### Release Workflow Fails
+
+1. Check the Actions logs for specific errors
+2. Ensure the tag follows the `v*` pattern
+3. Verify tests are passing on the main branch
+
+### Missing Artifacts
+
+1. Check if the Docker build completed successfully
+2. Verify the `output-bins` target in the Dockerfile
+3. Ensure artifact paths match the workflow configuration
+
+## Configuration
+
+The release process is configured in:
+
+- `.github/workflows/release.yml` - Main release automation
+- `Makefile` - Build configuration and binary naming
+- `Dockerfile` - Multi-stage build for binaries