Skip to content
Tyr

Releases

Cadence

  • Stable releases cut from main on a semver tag (v0.5.2, v0.6.0).
  • Edge builds published on every push to main — for dogfooding.
  • No fixed time cadence today. Releases happen when a coherent set of features lands.

Tagging a release

  1. Ensure main is green (CI + docs build).

  2. Update CHANGELOG.md with the version, date, and notable changes.

  3. Bump Cargo.toml workspace version if you version Rust crates separately.

  4. Create a signed tag:

    Terminal window
    git tag -s v0.6.0 -m "v0.6.0"
    git push origin v0.6.0

  5. The release workflow (.github/workflows/release.yml) triggers on v* tags and:

    • Builds multi-arch binaries (linux/amd64, linux/arm64; macOS for CLI).
    • Packages into tyr-<arch>-<os>.tar.gz.
    • Builds multi-arch Docker images, pushes to GHCR:
      • ghcr.io/terranchi/tyr/tyr-server:vX.Y.Z + :latest
      • ghcr.io/terranchi/tyr/tyr-agent:vX.Y.Z + :latest
    • Creates a GitHub Release with artifacts attached + CHANGELOG excerpt.

Edge builds

.github/workflows/edge.yml runs on every push to main (excluding docs-site/** and *.md):

  • Builds binaries as artifacts (7-day retention).
  • Publishes Docker images tagged :edge, :main, and :sha-<short>.

:latest is not touched — it stays on the last signed release. Users who opt into edge pull :edge or :main explicitly.

Image tag summary

TagWorkflowWhen
:vX.Y.ZreleaseOn semver tag
:latestreleaseOn semver tag
:edgeedgeEvery push to main
:mainedgeEvery push to main
:sha-abc1234edgeEvery push to main

Production deployments pin to :vX.Y.Z and upgrade deliberately.

Changelog

CHANGELOG.md at repo root, Keep-a-Changelog format:

## [Unreleased]
### Added
- ...


## [0.6.0] - 2026-04-20
### Added
- Agent-type overlays
### Fixed
- Drift detection race condition on high-volume event streams
### Breaking
- `policy_yaml.apiVersion: tyr.dev/v0` no longer accepted (use `v1`)

Semver contract (post-1.0)

Before 1.0: minor versions may include breaking changes; we’ll call them out.

After 1.0:

  • MAJOR bumps: breaking policy schema, protocol, or REST API changes.
  • MINOR bumps: backward-compatible features.
  • PATCH bumps: bug fixes only.

Release checklist

  • CI green on main
  • Docs site builds and renders correctly
  • CHANGELOG.md updated
  • Tagged + pushed
  • Release workflow succeeded — artifacts + images published
  • GitHub Release notes reviewed
  • Post-release: bump Unreleased section in CHANGELOG

Hotfixes

For a critical fix against a released version:

Terminal window
git checkout -b hotfix/v0.6.1 v0.6.0
# apply fix
git commit -s -m "fix: critical X"
git tag -s v0.6.1
git push origin hotfix/v0.6.1 v0.6.1

Release workflow builds and publishes as normal.

→ Back to Development · ADRs