-
Notifications
You must be signed in to change notification settings - Fork 3
134 lines (113 loc) · 3.76 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
---
name: Publish to PyPI / GitHub
on:
push:
tags:
- "v*"
permissions:
contents: read
jobs:
build:
name: "Build the project"
runs-on: ubuntu-latest
outputs:
prerelease: ${{ steps.check-version.outputs.prerelease }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup poetry
uses: ItsDrike/setup-poetry@v1
with:
python-version: 3.13
install-args: "--only release-ci"
- name: Set version with dynamic versioning
run: poetry run poetry-dynamic-versioning
- name: Build project for distribution
run: poetry build
- name: Upload build files
uses: actions/upload-artifact@v4
with:
name: "dist"
path: "dist/"
if-no-files-found: error
retention-days: 5
- name: Check pre-release status
id: check-version
run: |
if [[ "$(poetry version --short)" =~ "^[0-9]+\.[0-9]+\.[0-9]+$" ]]
then
echo prerelease=true >> $GITHUB_OUTPUT
else
echo prerelease=false >> $GITHUB_OUTPUT
fi
# Get content of the changelog for the latest release, so that we can use
# it as the body for a GitHub tag
- name: Obtain latest changelog
# Our CHANGELOG.md uses `---` separators between each published
# version. The command below obtains all content until that separator,
# leaving us with just the content for the latest version. We then
# remove first 2 lines, being level 2 header with version and date,
# and a blank line under it, and also the last 2 lines, being the
# separator itself, and a blank line above it.
run: |
awk '1;/---/{exit}' CHANGELOG.md | tail -n +3 | head -n -2 \
> changelog.txt
- name: Upload release changelog
uses: actions/upload-artifact@v4
with:
name: "changelog"
path: "changelog.txt"
if-no-files-found: error
retention-days: 5
publish-github:
name: "Publish a GitHub release"
needs: build
runs-on: ubuntu-latest
environment: release
steps:
- name: Download the distribution files from PR artifact
uses: actions/download-artifact@v4
with:
name: "dist"
path: "dist/"
- name: Download the changelog from PR artifact
uses: actions/download-artifact@v4
with:
name: "changelog"
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@v2
with:
app_id: ${{ secrets.APP_ID }}
private_key: ${{ secrets.PRIVATE_KEY }}
- name: Create Release
uses: ncipollo/release-action@v1
with:
artifacts: "dist/*"
token: ${{ steps.generate_token.outputs.token }}
bodyFile: changelog.txt
draft: false
prerelease: ${{ needs.build.outputs.prerelease == 'true' }}
publish-pypi:
name: "Publish to PyPI"
needs: build
runs-on: ubuntu-latest
environment: release
permissions:
# Used to authenticate to PyPI via OIDC.
id-token: write
steps:
- name: Download the distribution files from PR artifact
uses: actions/download-artifact@v4
with:
name: "dist"
path: "dist/"
# Upload to Test PyPI first, in case something fails.
- name: Upload to Test PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
# the "legacy" in the URL doesn't mean it's deprecated
repository-url: https://test.pypi.org/legacy/
# This uses PyPI's trusted publishing, so no token is required
- name: Release to PyPI
uses: pypa/gh-action-pypi-publish@release/v1