fix: release-please draft release race condition causes bogus v3.0.0 version bumps and extension publish workflows require manual version input #543
Description
Summary
Two related CI/CD defects in the release pipeline:
- release-please
"draft": trueconfiguration creates a race condition that causes release-please to propose erroneous v3.0.0 major version bumps (PRs chore(main): release hve-core 3.0.0 #530, chore(main): release hve-core 3.0.0 #532, chore(main): release hve-core 3.0.0 #534, chore(main): release hve-core 3.0.0 #539, chore(main): release hve-core 3.0.0 #540, chore(main): release hve-core 3.0.0 #542). - Extension publish workflows require manual version input via
workflow_dispatch, adding unnecessary friction to the release process.
Problem 1: Draft Release Invisibility Race Condition
Root Cause
PR #538 introduced "draft": true in release-please-config.json to solve HTTP 422 errors when uploading assets to immutable published releases. While draft releases are mutable (allowing asset uploads), they have a critical side effect: draft releases do not create git tags.
Within a single release-please invocation, the following sequence occurs:
- release-please creates a draft release for
v2.3.3 - In the same invocation, release-please searches for the
hve-core-v2.3.3tag to anchor the next version calculation - The tag does not exist because draft releases skip tag creation
- release-please falls back to scanning the entire commit history (320+ commits)
- It encounters an old commit with a
BREAKING CHANGEStrailer - It proposes a v3.0.0 major version bump via a new PR
The tag bridge step added in PR #538 runs after release-please completes — too late to prevent the race condition within the same invocation.
Evidence
CI log from the release-please step clearly shows:
Found version 2.3.3 for . based on a draft GitHub release
Searching for tag hve-core-v2.3.3
Could not find tag hve-core-v2.3.3
Backfilling commit history to find latest release
Looking at 320 commits
Fix
- Remove
"draft": truefromrelease-please-config.json(both root and package level) - Remove
"force-tag-creation": true(requires release-please v17.2.0+; current v17.1.3 silently ignores it) - Replace the 20-line tag bridge step in
main.ymlwith a 2-line post-creation draft conversion:
gh release edit "$TAG" --draft=true -R "${{ github.repository }}"This lets release-please create a published release (tag created, searchable), then immediately converts it to draft so assets can be uploaded to a mutable release. The existing publish-release job already runs gh release edit --draft=false at the end to finalize.
Sequence After Fix
release-please creates published v2.3.x release → tag created immediately
↓
post-creation step converts release to draft (mutable for asset upload)
↓
package/attest/upload jobs upload assets to draft release
↓
publish-release job converts draft → published (final)
Problem 2: Extension Publish Workflows Require Manual Version Input
Root Cause
Both extension-publish-prerelease.yml and extension-publish.yml define version as a required workflow_dispatch input. Operators must manually look up the latest release tag and type in the version string every time they trigger a publish, which is error-prone and unnecessary.
Fix
extension-publish-prerelease.yml:
- Change
versioninput fromrequired: truetorequired: falsewithdefault: '' - When empty, auto-detect from
gh release view --json tagName -q '.tagName' - Strip the
hve-core-vprefix - Derive the pre-release ODD minor version: if the latest release has an even minor version, bump minor by 1 and reset patch to 0 (per the ODD/EVEN channel convention)
extension-publish.yml:
- When
versioninput is empty, auto-detect fromgh release view --json tagName -q '.tagName' - Strip the
hve-core-vprefix automatically
Both jobs receive GH_TOKEN: ${{ github.token }} in the detection step for gh CLI authentication.
Files Changed
| File | Change |
|---|---|
release-please-config.json |
Remove "draft": true (root + package) and "force-tag-creation": true |
.github/workflows/main.yml |
Replace tag bridge step with gh release edit --draft=true post-creation step |
.github/workflows/extension-publish-prerelease.yml |
Make version optional, add auto-detect + ODD minor derivation |
.github/workflows/extension-publish.yml |
Add auto-detect from latest release tag when version is empty |
Branch
fix/release-please-draft-visibility
Related
- Closes bogus v3.0.0 PRs: chore(main): release hve-core 3.0.0 #530, chore(main): release hve-core 3.0.0 #532, chore(main): release hve-core 3.0.0 #534, chore(main): release hve-core 3.0.0 #539, chore(main): release hve-core 3.0.0 #540, chore(main): release hve-core 3.0.0 #542
- Supersedes approach from PR fix(workflows): add manual tag creation for draft releases until release-please-action updates #538 (draft-first strategy)
- Original HTTP 422 error:
Cannot upload assets to an immutable release