Gitpulse
Merged
Size
S
Change Breakdown
CI/CD70%
Feature30%
#28088ci: Tag Docker images

Docker images now tagged with commit SHA

SH
shortstacked
·Apr 8, 2026

Docker images in the CI pipeline now carry the short Git SHA as a tag, creating an immutable link between each image and its exact source commit.

When a deployment goes wrong, knowing which version of the code was running matters. Without a direct link between a container image and its source commit, debugging becomes a game of detective work — matching dates, approximating timelines, hoping the logs align. The CI pipeline was building and pushing Docker images with version tags only, making it difficult to trace a running container back to its exact origin.

All Docker images (n8n, runners, and runners-distroless) are now tagged with the short Git SHA in addition to standard version tags. Images receive tags in the format version-SHA — for example, nightly-abc1234 — on both GHCR and Docker Hub. These immutable references make it straightforward to trace any deployed image back to its exact commit, simplifying debugging and enabling more reliable rollbacks.

The change lives entirely in the CI pipeline. The class was updated to accept an optional SHA parameter, generating additional tags alongside existing version tags. GitHub Actions workflows pass the short SHA to the tag generator and create corresponding manifests for each image. When something breaks in production, engineers can now check the exact commit that shipped — no guessing required.

View Original GitHub Description

Summary

Adds the capability to generate and push Docker images and manifests tagged with the short Git SHA. This provides immutable references for each build, enhancing traceability and enabling more reliable deployments by linking a specific image to its exact commit.

Generates tags in the format version-SHA for all images (n8n, runners, runners-distroless) on both GHCR and Docker Hub.

Related Linear tickets, Github issues, and Community forum posts

<img width="997" height="122" alt="image" src="https://github.com/user-attachments/assets/75aac373-d036-4c26-b753-c8f41218c8c1" />

Review / Merge checklist

  • PR title and summary are descriptive. (conventions) <!-- **Remember, the title automatically goes into the changelog. Use `(no-changelog)` otherwise.** -->
  • Docs updated or follow-up ticket created.
  • Tests included. <!-- A bug is not considered fixed, unless a test is added to prevent it from happening again. A feature is not complete without tests. -->
  • PR Labeled with Backport to Beta, Backport to Stable, or Backport to v1 (if the PR is an urgent fix that needs to be backported)
© 2026 · via Gitpulse