Release process
Releases are driven by Git tags in the format v*.*.* (example: v1.2.3).
What happens on release
Section titled “What happens on release”When a release tag is pushed, GitHub Actions will:
- Validate Python source compiles.
- Build and push a multi-arch Docker image to Docker Hub.
- Generate SBOM and provenance attestation.
- Sign image using Cosign keyless signing (OIDC).
- Create GitHub Release notes automatically.
Published image tags
Section titled “Published image tags”X.Y.ZXlatest(only when release is from default branch)
Image location
Section titled “Image location”The published image is configured by release workflow secrets:
docker.io/<DOCKERHUB_USERNAME>/<DOCKERHUB_REPOSITORY>The provided Docker Compose file currently uses:
zen-mcp/browser:${BROWSER_MCP_TAG}