Skip to content

Add develop branch to CI pipeline triggers #192

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
kirich1409 merged 2 commits into from
May 18, 2026
Merged

Add develop branch to CI pipeline triggers #192

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c142923
Add develop branch to CI pipeline triggers
kirich1409 May 17, 2026
b8e139a
Address review: skip CodeQL on workflow-only PRs, fix tag triggers
kirich1409 May 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@ name: CI

on:
push:
branches: [ main ]
branches: [ main, develop ]
pull_request:
branches: [ main ]
branches: [ main, develop ]

permissions:
contents: read
Expand Down
12 changes: 10 additions & 2 deletions .github/workflows/codeql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,17 @@ name: CodeQL

on:
push:
branches: [ main ]
branches: [ main, develop ]
paths-ignore:
- '.github/workflows/**'
- 'docs/**'
- '**/*.md'
pull_request:
branches: [ main ]
branches: [ main, develop ]
paths-ignore:
- '.github/workflows/**'
- 'docs/**'
- '**/*.md'
schedule:
- cron: "0 0 * * 0" # Every Sunday at midnight

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/dependency-review.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ name: Dependency Review

on:
pull_request:
branches: [ main ]
branches: [ main, develop ]

permissions:
contents: read
Expand Down
12 changes: 7 additions & 5 deletions .github/workflows/docs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,14 @@ on:
push:
branches:
- main
pull_request:
branches:
- main
- develop
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-*"
pull_request:
branches:
- main
- develop
Comment on lines 6 to +14
Copy link
Copy Markdown
Contributor Author

@kirich1409 kirich1409 May 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Valid security-hardening point. The workflow-level contents: write predates this PR and is out of scope for the gitflow trigger update. Tracked for a follow-up security PR that scopes the token down to the publish-docs job only.


permissions:
contents: write
Expand Down Expand Up @@ -58,8 +60,8 @@ jobs:
name: Publish to GitHub Pages
runs-on: ubuntu-latest
needs: build-docs
# Only publish on pushes to main or on release tags — not on PRs
if: github.event_name == 'push'
# Only publish on pushes to main or on release tags — not on PRs or develop
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/'))
Comment thread
qodo-code-review[bot] marked this conversation as resolved.

steps:
- uses: actions/checkout@v6
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ on:
- "v[0-9]+.[0-9]+.[0-9]+-*"
branches:
- main
- develop
Comment on lines 8 to +10
Copy link
Copy Markdown

@qodo-code-review qodo-code-review Bot May 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Action required

2. Snapshot version collision risk 🐞 Bug ☼ Reliability

publish.yml now runs on pushes to both main and develop, but for any non-tag push it computes the
exact same VERSION_NAME (BASE + "-SNAPSHOT") from gradle.properties. This makes main and develop
publish identical snapshot coordinates, causing artifacts to overwrite each other or publish
failures if the repository rejects re-publishing the same version.
Agent Prompt 
### Issue description
Branch pushes to both `main` and `develop` now publish SNAPSHOTs, but the computed SNAPSHOT version is identical across branches (`${BASE}-SNAPSHOT`). This can cause either (a) branch snapshots overwriting each other, or (b) repeated publish failures depending on repository policy.

### Issue Context
The workflow derives `BASE` from `gradle.properties:VERSION_NAME`, strips `-SNAPSHOT`, then appends `-SNAPSHOT` for all non-tag pushes.

### Fix Focus Areas
- .github/workflows/publish.yml[3-11]
- .github/workflows/publish.yml[30-41]

### What to change
Choose one:
- Encode the branch in the snapshot version, e.g. `VERSION="${BASE}-${GITHUB_REF_NAME}-SNAPSHOT"` for non-tag pushes.
- Or publish develop snapshots to a separate repository/coordinate (if supported by your Gradle publishing setup).
- Or gate publishing so only one branch produces the canonical SNAPSHOT (and keep the other branch build-only).

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

Copy link
Copy Markdown
Contributor Author

@kirich1409 kirich1409 May 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Acknowledged as an accepted trade-off for the transitional gitflow setup — SNAPSHOTs from both branches are intentional. Maven Central permits SNAPSHOT overwrites; the later push wins. If collisions become a problem in practice we'll either encode the branch into the version (${BASE}-${GITHUB_REF_NAME}-SNAPSHOT) or restrict canonical SNAPSHOTs to develop in a follow-up PR. Not changing here.


permissions:
contents: read
Expand Down
Loading