🐳 ci: Build & Publish Versioned Image on Release#90
Merged
Conversation
The Docker publish workflow only triggered on `main` pushes and tagged images with `:<sha>` and `:latest`, so publishing a GitHub release (e.g. v1.0.0) produced no versioned image. - Trigger the workflow on `release: published` (keeps `workflow_dispatch` and the existing `main` push trigger). - Use `docker/metadata-action` to derive tags: - Releases → `:1.0.0`, `:1.0`, `:1` (semver) - `main` pushes → `:latest` + full `:<sha>` (unchanged behavior) `latest` continues to track `main` rather than the latest release, so the docker-compose `:latest` reference is unaffected.
![macroscopeapp[bot]](https://avatars.githubusercontent.com/in/900172?s=60&v=4){kind=small}
Comment on lines
+42
to
+52
| - name: Docker metadata | ||
| id: meta | ||
| uses: docker/metadata-action@v5 | ||
| with: | ||
| images: ghcr.io/clickhouse/librechat-admin-panel | ||
| tags: | | ||
| type=semver,pattern={{version}} | ||
| type=semver,pattern={{major}}.{{minor}} | ||
| type=semver,pattern={{major}} | ||
| type=raw,value=latest,enable={{is_default_branch}} | ||
| type=sha,format=long,prefix=,enable={{is_default_branch}} |
There was a problem hiding this comment.
🟠 High workflows/docker-publish.yml:42
The docker/metadata-action config auto-generates a latest tag for every type=semver rule, so publishing release v1.0.0 will overwrite the existing :latest image (which should track main branch builds) with the release image. The explicit type=raw,value=latest,enable={{is_default_branch}} rule then creates a duplicate tag. Consider setting flavor: latest=false to disable the implicit latest tag from semver rules, ensuring :latest only tracks main builds.
- name: Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/clickhouse/librechat-admin-panel
+ flavor: latest=false
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=raw,value=latest,enable={{is_default_branch}}
type=sha,format=long,prefix=,enable={{is_default_branch}}🚀 Reply "fix it for me" or copy this AI Prompt for your agent:
In file @.github/workflows/docker-publish.yml around lines 42-52:
The `docker/metadata-action` config auto-generates a `latest` tag for every `type=semver` rule, so publishing release `v1.0.0` will overwrite the existing `:latest` image (which should track `main` branch builds) with the release image. The explicit `type=raw,value=latest,enable={{is_default_branch}}` rule then creates a duplicate tag. Consider setting `flavor: latest=false` to disable the implicit `latest` tag from semver rules, ensuring `:latest` only tracks `main` builds.
dustinhealy
approved these changes
Jun 24, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Publishing a GitHub release (e.g. v1.0.0) currently builds no Docker image: the
Docker Image Publishworkflow only triggers onmainpushes and tags images with:<sha>and:latest.This adds release-driven, versioned image builds.
Changes
release: published(in addition to the existingworkflow_dispatchandmainpush triggers).docker/metadata-action:v1.0.0published:1.0.0,:1.0,:1main:latest,:<full-sha>(unchanged)latestdeliberately keeps trackingmain(not the latest release), so the existingdocker-compose.yml:latestreference is unaffected. The full-<sha>tag format is preserved.Note on the existing v1.0.0 release
The
v1.0.0tag points to a commit that predates this workflow, so merging this will not retroactively build thev1.0.0image — GitHub runs the workflow version that exists at the released commit. The first versioned build will happen on the next release cut after this merges (or by re-pointingv1.0.0to a commit that includes this workflow). See the PR discussion for options.🤖 Generated with Claude Code