Automate Releases
Overview
Connect your GitHub Actions workflows to Fly once, and every push automatically publishes your artifacts and creates a release with full traceability.
Once your CI is connected, every push to your repository automatically:
- Publishes artifacts to your team’s Fly Registry (npm packages, Docker images, Helm charts, etc.)
- Creates a release with full traceability from commit to artifact
- Links everything together: commits, pull requests, artifacts, and releases are connected automatically
- Finds releases by content, not just version numbers. Ask your coding agent “what release contains this fix?” and get an answer
Connect once, and it works for every push going forward.
Connect Your CI
Use Your Coding Agent
Simply prompt your coding agent:
“Configure my workflows with Fly”
Fly scans your .github/workflows/*.yml files and opens a pull request with
the required changes already applied. Review the PR, merge it, and you’re done.
Configure Manually
Add the same two snippets (shown below) to your .github/workflows/*.yml files directly.
Place the permissions block at the top level of your workflow file,
after on: and before jobs:.
Place the Fly action step within your job, after any package manager setup
steps (like actions/setup-node) and before artifact operations
(like npm publish or docker push).
What Fly Adds After Connecting
When Fly opens the PR, it adds two things to each workflow file:
OIDC permissions for secure, token-free authentication:
permissions:
contents: read
id-token: writeFly action to configure your package managers on the CI runner:
- uses: jfrog/fly-action@v1 # Setup Fly package managersFor Docker and Helm, you need to reference your Fly Registry in push and pull commands. The Fly action exports your registry hostname as FLY_REGISTRY_SUBDOMAIN (e.g., acmecorp.jfrog.io), so your image path becomes:
acmecorp.jfrog.io/docker/my-app:tag
After the job completes, the Fly action produces a job summary showing collected artifacts and notifies Fly that the session has ended.
Upload and Download Generic Artifacts
You can upload and download files that aren’t standard packages (binaries, archives, test results) to and from Fly. After the Fly action step in your workflow, add the upload or download action with a package name, version, and the files to include.
Upload:
- uses: jfrog/fly-action/upload@v1
with:
name: my-app
version: '1.0.0'
files: |
dist/app.zip
dist/app.tar.gzDownload:
- uses: jfrog/fly-action/download@v1
with:
name: my-app
version: '1.0.0'
files: |
app.zip
output-dir: ./downloadsSkip Specific Package Managers
By default, the Fly action configures all supported package managers. To skip specific ones, use the ignore input:
- uses: jfrog/fly-action@v1
with:
ignore: docker,pipFull Examples
npm Package Workflow
name: Build and Publish npm Package
on:
push:
branches: [main]
permissions: # Required for Fly OIDC authentication
contents: read
id-token: write
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '18'
- uses: jfrog/fly-action@v1 # Setup Fly package managers
- run: npm install # Dependencies from Fly registry
- run: npm run build
- run: npm publish # Publish to Fly registryDocker Image Workflow
name: Build and Push Docker Image
on:
push:
branches: [main]
permissions: # Required for Fly OIDC authentication
contents: read
id-token: write
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: jfrog/fly-action@v1 # Setup Fly package managers
- run: docker build -t ${{ env.FLY_REGISTRY_SUBDOMAIN }}/docker/my-app:${{ github.sha }} .
# Base images pulled from Fly registry
- run: docker push ${{ env.FLY_REGISTRY_SUBDOMAIN }}/docker/my-app:${{ github.sha }}
# Push to Fly registryGeneric Artifacts Workflow
name: Build and Upload Release Artifacts
on:
push:
branches: [main]
permissions: # Required for Fly OIDC authentication
contents: read
id-token: write
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: jfrog/fly-action@v1 # Setup Fly package managers
- run: make build # Build your project
- uses: jfrog/fly-action/upload@v1 # Upload artifacts to Fly
with:
name: my-app
version: '1.0.0'
files: |
dist/app.zip
dist/app.tar.gzNext Steps
- Deploy & Track → - Deploy releases to your environments
- Workflows → - Full platform reference for workflows
- Releases → - Understanding releases