[pre-commit.ci] pre-commit autoupdate (#517) #76
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: "🐍📦 Old Production build and release" | |
| # GitHub/PyPI trusted publisher documentation: | |
| # https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/ | |
| # yamllint disable-line rule:truthy | |
| on: | |
| push: | |
| # Only invoked on release tag pushes | |
| branches: | |
| - 'main' | |
| - 'master' | |
| tags: | |
| - 'v*.*.*' | |
| env: | |
| python-version: "3.10" | |
| ### BUILD ### | |
| jobs: | |
| build: | |
| name: "🐍 Build packages" | |
| # Only publish on tag pushes | |
| # if: startsWith(github.ref, 'refs/tags/') | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| id-token: write | |
| steps: | |
| ### BUILDING ### | |
| - name: "Checkout repository" | |
| uses: actions/checkout@v4 | |
| - name: "Setup Python" | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.python-version }} | |
| - name: "Setup PDM for build commands" | |
| uses: pdm-project/setup-pdm@v4 | |
| - name: "Fetch current semantic tag" | |
| id: fetch-tags | |
| # yamllint disable-line rule:line-length | |
| uses: os-climate/devops-reusable-workflows/.github/actions/latest-semantic-tag@main | |
| - name: "Update version from tags for production release" | |
| run: | | |
| echo "Github tag/versioning: ${{ github.ref_name }}" | |
| if (grep 'dynamic = \[\"version\"\]' pyproject.toml > /dev/null); then | |
| echo "Proceeding build with dynamic versioning" | |
| else | |
| echo "Using legacy script to bump release version" | |
| scripts/release-versioning.sh | |
| fi | |
| - name: "Build with PDM backend" | |
| run: | | |
| pdm build | |
| ### SIGNING ### | |
| - name: "Sign packages with Sigstore" | |
| # Use new action | |
| uses: sigstore/gh-action-sigstore-python@v3.0.0 | |
| with: | |
| inputs: >- | |
| ./dist/*.tar.gz | |
| ./dist/*.whl | |
| - name: Store the distribution packages | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ github.ref_name }} | |
| path: dist/ | |
| ### PUBLISH GITHUB ### | |
| github: | |
| name: "📦 Publish to GitHub" | |
| # Only publish on tag pushes | |
| # if: startsWith(github.ref, 'refs/tags/') | |
| needs: | |
| - build | |
| runs-on: ubuntu-latest | |
| permissions: | |
| # IMPORTANT: mandatory to publish artefacts | |
| contents: write | |
| steps: | |
| - name: "⬇ Download build artefacts" | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ${{ github.ref_name }} | |
| path: dist/ | |
| - name: "📦 Publish artefacts to GitHub" | |
| # https://github.com/softprops/action-gh-release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| prerelease: false | |
| tag_name: ${{ github.ref_name }} | |
| name: "Test/Development Build \ | |
| ${{ github.ref_name }}" | |
| # body_path: ${{ github.workspace }}/CHANGELOG.rst | |
| files: | | |
| dist/*.tar.gz | |
| dist/*.whl | |
| dist/*.sigstore* | |
| ### PUBLISH PYPI TEST ### | |
| testpypi: | |
| name: "📦 Publish to PyPi Test" | |
| # Only publish on tag pushes | |
| # if: startsWith(github.ref, 'refs/tags/') | |
| needs: | |
| - build | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: testpypi | |
| permissions: | |
| # IMPORTANT: mandatory for trusted publishing | |
| id-token: write | |
| steps: | |
| - name: "⬇ Download build artefacts" | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ${{ github.ref_name }} | |
| path: dist/ | |
| - name: "Remove files unsupported by PyPi" | |
| run: | | |
| if [ -f dist/buildvars.txt ]; then | |
| rm dist/buildvars.txt | |
| fi | |
| rm dist/*.sigstore* | |
| - name: Publish distribution to Test PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ | |
| verbose: true | |
| ### PUBLISH PYPI ### | |
| pypi: | |
| name: "📦 Publish to PyPi" | |
| # Only publish on tag pushes | |
| # if: startsWith(github.ref, 'refs/tags/') | |
| needs: | |
| - testpypi | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: pypi | |
| permissions: | |
| # IMPORTANT: mandatory for trusted publishing | |
| id-token: write | |
| steps: | |
| - name: "⬇ Download build artefacts" | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ${{ github.ref_name }} | |
| path: dist/ | |
| - name: "Remove files unsupported by PyPi" | |
| run: | | |
| if [ -f dist/buildvars.txt ]; then | |
| rm dist/buildvars.txt | |
| fi | |
| rm dist/*.sigstore* | |
| - name: "Setup PDM for build commands" | |
| uses: pdm-project/setup-pdm@v4 | |
| - name: "Publish release to PyPI" | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| verbose: true |