Automated Workflows

Overview

Connect your GitHub Actions workflows to Fly once, and every push automatically publishes your artifacts and creates a release with full traceability.

Configure Your CI Workflows with Fly

Simply prompt your coding agent:

“Configure my workflows with Fly”

Fly scans your .github/workflows/*.yml files and opens a pull request with the required changes already applied. Review the PR, merge it, and you’re done.

Once merged, every push publishes your artifacts to Fly Registry and creates a release with full traceability. Find any release by what it contains, not just version numbers. No tokens, no secrets stored in GitHub.

What Gets Added to Your Workflow Files

When Fly opens the PR, it adds two things to each workflow file:

OIDC permissions for secure, token-free authentication:

permissions:
  contents: read
  id-token: write

Fly action to configure your package managers on the CI runner:

- name: JFrog Fly - Configure all your package managers to work with Fly registry
  uses: jfrog/fly-action@v1

For Docker and Helm, the Fly action also exports your Fly Registry subdomain as the FLY_REGISTRY_SUBDOMAIN environment variable (e.g., acmecorp.jfrog.io). Use it in subsequent steps: ${{ env.FLY_REGISTRY_SUBDOMAIN }}/docker/my-app:tag

Prefer to Configure Manually?

Add the same two snippets above to your .github/workflows/*.yml files directly.

Place the permissions block at the top level of your workflow file, after on: and before jobs:.

Place the Fly action step within your job, after any package manager setup steps (like actions/setup-node) and before artifact operations (like npm publish or docker push).

Full Examples

npm Package Workflow

name: Build and Publish npm Package

on:
  push:
    branches: [main]

permissions:
  contents: read
  id-token: write

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: '18'
      - name: JFrog Fly - Configure all your package managers to work with Fly registry
        uses: jfrog/fly-action@v1
      - run: npm install
      - run: npm run build
      - run: npm publish

Docker Image Workflow

name: Build and Push Docker Image

on:
  push:
    branches: [main]

permissions:
  contents: read
  id-token: write

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: JFrog Fly - Configure all your package managers to work with Fly registry
        uses: jfrog/fly-action@v1
      - run: docker build -t ${{ env.FLY_REGISTRY_SUBDOMAIN }}/docker/my-app:${{ github.sha }} .
      - run: docker push ${{ env.FLY_REGISTRY_SUBDOMAIN }}/docker/my-app:${{ github.sha }}

Next Steps

• Runtime Deployment → - Deploy releases to your environments
• Workflows → - Full platform reference for workflows
• Releases → - Understanding releases