Purpose
Use this skill when you are preparing, executing, or validating a production release that is published via .github/workflows/docker-publish.yml.
Operational sequence (exact flow)
- •Prepare version bump sources
- •Update
VERSIONto the new semantic version (X.Y.Z). - •Add a matching changelog section in
CHANGELOG.mdusing header format:## [X.Y.Z] - YYYY-MM-DD. - •Ensure related release documentation reflects the same version context (at minimum
RELEASE.md; if used, aligncreate-release.shworkflow notes).
- •Update
- •Create and push release tag
- •Tag naming convention is
v*.*.*(for example:v1.12.3). - •Push the tag so the workflow trigger (
push.tags: 'v*.*.*') starts.
- •Tag naming convention is
- •Workflow build/publish path
- •
Extract metadatagenerates Docker tags. - •
Build and pushpublishes multi-arch images to GHCR (linux/arm64,linux/amd64).
- •
- •Release note generation path
- •
Extract changelog for releaseparsesCHANGELOG.mdsection for the tag version (vX.Y.Z->X.Y.Z). - •
Build release noteswrites/tmp/release_notes.mdwith changelog content + Docker pull instructions + GHCR package URL. - •
Validate release notesblocks release creation if file is missing, empty, or too short.
- •
- •Publish GitHub release
- •
Create GitHub Releaserunsgh release createwith:- •title:
Release vX.Y.Z - •notes source:
/tmp/release_notes.md
- •title:
- •
Release preconditions
- •Tag must follow
v*.*.*or workflow will not auto-run. - •A changelog section for the exact version must exist:
## [X.Y.Z]inCHANGELOG.md.- •If missing, workflow falls back to generic text (
Release X.Y.Z - See commit history for details.), which is considered a release quality failure for this project.
- •If missing, workflow falls back to generic text (
- •Repository permissions must allow:
- •package push (
packages: write) - •release creation (
contents: write)
- •package push (
Expected artifacts
After a successful run for tag vX.Y.Z:
- •GHCR image tags (from metadata action)
- •
ghcr.io/<owner>/<repo>:vX.Y.Z - •
ghcr.io/<owner>/<repo>:X.Y.Z - •
ghcr.io/<owner>/<repo>:X.Y - •
ghcr.io/<owner>/<repo>:latest(default branch builds)
- •
- •GitHub Release
- •Release exists at
/releases/tag/vX.Y.Z - •Title:
Release vX.Y.Z - •Notes include:
- •changelog section body for
X.Y.Z - •Docker pull examples for
:vX.Y.Z,:X.Y.Z, and:latest - •link to GitHub Packages container page
- •changelog section body for
- •Release exists at
Troubleshooting by workflow step
Extract changelog for release
Symptoms
- •Log shows:
Warning: No changelog section found for version X.Y.Z - •Release notes begin with generic fallback text.
Checks and fixes
- •Confirm
CHANGELOG.mdincludes exact header## [X.Y.Z](novprefix in the bracketed version). - •Confirm tag/version mapping is correct (
v1.2.3=>1.2.3). - •Re-run release with corrected changelog (new tag) if notes quality is unacceptable.
Build release notes
Symptoms
- •Step fails while reading
/tmp/changelog.txt. - •Notes are missing Docker image instructions.
Checks and fixes
- •Ensure prior step completed and wrote
/tmp/changelog.txt. - •Verify repository variable resolution (
github.repository) is valid in workflow context. - •Re-run workflow after fixing script block syntax or variable expansion.
Validate release notes
Symptoms
- •Errors like
Release notes file not found,file is empty, ortoo short.
Checks and fixes
- •Confirm
/tmp/release_notes.mdis created by previous step. - •Confirm generated file is non-empty and above minimum length threshold.
- •Inspect step logs preview output to verify expected content shape.
Create GitHub Release
Symptoms
- •
gh release createfails or release not visible in GitHub UI.
Checks and fixes
- •Verify
GH_TOKENis present (secrets.GITHUB_TOKEN) and job permissions includecontents: write. - •Confirm tag still exists remotely.
- •Check for duplicate existing release for same tag; edit/delete and rerun as needed.
Post-release verification checklist
- • GitHub Actions run for tag
vX.Y.Zcompleted successfully. - • GitHub Packages shows container package with tags:
- •
vX.Y.Z - •
X.Y.Z - •
X.Y - •
latest(if applicable)
- •
- • GitHub Release
vX.Y.Zexists and is published. - • Release notes include changelog details (not fallback generic text).
- • Release notes include Docker pull commands and package link.
- • Pull test succeeds for at least
ghcr.io/<owner>/<repo>:X.Y.Z.