Update GitHub Actions workflows to use 'beta-latest' tag for images and add new workflows for releasing dashboard and Python SDK

[NiveditJain]

No description provided.

[gemini-code-assist]

Note

Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported.

[coderabbitai]

📝 Walkthrough

Summary by CodeRabbit

• Chores
  • Beta builds now publish container images under the beta-latest tag (replacing latest) and no longer produce version-derived tags for beta pipelines.
  • Added release workflows that build and publish dashboard and state manager images to the registry with semantic version and latest tags, followed by deployment to the cluster.
  • Integrated automated testing and coverage reporting for the state manager as part of the release process, improving reliability of published artifacts.

Walkthrough

Updates two existing publish workflows to use the beta-latest tag instead of latest and remove tag-derived refs for the dashboard. Adds two release workflows that build and push dashboard and state-manager images to GHCR on release, with semver and SHA tagging; the state-manager release workflow also runs tests with MongoDB before publishing.

Changes

Cohort / File(s)	Summary
Beta tag updates (publish) .github/workflows/publish-dashboard.yml, .github/workflows/publish-state-mangaer.yml	Switch raw tag from latest to beta-latest in docker/metadata-action; remove tag-derived ref line from dashboard publish; keep SHA tag.
New release workflow — Dashboard .github/workflows/release-dashboard.yml	Adds release workflow to build/push dashboard image to GHCR on release; generates tags (latest, semver variants, short SHA); single publish job with Buildx and GHCR login.
New release workflow — State Manager .github/workflows/release-state-manager.yml	Adds release workflow with test and publish jobs; runs MongoDB-backed tests (pytest, coverage, Codecov) then builds/pushes image with latest, semver, and short SHA tags to GHCR.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Rel as GitHub Release
  participant GHWF as Release Workflow (Dashboard)
  participant M as docker/metadata-action
  participant B as docker/build-push-action
  participant R as GHCR

  Rel->>GHWF: release published
  GHWF->>M: generate tags (latest, semver, sha)
  M-->>GHWF: tags, labels
  GHWF->>B: build & push ./dashboard
  B->>R: push image:latest,<semver>,sha
  R-->>GHWF: stored

Loading

sequenceDiagram
  autonumber
  actor Rel as GitHub Release / Push to main
  participant GHWF as Release Workflow (State Manager)
  participant T as Test Job (pytest + MongoDB)
  participant M as docker/metadata-action
  participant B as docker/build-push-action
  participant R as GHCR

  Rel->>GHWF: trigger
  GHWF->>T: setup MongoDB, install deps, run tests
  T-->>GHWF: results, coverage
  GHWF->>M: generate tags (latest, semver, sha)
  M-->>GHWF: tags, labels
  GHWF->>B: build & push ./state-manager
  B->>R: push image:latest,<semver>,sha
  R-->>GHWF: stored

Loading

sequenceDiagram
  autonumber
  actor Push as Push event (publish workflows)
  participant Pub as Publish Workflows (Beta)
  participant M as docker/metadata-action
  participant B as docker/build-push-action
  participant R as GHCR

  Push->>Pub: trigger
  Pub->>M: generate tags (beta-latest, sha) [changed]
  M-->>Pub: tags, labels
  Pub->>B: build & push
  B->>R: push image:beta-latest,sha

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• Dashboard #266 — Adjusts docker/metadata-action tag logic for the dashboard publish workflow, overlapping with the beta-latest/tag derivation changes here.

Poem

I thump my paws on pipelines bright,
Beta hops by day and night;
Releases rise like carrots stacked,
Semver seeds are neatly packed.
SHA crumbs mark where I have been,
To GHCR’s garden—fresh and clean. 🥕🐇

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 10

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (4)

.github/workflows/publish-state-mangaer.yml (3)

69-72: Avoid brittle array indexing when selecting the deploy image tag.

tags[1] depends on generation order and may flip. Explicitly deploy the intended tag to ensure deterministic rollouts.

