ci: release via PR instead of direct push to main#570
Closed
tolzhabayev wants to merge 1 commit intomainfrom
Closed
ci: release via PR instead of direct push to main#570tolzhabayev wants to merge 1 commit intomainfrom
tolzhabayev wants to merge 1 commit intomainfrom
Conversation
The org-level "Public repo required PRs" ruleset blocks direct pushes to main, so the previous flow (commit + tag pushed straight to main from the workflow) fails. Split the release into two stages: - do-release.yml: bump version on a release branch and open a PR. - tag-on-version-bump.yml: when main receives a package.json version change (e.g. via the merged release PR), create and push the v* tag, which triggers the existing release pipeline. Tag pushes are not blocked because the ruleset targets branches only. do-release-mcp.yml has the same issue and will be addressed separately.
grafana-plugins-platform-bot
Bot
moved this from 📬 Triage
to 🔬 In review
in Grafana Catalog Team
6 tasks
Contributor
Author
|
Superseded by #571, which migrates releases to release-please instead of layering a custom branch+PR workflow. See that PR for the full rationale and the alignment with grafana/plugin-ci-workflows / grafana/plugin-actions conventions. |
github-project-automation
Bot
moved this from 🔬 In review
to 🚀 Shipped
in Grafana Catalog Team
tolzhabayev
added a commit
that referenced
this pull request
May 8, 2026
The previous release flow (do-release{,-mcp}.yml → push commit + tag to
main from a workflow) is blocked by the org-level "Public repo required
PRs" ruleset. Replace the bespoke machinery with release-please, matching
the convention already used in grafana/plugin-ci-workflows and
grafana/plugin-actions.
- Add release-please-config.json with two packages (root → plugin-validator,
mcp-package → mcp); bootstrap-sha pins the root changelog start to the
v0.41.0 commit so the first release PR doesn't enumerate all of history.
- Add .release-please-manifest.json with current versions.
- Add .github/workflows/release-please.yml; on push to main it opens /
updates per-package release PRs and on merge creates the tag + GitHub
Release with the changelog body.
- Update release.yml to trigger on plugin-validator/v[0-9]* tags and pass
RELEASE_VERSION (semver only) into goreleaser.
- Update .goreleaser.yaml archives.name_template to use RELEASE_VERSION;
needed because the new tag contains a "/" which would otherwise pollute
the default {{ .Version }} archive name.
- Update package.json binWrapper urlTemplate for the new download path.
- release-mcp.yml + .goreleaser.mcp.yaml unchanged: release-please produces
mcp/v* tags that already match the existing trigger and MCP_VERSION
extraction.
- GoReleaser default release.mode is keep-existing, which preserves the
body release-please writes on the GitHub Release.
- Delete do-release.yml and do-release-mcp.yml.
- Rewrite HOW_TO_RELEASE.md for the conventional-commit-driven flow.
Supersedes #570.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The org-level "Public repo required PRs" ruleset (id
15595097) blocks direct pushes tomain, which broke the existing release flow — see failed run https://github.com/grafana/plugin-validator/actions/runs/25546676728.This PR splits the release into two stages so it works under the new policy:
do-release.yml(workflow_dispatch, unchanged trigger): bumps the version on arelease/bump-vX.Y.Zbranch and opens a PR. No tag, no main push.tag-on-version-bump.yml(new, triggers onpushtomainwithpackage.jsonchange): ifpackage.json's version differs from the previous commit and the correspondingvX.Y.Ztag doesn't already exist, create and push the tag. The tag push triggers the existingrelease.yml, which publishes the GitHub Release, the npm package, and the Docker image.Tag pushes aren't blocked by the org ruleset (it targets
branchrefs only), so step 2 works under the existing rules.HOW_TO_RELEASE.mdis updated to reflect the new step (review and squash-merge the auto-PR).Notes
do-release-mcp.ymlhas the same problem and will need an analogous fix. Out of scope for this PR.Test plan
version=patch.release/bump-v0.41.1branch and matching PR are created automatically.v0.41.1.