Modular Release Pipelines¶
Automated version management, changelog generation, and optimized builds for monorepos.
Smart Builds
Only build what changed. GitHub App tokens trigger builds correctly. Release-please handles versions automatically.
Overview¶
This guide covers implementing release automation with:
- Release-please for version bumping and changelog generation
- GitHub App authentication for proper workflow triggering
- Change detection to skip unnecessary builds
- Cascade rebuilds when shared dependencies change
flowchart LR
subgraph release[Release Pipeline]
Main[Push to Main] --> AppToken[GitHub App Token]
AppToken --> RP[Release-Please]
RP --> PR[Creates PR]
end
subgraph build[Build Pipeline]
PR -->|pull_request event| DC[Detect Changes]
DC --> Test[Test]
Test --> Build[Build]
Build --> Status[Build Status]
end
%% Ghostty Hardcore Theme
style Main fill:#65d9ef,color:#1b1d1e
style AppToken fill:#9e6ffe,color:#1b1d1e
style RP fill:#9e6ffe,color:#1b1d1e
style PR fill:#fd971e,color:#1b1d1e
style DC fill:#fd971e,color:#1b1d1e
style Test fill:#9e6ffe,color:#1b1d1e
style Build fill:#a7e22e,color:#1b1d1e
style Status fill:#5e7175,color:#f8f8f3
The Problem¶
Traditional CI/CD pipelines rebuild everything on every commit. In a monorepo with multiple components, this means:
- Unnecessary compute time for unchanged components
- Longer feedback loops for developers
- Wasted resources on duplicate work
Additionally, release-please using the default GITHUB_TOKEN won't trigger build pipelines on its PRs -- a GitHub security measure to prevent infinite loops.
The Solution¶
A modular pipeline architecture that:
- Uses a GitHub App token for release-please (triggers
pull_requestevents correctly) - Detects which components changed
- Only builds affected components
- Automatically versions and releases based on commits
Guides¶
| Guide | Description |
|---|---|
| Release-Please Configuration | Setting up automated versioning with GitHub App |
| Change Detection | Detecting and cascading changes |
| Workflow Triggers | GitHub App token vs GITHUB_TOKEN |
| Protected Branches | Working with branch protection rules |
Prerequisites¶
Before implementing release pipelines, set up a GitHub App for your organization:
- GitHub App Setup - Create and configure the App
- Token Generation - Generate tokens in workflows
Architecture¶
Build Pipeline¶
Runs on pull requests (including release-please PRs with GitHub App token):
flowchart TD
subgraph detect[Change Detection]
Contracts[Contracts Changed?]
Backend[Backend Changed?]
Frontend[Frontend Changed?]
Charts[Charts Changed?]
end
subgraph cascade[Cascade Logic]
BNB[Backend Needs Build]
FNB[Frontend Needs Build]
end
subgraph build[Conditional Build]
Test[Test Node Packages]
BB[Build Backend]
BF[Build Frontend]
HC[Helm Charts]
end
Contracts -->|yes| BNB
Contracts -->|yes| FNB
Backend -->|yes| BNB
Frontend -->|yes| FNB
BNB --> Test
FNB --> Test
BNB --> BB
FNB --> BF
Charts --> HC
%% Ghostty Hardcore Theme
style Contracts fill:#fd971e,color:#1b1d1e
style Backend fill:#fd971e,color:#1b1d1e
style Frontend fill:#fd971e,color:#1b1d1e
style Charts fill:#fd971e,color:#1b1d1e
style BNB fill:#a7e22e,color:#1b1d1e
style FNB fill:#a7e22e,color:#1b1d1e
style Test fill:#9e6ffe,color:#1b1d1e
style BB fill:#a7e22e,color:#1b1d1e
style BF fill:#a7e22e,color:#1b1d1e
style HC fill:#bded5f,color:#1b1d1e
Release Pipeline¶
Runs on main branch pushes:
flowchart LR
Main[Push to Main] --> Token[Generate App Token]
Token --> RP[Release Please]
RP --> DC[Detect Changes]
DC --> Test[Test]
DC --> Build[Build]
Build --> Scan[Security Scan]
Scan --> Deploy[Deploy Signal]
%% Ghostty Hardcore Theme
style Main fill:#65d9ef,color:#1b1d1e
style Token fill:#9e6ffe,color:#1b1d1e
style RP fill:#9e6ffe,color:#1b1d1e
style DC fill:#fd971e,color:#1b1d1e
style Test fill:#9e6ffe,color:#1b1d1e
style Build fill:#a7e22e,color:#1b1d1e
style Scan fill:#f92572,color:#1b1d1e
style Deploy fill:#e6db74,color:#1b1d1e
Quick Start¶
- Set up GitHub App for your organization
- Configure release-please with App token
- Set up change detection for your components
- Handle protected branches if applicable
Related¶
- GitHub App Setup - Machine identity for automation
- Idempotency Patterns - Making reruns safe
- Three-Stage Design - Complex workflows