ci: automate 'latest' tag update on releases#18
Conversation
Add automated workflow step to update the 'latest' tag after each successful release. This ensures 'latest' always points to the most recent stable version without manual intervention. The new job: - Runs after successful release completion - Updates 'latest' tag to point to the new semver tag - Uses force push to move the tag reference - Includes version info in tag annotation message Benefits: - Install scripts can reliably use /releases/latest/download/ - No manual tag management needed - Consistent reference for "current stable" across platforms Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
This PR automates the management of the latest Git tag to always point to the most recent release, enabling users to download the latest stable version via GitHub's /releases/latest/download/ URLs.
Changes:
- Added
update-latest-tagjob that runs after successful release completion - Job extracts the version from either workflow_dispatch input or tag reference
- Automatically creates/updates the
latestannotated tag with force push
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then | ||
| echo "version=${{ github.event.inputs.tag }}" >> $GITHUB_OUTPUT | ||
| elif [[ "${{ github.ref }}" == refs/tags/* ]]; then | ||
| echo "version=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT |
There was a problem hiding this comment.
The version extraction logic may produce an empty version in edge cases. If neither the workflow_dispatch condition nor the tag condition is met (though this shouldn't happen given the workflow triggers), the version output would be empty, but the subsequent step would still execute with an empty version string in the tag message. Consider adding validation to ensure the version is not empty before attempting to update the tag, or add an else clause that fails explicitly with a clear error message.
| echo "version=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT | |
| echo "version=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT | |
| else | |
| echo "Error: could not determine release version from event '${{ github.event_name }}' and ref '${{ github.ref }}'." >&2 | |
| exit 1 |
|
|
||
| update-latest-tag: | ||
| name: Update 'latest' tag | ||
| needs: release |
There was a problem hiding this comment.
The 'latest' tag will be updated for all releases, including potential prereleases. While the release job currently sets 'prerelease: false' (line 177), if that configuration changes in the future or if a prerelease is manually created, the 'latest' tag would point to a prerelease version. Consider adding a condition to skip this job for prereleases, or add logic to detect if the current release is a prerelease (e.g., checking for '-alpha', '-beta', '-rc' in the version string) and skip the update accordingly.
| needs: release | |
| needs: release | |
| if: > | |
| (github.event_name == 'workflow_dispatch' && | |
| !contains(github.event.inputs.tag, '-alpha') && | |
| !contains(github.event.inputs.tag, '-beta') && | |
| !contains(github.event.inputs.tag, '-rc')) || | |
| (github.event_name == 'push' && | |
| startsWith(github.ref, 'refs/tags/') && | |
| !contains(github.ref, '-alpha') && | |
| !contains(github.ref, '-beta') && | |
| !contains(github.ref, '-rc')) |
| git config user.name "github-actions[bot]" | ||
| git config user.email "github-actions[bot]@users.noreply.github.com" | ||
| git tag -fa latest -m "Latest stable release (${{ steps.version.outputs.version }})" | ||
| git push origin latest --force | ||
|
|
There was a problem hiding this comment.
The git tag and push operations lack error handling. If the push fails due to network issues, permission problems, or other reasons, the workflow will fail silently. Consider adding explicit error checking after the git push command, or at minimum, ensure the version is validated before attempting these operations. You could add a check like: if [ -z "${{ steps.version.outputs.version }}" ]; then echo "Error: version is empty" && exit 1; fi
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git tag -fa latest -m "Latest stable release (${{ steps.version.outputs.version }})" | |
| git push origin latest --force | |
| if [ -z "${{ steps.version.outputs.version }}" ]; then | |
| echo "Error: version is empty; aborting 'latest' tag update." | |
| exit 1 | |
| fi | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git tag -fa latest -m "Latest stable release (${{ steps.version.outputs.version }})" | |
| if ! git push origin latest --force; then | |
| echo "Error: failed to push 'latest' tag to origin." | |
| exit 1 | |
| fi |
…-tag ci: automate 'latest' tag update on releases
Summary
Automates the
latesttag update after each successful release, eliminating manual tag management.Changes
update-latest-tagjob to.github/workflows/release.ymllatesttag to point to new semver tagBenefits
/releases/latest/download/URLsTesting
v0.3.2)latesttag will automatically point to new release🤖 Generated with Claude Code