RepoForge.io - Help and Support

Appearance

Publishing Packages with GitHub Actions

RepoForge.io supports seamless integration with GitHub Actions, enabling automated publishing of Python, Docker, and NPM packages directly from your CI/CD workflows. This page explains the required credentials, shows a sample workflow, and highlights quality checks that keep your automation reliable.

Setting Up GitHub Actions

1. Create RepoForge.io Credentials

  • API Token: Generate this in your RepoForge.io account with appropriate write permissions for your package type.
  • Hash ID: Find this unique identifier on your RepoForge.io account dashboard.

Store these securely as repository secrets in GitHub:

  • REPOFORGE_TOKEN
  • REPOFORGE_HASH_ID

2. Configure GitHub Workflow

Create a .github/workflows/publish.yml file in your repository:

yaml
name: Publish to RepoForge.io

on:
  push:
    tags:
      - 'v*'

jobs:
  publish:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: RepoForge-io/repoforge-publish-action@main
        with:
          package_type: python  # replace with docker or npm as needed
          api_token: ${{ secrets.REPOFORGE_TOKEN }}
          hash_id: ${{ secrets.REPOFORGE_HASH_ID }}
          package_dir: ./dist

Supported Inputs by Package Type

Python

  • package_dir (default: ./dist)
  • fail_on_conflict (default: false)

Docker

  • registry_name (required)
  • docker_context (default: .)
  • dockerfile (default: Dockerfile)
  • docker_tag (default: latest)

NPM

  • package_dir (default: ./npm)

Triggering Publishing

Create and push a git tag:

bash
git tag v1.0.0
git push origin v1.0.0

This triggers your GitHub workflow, automatically publishing the package to RepoForge.io.

Validate Before You Publish

GitHub Actions can execute linting, unit tests, and vulnerability scans before the publishing step runs. Configure additional jobs in the same workflow or require successful status checks on pull requests to prevent accidental releases. When publishing Docker images, consider adding a job that scans the built image with RepoForge.io vulnerability detection so that known issues never reach production.

Monitoring and Support

Use the workflow run history in GitHub to view logs for each publish event. RepoForge.io also records an audit trail for every uploaded artifact. If a run fails unexpectedly, cross-reference both systems to isolate authentication errors or malformed metadata. Contact support with the workflow run URL and timestamp to speed up the investigation.

More Information