-          echo "selected image: ${{ fromJson(needs.publish-image.outputs.json).tags[1] }}"
-
-          kubectl set image deployment/exosphere-state-manager exosphere-state-manager=${{fromJson(needs.publish-image.outputs.json).tags[1]}}
+          SELECTED="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:beta-latest"
+          echo "selected image: ${SELECTED}"
+          kubectl set image deployment/exosphere-state-manager exosphere-state-manager="${SELECTED}"

---

8-9: Prevent double-publishing on releases (conflicts with new release workflows).

This “publish” workflow also runs on releases; the new release workflows will run too → duplicate pushes. Restrict this workflow to non-release events.

 on:
   push:
     branches: [main]
     paths:
       - 'state-manager/**'
-  release:
-    types: [published]
   workflow_dispatch:

---

1-1: Typo in filename: “mangaer”.

Rename file to publish-state-manager.yml for consistency and discoverability.

.github/workflows/publish-dashboard.yml (1)

8-10: Remove release trigger to avoid duplicate runs with the new release workflow.

Keep this workflow for main pushes and manual runs; let the release workflow own “latest/semver” tags.

 on:
   push:
     branches: [main]
     paths:
       - 'dashboard/**'
-  release:
-    types: [published]
   workflow_dispatch:

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 8d77f6d and d474302.

📒 Files selected for processing (4)

• .github/workflows/publish-dashboard.yml (1 hunks)
• .github/workflows/publish-state-mangaer.yml (1 hunks)
• .github/workflows/release-dashboard.yml (1 hunks)
• .github/workflows/release-state-manager.yml (1 hunks)

🧰 Additional context used

🪛 YAMLlint (1.37.1)

.github/workflows/release-state-manager.yml

[warning] 3-3: truthy value should be one of [false, true]

(truthy)

---

[error] 78-78: trailing spaces

(trailing-spaces)

🔇 Additional comments (2)

.github/workflows/publish-dashboard.yml (1)

47-49: LGTM on beta-latest switch.

Tagging with beta-latest + short SHA matches the PR objective and mirrors the state-manager publish flow.

.github/workflows/release-state-manager.yml (1)

71-74: Good gating: publish waits for tests.

Nice separation and dependency from the test job to publish-image.

[coderabbitai]

🧹 Nitpick (assertive)

Optional: add concurrency to avoid parallel publishes of the same release.

 env:
   REGISTRY: ghcr.io
   IMAGE_NAME: ${{ github.repository_owner }}/exosphere-state-manager
   SHA_TAG: ${{ github.sha }}
 
+concurrency:
+  group: release-state-manager-${{ github.event.release.tag_name || github.run_id }}
+  cancel-in-progress: true

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	env:
	REGISTRY: ghcr.io
	IMAGE_NAME: ${{ github.repository_owner }}/exosphere-state-manager
	SHA_TAG: ${{ github.sha }}
	env:
	REGISTRY: ghcr.io
	IMAGE_NAME: ${{ github.repository_owner }}/exosphere-state-manager
	SHA_TAG: ${{ github.sha }}
	concurrency:
	group: release-state-manager-${{ github.event.release.tag_name || github.run_id }}
	cancel-in-progress: true

🤖 Prompt for AI Agents

In .github/workflows/release-state-manager.yml around lines 12 to 16, the
workflow lacks a concurrency setting which can allow parallel runs to publish
the same image; add a concurrency block at the top level (e.g., concurrency:
group: release-state-manager-${{ github.ref }} or include image name/owner, and
cancel-in-progress: true) so that concurrent workflow runs for the same
ref/release are serialized or the in-progress run is cancelled before a new one
starts.

[coderabbitai]

🧹 Nitpick (assertive)

Harden MongoDB health check for reliability.

