harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3

ci(docker): publish image on main pushes and tags (#789)

Browse source 
* feat: Add GitHub Actions workflows for security audits, CodeQL analysis, contributor updates, performance benchmarks, integration tests, fuzz testing, and reusable Rust build jobs

- Implemented `sec-audit.yml` for Rust package security audits using `rustsec/audit-check` and `cargo-deny-action`.
- Created `sec-codeql.yml` for CodeQL analysis scheduled twice daily.
- Added `sync-contributors.yml` to update the NOTICE file with new contributors automatically.
- Introduced `test-benchmarks.yml` for performance benchmarks using Criterion.
- Established `test-e2e.yml` for running integration and end-to-end tests.
- Developed `test-fuzz.yml` for fuzz testing with configurable runtime.
- Created `test-rust-build.yml` as a reusable job for executing Rust commands with customizable parameters.
- Documented main branch delivery flows in `main-branch-flow.md` for clarity on CI/CD processes.

* ci(workflows): update workflow scripts and rename for clarity; remove obsolete lint feedback script

* chore(ci): externalize workflow scripts and relocate main flow doc

* chore(ci): align workflow names with file naming style

* ci(docker): publish image on main pushes and tags

* ci(docker): restrict publish tag checks to v* refs
This commit is contained in:
Will Sarg 2026-02-18 06:55:34 -05:00 committed by GitHub
parent cfa7215688
commit a7a580a479
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
.github/workflows/pub-docker-img.yml vendored
View file

@ -43,7 +43,7 @@ env:
jobs:
pr-smoke:
name: PR Docker Smoke
if: github.event_name == 'pull_request'
if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository
runs-on: blacksmith-2vcpu-ubuntu-2404
timeout-minutes: 25
permissions:
@ -80,7 +80,7 @@ jobs:
publish:
name: Build and Push Docker Image
if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) && github.repository == 'zeroclaw-labs/zeroclaw'
runs-on: blacksmith-2vcpu-ubuntu-2404
timeout-minutes: 25
permissions:
@ -127,4 +127,4 @@ jobs:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
platforms: ${{ startsWith(github.ref, 'refs/tags/') && 'linux/amd64,linux/arm64' || 'linux/amd64' }}
platforms: ${{ startsWith(github.ref, 'refs/tags/v') && 'linux/amd64,linux/arm64' || 'linux/amd64' }}