Skip to main content

How It Works

The anodizer release pipeline explained

When you run anodizer release, the following stages execute in order:

Pipeline stages

build → changelog → archive → nfpm → checksum → sign → release → docker → blob → publish → announce

Artifacts are signed before the release stage uploads them, and Docker images and blob uploads land before the package-manager publishers — so a required blob or image failure gates the one-way-door registries (crates.io, chocolatey, winget) rather than firing after they have already published.

Each stage is independent — if you skip a stage with --skip, downstream stages still work with whatever artifacts exist.

1. Build

Compiles your Rust binary for each configured target triple. Anodizer auto-detects the best cross-compilation strategy:

  • cargo — native compilation (same-platform targets only)
  • cargo-zigbuild — cross-compilation via Zig's linker
  • cross — cross-compilation via Docker containers

You can override with cross: zigbuild or cross: cross in your config.

2. Changelog

Generates a changelog from git commits between the previous tag and the current tag. Supports conventional commit parsing, regex filters, and custom grouping.

3. Archive

Packages each built binary into an archive. Supported formats: tar.gz, tar.xz, tar.zst, zip, binary (raw, no archive). You can set format overrides per OS — e.g., zip for Windows, tar.gz for everything else.

4. nFPM

Generates Linux packages (.deb, .rpm, .apk) using nFPM. Includes package metadata, install scripts, file contents, and dependencies.

5. Checksum

Computes checksums for all artifacts. Supported algorithms: SHA-1, SHA-224, SHA-256 (default), SHA-384, SHA-512, BLAKE2b, BLAKE2s.

6. Sign

Signs artifacts using GPG or cosign before they are uploaded. Supports multiple signing configs with different artifact filters.

7. Release

Creates a GitHub release (or updates an existing draft). Uploads all artifacts — including their signatures — as release assets. Supports draft mode, prerelease detection, make_latest, and custom release names with header/footer templates.

8. Docker

Builds and pushes Docker images via docker buildx. Supports multi-arch builds, tag templates, build flags, and extra files. Runs before the package-manager publishers so an image-dependent publisher (e.g. the MCP registry) sees a pushed image.

9. Blob

Uploads artifacts to cloud object storage (S3, GCS, Azure). Runs before the package-manager publishers so a required-blob failure gates the irreversible registries downstream.

10. Publish

Publishes to package managers:

  • crates.io — with dependency-aware ordering for workspace crates
  • Homebrew — generates a Ruby formula and pushes to your tap repo
  • Scoop — generates a JSON manifest and pushes to your bucket repo

11. Announce

Sends notifications to Discord, Slack, or generic webhooks with templated messages.

Artifact tracking

Every stage registers its outputs as artifacts. Later stages can reference and filter artifacts by kind (binary, archive, checksum, package, etc.). This is how the release stage knows which files to upload — it collects all artifacts generated by previous stages.

Config resolution

Anodizer searches for config files in this order:

  1. Path specified by --config / -f flag
  2. .anodizer.yaml in the current directory
  3. .anodizer.yml in the current directory
  4. .anodizer.toml in the current directory
  5. anodizer.yaml in the current directory
  6. anodizer.yml in the current directory
  7. anodizer.toml in the current directory