Ensure the command exists on the container and returns non-zero on failure; add --quiet and use adminCommand.

         options: >-
-          --health-cmd "mongosh --eval 'db.runCommand(\"ping\")'"
+          --health-cmd "mongosh --quiet --eval 'db.adminCommand({ ping: 1 })'"
           --health-interval 10s
           --health-timeout 5s
           --health-retries 5

If your base image lacks mongosh, switch to mongo --eval 'db.adminCommand({ ping: 1 })'.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	image: mongo:7
	ports:
	- 27017:27017
	options: >-
	--health-cmd "mongosh --eval 'db.runCommand(\"ping\")'"
	--health-interval 10s
	--health-timeout 5s
	--health-retries 5
	image: mongo:7
	ports:
	- 27017:27017
	options: >-
	--health-cmd "mongosh --quiet --eval 'db.adminCommand({ ping: 1 })'"
	--health-interval 10s
	--health-timeout 5s
	--health-retries 5

🤖 Prompt for AI Agents

In .github/workflows/release-state-manager.yml around lines 22 to 29, the
MongoDB container health check should be made more reliable: change the health
command to use the adminCommand ping and suppress extra output so failures
return non-zero. Replace the current health-cmd with a command that runs either
"mongosh --quiet --eval 'db.adminCommand({ ping: 1 })'" and, if the base image
may not contain mongosh, use the fallback "mongo --quiet --eval
'db.adminCommand({ ping: 1 })'"; keep the same interval/timeout/retries options
so the runner uses the adminCommand ping and --quiet to ensure proper non-zero
exit on failure.

[coderabbitai]

🧹 Nitpick (assertive)

Trailing whitespace.

YAML linters (and your static analysis) flag trailing spaces on Line 78. Remove them.

     permissions:
       contents: read
-      packages: write 
+      packages: write

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	permissions:
	contents: read
	packages: write
	permissions:
	contents: read
	packages: write

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 78-78: trailing spaces

(trailing-spaces)

🤖 Prompt for AI Agents

.github/workflows/release-state-manager.yml around lines 75 to 78: there is
trailing whitespace on line 78 causing YAML linter/static analysis failures;
remove the trailing spaces at the end of that line (and scan the file for any
other trailing whitespace), save the file, and re-run the linter/CI to confirm
the warning is resolved.

[coderabbitai]

⚠️ Potential issue

Semver tags won’t be created on release events unless you pass the release tag to metadata-action.

Inject github.event.release.tag_name into the semver lines.

           tags: |
             type=raw,value=latest
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-            type=semver,pattern={{major}}
+            type=semver,pattern={{version}},value=${{ github.event.release.tag_name }}
+            type=semver,pattern={{major}}.{{minor}},value=${{ github.event.release.tag_name }}
+            type=semver,pattern={{major}},value=${{ github.event.release.tag_name }}
             type=sha,format=short

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Generate tags & labels
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
	tags: |
	type=raw,value=latest
	type=semver,pattern={{version}}
	type=semver,pattern={{major}}.{{minor}}
	type=semver,pattern={{major}}
	type=sha,format=short
	- name: Generate tags & labels
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
	tags: |
	type=raw,value=latest
	type=semver,pattern={{version}},value=${{ github.event.release.tag_name }}
	type=semver,pattern={{major}}.{{minor}},value=${{ github.event.release.tag_name }}
	type=semver,pattern={{major}},value=${{ github.event.release.tag_name }}
	type=sha,format=short

🤖 Prompt for AI Agents

.github/workflows/release-state-manager.yml around lines 95 to 106: the semver
tag lines passed to docker/metadata-action don't include the release tag so
semver tags aren't created on release events; update each semver tag entry to
inject the release tag by appending value=${{ github.event.release.tag_name }}
(e.g. type=semver,pattern={{version}},value=${{ github.event.release.tag_name
}}) so when the workflow runs on a release the action will emit the release tag;
keep the other tag lines unchanged.