CI/CD & Versioning
All CTMS Docker images are built by GitHub Actions and published to Docker Hub (zynomi/*). No builds happen on production servers — zynctl.sh deploy only pulls pre-built images.
Repositories
| Repository | What it builds |
|---|---|
ctms.devops | API Gateway, ctms-init, Supabase Seed, Frappe, Install Bundle |
hb-life-science-web | Zynexa (main CTMS app) |
ctms-data-pipeline-ai-analytics | Cube.js, MCP Server, ODM API, Ingester, dbt |
docs.zynomi.com | Product documentation site |
Workflows
Docker Image Builds
| Image | Workflow | Repo | Path Trigger | Tag Prefix |
|---|---|---|---|---|
zynomi/zynexa | docker-build.yml | hb-life-science-web | main, develop | v*.*.* |
zynomi/ctms-api-gateway | build-ctms-api-gateway.yml | ctms.devops | ctms-api-gateway/** | api-gateway-v*.*.* |
zynomi/ctms-init | build-ctms-init.yml | ctms.devops | scripts/frappe-seed/** | ctms-init-v*.*.* |
zynomi/ctms-supabase-seed | build-ctms-supabase-seed.yml | ctms.devops | scripts/supabase-seed/** | supabase-seed-v*.*.* |
zynomi/frappe-marley-health | build-frappe-marley-health.yml | ctms.devops | frappe-marley-health/** | frappe-v*.*.* |
zynomi/ctms-cube | docker-build-ctms-cube.yml | ctms-data-pipeline | ctms-cube/** | cube-v*.*.* |
zynomi/ctms-mcp-server | docker-build-ctms-mcp-server.yml | ctms-data-pipeline | ctms-mcp-server/** | v*.*.* |
zynomi/ctms-odm-api | docker-build-ctms-odm-api.yml | ctms-data-pipeline | ctms-odm-xml-pdf-generator/** | v*.*.* |
zynomi/ctms-ingester | docker-build-ctms-ingester.yml | ctms-data-pipeline | ctms-ingester/** | v*.*.* |
zynomi/ctms-dbt | docker-build-ctms-dbt.yml | ctms-data-pipeline | ctms-dbt/** | v*.*.* |
zynomi/product-docs | docker-build.yml | docs.zynomi.com | main, develop | v*.*.* |
Install Bundle
| Artifact | Workflow | Trigger | Output |
|---|---|---|---|
zynctl-bundle-*.tar.gz | build-install-bundle.yml | Compose/config changes, bundle-v*.*.* tag | GitHub Release tarball |
Data Pipeline (Scheduled)
| Workflow | Schedule | Stages |
|---|---|---|
dbt-lakehouse-pipeline.yml | Daily 2 AM UTC | ingester → dbt-build (or full-pipeline) |
Semantic Versioning
All images follow semver (MAJOR.MINOR.PATCH). Versioned releases are triggered by git tags.
Tag Conventions
Since ctms.devops hosts multiple services in one repo, each service has its own tag prefix:
api-gateway-v1.2.0 → zynomi/ctms-api-gateway:1.2.0
ctms-init-v1.0.3 → zynomi/ctms-init:1.0.3
supabase-seed-v1.1.0 → zynomi/ctms-supabase-seed:1.1.0
frappe-v1.0.0 → zynomi/frappe-marley-health:1.0.0
bundle-v2.3.0 → zynctl-bundle-2.3.0.tar.gz (GitHub Release)
Single-service repos use plain v*.*.*:
v1.5.0 → zynomi/zynexa:1.5.0, 1.5, 1
Image Tags per Push
Every push to main produces multiple tags:
| Tag | Example | Purpose |
|---|---|---|
latest | zynomi/zynexa:latest | Always points to newest main build |
1.{run_number} | zynomi/zynexa:1.42 | Auto-incrementing build number |
| Short SHA | zynomi/zynexa:a1b2c3d | Trace back to exact commit |
| Semver (on tag push) | zynomi/zynexa:1.5.0 | Immutable release version |
Creating a Release
# Tag a service in ctms.devops
git tag api-gateway-v1.2.0
git push origin api-gateway-v1.2.0
# Tag in single-service repos
git tag v1.5.0
git push origin v1.5.0
# Create a bundle release
git tag bundle-v2.4.0
git push origin bundle-v2.4.0 # → GitHub Release with tarball
How Workflows Work
- Push to
mainwith matching path filter triggers the build docker/metadata-actiongenerates tags from branch/tag/SHAdocker/build-push-actionbuilds with Buildx + registry-level caching- Image pushed to Docker Hub under
zynomi/* - PR builds compile but never push — only
main/develop/tag pushes publish
Required Secrets
Set in Repository → Settings → Secrets → Actions:
| Secret | Description |
|---|---|
DOCKER_USERNAME | Docker Hub username |
DOCKER_TOKEN | Docker Hub access token |
Build Caching
All workflows use Docker Buildx with registry-level caching (type=registry). Unchanged layers are reused, so incremental builds are fast.
| Scenario | Behavior |
|---|---|
| No code changes | Fully cached (seconds) |
| App code changes | Only final layers rebuild |
| Dependency changes | Dependency + app layers rebuild |
Multi-Architecture
ctms.devops workflows build for linux/amd64 + linux/arm64. Other repos build linux/amd64 only.
Related Docs
- Bundle Deployment — deploy using pre-built images
- Docker Compose Profiles — service profiles
- Environment Variables — configuration reference