Skip to content

fix(ci): gate Registry/version-tagged jobs on actual new tag#15

Merged
asachs01 merged 1 commit into
mainfrom
fix/release-gating-on-new-tag
May 7, 2026
Merged

fix(ci): gate Registry/version-tagged jobs on actual new tag#15
asachs01 merged 1 commit into
mainfrom
fix/release-gating-on-new-tag

Conversation

@asachs01
Copy link
Copy Markdown
Member

@asachs01 asachs01 commented May 7, 2026

Summary

The release job used `gh release view "v$VERSION"` to decide whether a release happened, which always returned true once any release matched the `package.json` version. That's a permanent yes in this fleet because branch protection silently blocks the `@semantic-release/git` push to main, so `package.json` drifts from the published tags.

Switched to a tag-diff check: capture `git describe --tags --abbrev=0` before semantic-release, compare after. Authoritative — signals a release ONLY when a new tag was just created.

What this unblocks

  • `mcp-registry` job stops trying to re-publish duplicate versions on `chore(deps):` / no-release pushes (was failing on every dep bump with cannot publish duplicate version).
  • Docker now always tags `:latest` and `:sha-` on every main push so ACA picks up dependency bumps; `:vX.Y.Z` is only added when a real release happened.

Refs

Test plan

  • yaml syntax valid
  • On merge: a chore-only push should show `mcp-registry` SKIPPED (not failed), Docker SUCCESS with `:latest` and `:sha-` tags only
  • Next `fix:`/`feat:` push: a new tag publishes, all four downstream jobs (Docker with version tag, mcp-registry, deploy) all SUCCESS

@asachs01
fix(ci): gate Registry/version-tagged jobs on actual new tag
7b5aa3c 
The release job used `gh release view "v$VERSION"` to decide whether a
release happened, which always returned true once any release matched
the package.json version. That's a permanent yes here because branch
protection silently blocks the @semantic-release/git push to main, so
package.json drifts from the published tags.

Switched to a tag-diff check: capture `git describe --tags` before
semantic-release, compare after. This is bulletproof against the
package.json drift and signals a release ONLY when a new tag was just
created.

Side effects of the better signal:
- `mcp-registry` job stops trying to re-publish duplicate versions on
  chore(deps)/no-release pushes.
- Docker now tags `:latest` and `:sha-<short>` on every main push (so
  ACA picks up dependency bumps), and `:vX.Y.Z` only when a real
  release happened.

Refs: mcp-registry-publish-gating skill.
@asachs01 asachs01 merged commit 25847b1 into main May 7, 2026
8 checks passed
@asachs01 asachs01 deleted the fix/release-gating-on-new-tag branch May 7, 2026 19:38
@github-project-automation github-project-automation Bot moved this from Todo to Done in MSP Claude Plugins May 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

MSP Claude Plugins
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@asachs01