From c75db42d860163e60aa2b52c12a4680042e75003 Mon Sep 17 00:00:00 2001
From: Yujun Zhang <zhangyujun@gmail.com>
Date: Sat, 7 Jun 2025 15:11:44 +0800
Subject: [PATCH 1/2] Add workflow to publish to bcr

---
 .bcr/metadata.template.json        |  9 +++++++-
 .github/workflows/BUILD.bazel      |  1 +
 .github/workflows/publish_gen.yaml | 25 ++++++++++++++++++++
 .github/workflows/workflows.cue    | 37 ++++++++++++++++++++++++++++++
 4 files changed, 71 insertions(+), 1 deletion(-)
 create mode 100644 .github/workflows/publish_gen.yaml

diff --git a/.bcr/metadata.template.json b/.bcr/metadata.template.json
index 779ffb8..81552ff 100644
--- a/.bcr/metadata.template.json
+++ b/.bcr/metadata.template.json
@@ -1,6 +1,13 @@
 {
   "homepage": "https://github.com/abcue/rules_abcue",
-  "maintainers": [],
+  "maintainers": [
+    {
+      "name": "Yujun Zhang",
+      "email": "zhangyujun@gmail.com",
+      "github": "yujunz",
+      "github_user_id": 6813397
+    }
+  ],
   "repository": ["github:abcue/rules_abcue"],
   "versions": [],
   "yanked_versions": {}
diff --git a/.github/workflows/BUILD.bazel b/.github/workflows/BUILD.bazel
index 413ab5b..5aaccd7 100644
--- a/.github/workflows/BUILD.bazel
+++ b/.github/workflows/BUILD.bazel
@@ -19,6 +19,7 @@ cue_instance(
 EXPR = [
     "buildifier",
     "ci",
+    "publish",
     "release",
 ]
 
diff --git a/.github/workflows/publish_gen.yaml b/.github/workflows/publish_gen.yaml
new file mode 100644
index 0000000..6a6f3fa
--- /dev/null
+++ b/.github/workflows/publish_gen.yaml
@@ -0,0 +1,25 @@
+name: Publish
+"on":
+  workflow_call:
+    inputs:
+      tag_name:
+        required: true
+        type: string
+  workflow_dispatch:
+    inputs:
+      tag_name:
+        required: true
+        type: string
+jobs:
+  publish:
+    uses: bazel-contrib/publish-to-bcr/.github/workflows/publish.yaml@v0.2.1
+    with:
+      tag_name: ${{ inputs.tag_name }}
+      registry_fork: abcue/bazel-central-registry
+      attest: true
+    permissions:
+      contents: write
+      id-token: write
+      attestations: write
+    secrets:
+      publish_token: ${{ secrets.BCR_PUBLISH_TOKEN }}
diff --git a/.github/workflows/workflows.cue b/.github/workflows/workflows.cue
index a9858ef..2dae902 100644
--- a/.github/workflows/workflows.cue
+++ b/.github/workflows/workflows.cue
@@ -58,6 +58,43 @@ ci: {
 	}
 }
 
+publish: {
+	name: "Publish"
+	on: {
+		// Run the publish workflow after a successful release
+		// Will be triggered from the release.yaml workflow
+		workflow_call: inputs: tag_name: {
+			required: true
+			type:     "string"
+		}
+		// In case of problems, let release engineers retry by manually dispatching
+		// the workflow from the GitHub UI
+		workflow_dispatch: inputs: tag_name: {
+			required: true
+			type:     "string"
+		}
+	}
+	jobs: publish: {
+		uses: "bazel-contrib/publish-to-bcr/.github/workflows/publish.yaml@v0.2.1"
+		with: {
+			tag_name: "${{ inputs.tag_name }}"
+			// GitHub repository which is a fork of the upstream where the Pull Request will be opened.
+			registry_fork: "abcue/bazel-central-registry"
+			// see note on Attestation Support
+			attest: true
+		}
+		permissions: {
+			contents: "write"
+			// Necessary if attest:true
+			"id-token": "write"
+			// Necessary if attest:true
+			attestations: "write"
+		}
+		// Necessary to push to the BCR fork, and to open a pull request against a registry
+		secrets: publish_token: "${{ secrets.BCR_PUBLISH_TOKEN }}"
+	}
+}
+
 release: {
 	// Cut a release whenever a new tag is pushed to the repo.
 	// You should use an annotated tag, like `git tag -a v1.2.3`

From bedad360d5d3f5ad136988cb65ee39b232553651 Mon Sep 17 00:00:00 2001
From: Yujun Zhang <zhangyujun@gmail.com>
Date: Sat, 7 Jun 2025 15:19:08 +0800
Subject: [PATCH 2/2] Normalize workflows name

---
 .github/workflows/ci_gen.yaml   |  1 +
 .github/workflows/workflows.cue | 12 +++++++-----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/ci_gen.yaml b/.github/workflows/ci_gen.yaml
index 574c867..c8443dd 100644
--- a/.github/workflows/ci_gen.yaml
+++ b/.github/workflows/ci_gen.yaml
@@ -1,3 +1,4 @@
+name: CI
 "on":
   push:
     branches:
diff --git a/.github/workflows/workflows.cue b/.github/workflows/workflows.cue
index 2dae902..6756f7a 100644
--- a/.github/workflows/workflows.cue
+++ b/.github/workflows/workflows.cue
@@ -1,10 +1,13 @@
 package workflows
 
-import "encoding/json"
+import (
+	"strings"
+	"encoding/json"
+)
 
-buildifier: {
-	name: "Buildifier"
+[N=_]: name: *strings.ToTitle(N) | _
 
+buildifier: {
 	// Controls when the action will run.
 	on: {
 		// Triggers the workflow on push or pull request events but only for the main branch
@@ -25,6 +28,7 @@ buildifier: {
 }
 
 ci: {
+	name: "CI"
 	// Controls when the action will run.
 	on: {
 		// Triggers the workflow on push or pull request events but only for the main branch
@@ -59,7 +63,6 @@ ci: {
 }
 
 publish: {
-	name: "Publish"
 	on: {
 		// Run the publish workflow after a successful release
 		// Will be triggered from the release.yaml workflow
@@ -99,7 +102,6 @@ release: {
 	// Cut a release whenever a new tag is pushed to the repo.
 	// You should use an annotated tag, like `git tag -a v1.2.3`
 	// and put the release notes into the commit message for the tag.
-	name: "Release"
 	on: push: tags: ["v*.*.*"]
 	permissions: contents: "write"
 	jobs: release: {