Summary
Improve the CD pipeline: add multi-platform image support (amd64 + arm64), enable build provenance attestation, and tighten changelog generation and release metadata.
Changes
Changelog generation
- Add
--no-merges flag to git log
- Add
(%h) short hash to commit format (currently "- %s", should be "- %s (%h)")
- Add empty changelog guard (
No new changes since $PREVIOUS_TAG)
GitHub Release step
- Set
generate_release_notes: false → true
- Add explicit
draft: false
- Add explicit
prerelease: false
Docker
- Set
provenance: false → provenance: mode=max
- Add
actions/attest-build-provenance step after image push
- Add
id-token: write permission to release job
- Drop the
Set image name step; use ${{ github.repository }} directly (repo name is already lowercase)
Acceptance Criteria
Summary
Improve the CD pipeline: add multi-platform image support (amd64 + arm64), enable build provenance attestation, and tighten changelog generation and release metadata.
Changes
Changelog generation
--no-mergesflag togit log(%h)short hash to commit format (currently"- %s", should be"- %s (%h)")No new changes since $PREVIOUS_TAG)GitHub Release step
generate_release_notes: false→truedraft: falseprerelease: falseDocker
provenance: false→provenance: mode=maxactions/attest-build-provenancestep after image pushid-token: writepermission toreleasejobSet image namestep; use${{ github.repository }}directly (repo name is already lowercase)Acceptance Criteria
v*.*.*-*tags and completes successfullylinux/amd64andlinux/arm64