chore: add repository dispatch to kick off docker image build on release #7235
Conversation
|
WalkthroughAdds a global env var BIOME_DOCKER_REPO=biomejs/docker. In the release workflow, renames the website dispatch step to “Codegen website schema” without changing its dispatch details. Introduces a new “Generate docker images” step that triggers a repository_dispatch to BIOME_DOCKER_REPO with the same event-type and payload as the website dispatch. The Docker dispatch runs after the website schema step within the publish-cli sections. No changes to payload format, event-type, error handling, or other steps. Possibly related PRs
Suggested reviewers
Tip 🔌 Remote MCP (Model Context Protocol) integration is now available!Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats. ✨ Finishing Touches🧪 Generate unit tests
🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. CodeRabbit Commands (Invoked using PR/Issue comments)Type Other keywords and placeholders
Status, Documentation and Community
|
|
Hi @siketyan , I apologize if this is incorrect, I am not very familiar with Github actions or this API. I believe this does the correct thing. |
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (4)
.github/workflows/release_cli.yml (4)
277-283: Gate on real releases and pass context as client-payload.If the intent is to build images only for actual releases (not nightly), add an if condition. Also pass useful metadata (version, tag, prerelease) so the docker workflow can deterministically build the right images without guessing latest release.
Proposed change:
- - name: Generate docker images - uses: peter-evans/repository-dispatch@v3 + - name: Generate docker images + if: needs.build.outputs.prerelease != 'true' + uses: peter-evans/repository-dispatch@v3 with: - token: ${{ secrets.GITHUB_TOKEN }} + token: ${{ secrets.DOCKER_DISPATCH_TOKEN }} repository: biomejs/docker event-type: build_images + client-payload: | + { + "version": "v${{ needs.build.outputs.version }}", + "tag": "cli/v${{ needs.build.outputs.version }}", + "prerelease": ${{ needs.build.outputs.prerelease == 'true' }} + }
278-278: Pin action to a commit SHA to match your supply-chain policy.All other actions here are pinned to SHAs; this one should be too (peter-evans/repository-dispatch@). Please replace @V3 with the corresponding commit SHA.
If you want, I can fetch the exact commit SHA for v3 and propose the precise edit.
277-277: Tweak the step name for clarity.This step triggers a build elsewhere rather than building here.
- - name: Generate docker images + - name: Trigger Docker image build
277-283: Non-blocking dispatch (optional).If you don’t want a transient failure in the docker repo to block the CLI release, consider allowing this step to be non-fatal.
- - name: Trigger Docker image build + - name: Trigger Docker image build + continue-on-error: true
📜 Review details
Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled by default for public repositories
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (1)
.github/workflows/release_cli.yml(1 hunks)
🔇 Additional comments (1)
.github/workflows/release_cli.yml (1)
282-282: Confirm the event-type matches the target workflow.Ensure the workflow in biomejs/docker listens for repository_dispatch with type build_images (not e.g. build-images). Mismatch will silently no-op.
Would you like me to double-check the target workflow event type against biomejs/docker#8?
.github/workflows/release_cli.yml
Outdated
| with: | ||
| token: ${{ secrets.GITHUB_TOKEN }} | ||
| repository: biomejs/docker | ||
| event-type: build_images |
There was a problem hiding this comment.
Cross-repo dispatch will fail with GITHUB_TOKEN; use a PAT secret scoped to biomejs/docker.
GitHub’s GITHUB_TOKEN doesn’t have cross-repository rights for repository_dispatch. This will 403/404. Use a fine-grained PAT limited to biomejs/docker with the minimum necessary permissions (Contents: Read/Write), store it as a secret (e.g. DOCKER_DISPATCH_TOKEN), and reference it here.
Apply this diff:
with:
- token: ${{ secrets.GITHUB_TOKEN }}
+ token: ${{ secrets.DOCKER_DISPATCH_TOKEN }}
repository: biomejs/docker
event-type: build_images📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| repository: biomejs/docker | |
| event-type: build_images | |
| with: | |
| token: ${{ secrets.DOCKER_DISPATCH_TOKEN }} | |
| repository: biomejs/docker | |
| event-type: build_images |
🤖 Prompt for AI Agents
.github/workflows/release_cli.yml around lines 279 to 282, the workflow uses
GITHUB_TOKEN for a cross-repo repository_dispatch which will be rejected; create
a fine-grained PAT scoped to the biomejs/docker repo with minimal permissions
(Contents: Read/Write), store it as a secret (e.g. DOCKER_DISPATCH_TOKEN) in
this repo, and update the workflow to reference that secret instead of
GITHUB_TOKEN (i.e. replace the token reference with the new secret name).
There was a problem hiding this comment.
I am likely unable to accomplish this without help. 🙇
|
|
Hi @siketyan , thank you for the code pointer! Very helpful. I have moved the action to the |
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (1)
.github/workflows/release.yml (1)
386-392: Docker dispatch missing client-payload (likely needed to build the right tag)Unlike the website dispatch above, this step doesn’t pass a client-payload (sha, tag, version). If the docker workflow expects these (very likely), this will trigger, but the build won’t know which release to build.
Proposed fix (mirror the website payload):
- name: Generate docker images uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3 with: token: ${{ secrets.BIOME_REPOSITORY_DISPATCH }} repository: ${{ env.BIOME_DOCKER_REPO }} event-type: ${{ env.BIOME_RELEASE_CLI_EVENT }} + client-payload: | + { "sha": "${{ github.sha }}", "tag": "@biomejs/biome@${{ needs.build-binaries.outputs.version }}", "version": "${{ needs.build-binaries.outputs.version }}" }Follow-up:
- Please confirm the docker repo’s on: repository_dispatch config matches event-type biome-release-cli-event and whether it requires the same payload keys (sha, tag, version). If it uses different names, we should align here.
📜 Review details
Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled by default for public repositories
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (1)
.github/workflows/release.yml(2 hunks)
🔇 Additional comments (2)
.github/workflows/release.yml (2)
18-18: Env var for Docker repo looks goodIntroducing BIOME_DOCKER_REPO keeps things configurable and consistent with BIOME_WEBSITE_REPO.
378-385: Rename clarifies the step’s purpose“Codegen website schema” is clearer than the previous generic label. No functional change spotted.
See biomejs/docker#8