fix: disable OCI publish step (no publish target exists)

avrabe · avrabe · commit f46372af2a8d · 2025-10-24T21:21:07.000+02:00
The wasm_component_signed_oci_image rule creates build targets but not
publish targets. Disabled the publish and verify steps for now.

The workflow successfully builds the OCI image to verify the build
works. Actual publishing to the registry should be implemented separately
using wasm_component_publish rule from rules_wasm_component.

TODO: Add proper OCI publishing target for release workflows.
diff --git a/.github/workflows/oci-publish.yml b/.github/workflows/oci-publish.yml
@@ -47,25 +47,24 @@ jobs:
 
         echo "Component built and ready for publishing"
 
-    - name: Publish Component to GitHub Container Registry
-      run: |
-        echo "Publishing to ${{ env.REGISTRY }}..."
-
-        # Use Bazel's OCI publishing capabilities
-        bazel run //tinygo:file_ops_oci_signed.publish
-
-        echo "✅ Component published to ${{ env.REGISTRY }}/pulseengine/bazel-file-ops-component-tinygo"
-
-    - name: Verify Published Component
-      run: |
-        echo "Verifying published component signatures..."
-
-        # Verify the component signature using cosign
-        cosign verify \
-          --certificate-identity-regexp='.*' \
-          --certificate-oidc-issuer-regexp='.*' \
-          ${{ env.REGISTRY }}/pulseengine/bazel-file-ops-component-tinygo:latest || \
-          echo "⚠️ Signature verification failed (expected for development)"
+    # Publishing step disabled - no publish target exists yet
+    # TODO: Implement proper OCI publishing using wasm_component_publish rule
+    # - name: Publish Component to GitHub Container Registry
+    #   run: |
+    #     echo "Publishing to ${{ env.REGISTRY }}..."
+    #     # Use Bazel's OCI publishing capabilities
+    #     bazel run //tinygo:file_ops_oci_signed.publish
+    #     echo "✅ Component published to ${{ env.REGISTRY }}/pulseengine/bazel-file-ops-component-tinygo"
+
+    # - name: Verify Published Component
+    #   run: |
+    #     echo "Verifying published component signatures..."
+    #     # Verify the component signature using cosign
+    #     cosign verify \
+    #       --certificate-identity-regexp='.*' \
+    #       --certificate-oidc-issuer-regexp='.*' \
+    #       ${{ env.REGISTRY }}/pulseengine/bazel-file-ops-component-tinygo:latest || \
+    #       echo "⚠️ Signature verification failed (expected for development)"
 
   # Publish to WebAssembly package registries using Bazel rules
   publish-wasm-registries:
