Skip to content
Upload and Publish Python Package

Upload and Publish Python Package #31

Sign in to view logs

Upload and Publish Python Package

Upload and Publish Python Package #31

Workflow file for this run

.github/workflows/publish-release.yml at d16f59e
name: Upload and Publish Python Package
on:
workflow_run:
workflows: ["run_unit_tests"]
types:
- completed
workflow_dispatch:
jobs:
check-tag:
name: Check if commit is a tag
if: >
github.event_name == 'workflow_dispatch' ||
github.event.workflow_run.conclusion == 'success'
runs-on: ubuntu-latest
outputs:
is_tagged: ${{ steps.check-tag.outputs.is_tagged }}
tag_name: ${{ steps.check-tag.outputs.tag_name }}
is_prerelease: ${{ steps.check-tag.outputs.is_prerelease }}
steps:
- name: Checkout full history
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Determine tagged commit and pre-release
id: check-tag
run: |
TAG=$(git tag --points-at HEAD | head -n 1)
echo "Found tag: $TAG"
if [[ "$TAG" =~ ^[0-9]+\.[0-9]+\.[0-9]+.*$ ]]; then
echo "is_tagged=true" >> $GITHUB_OUTPUT
echo "tag_name=$TAG" >> $GITHUB_OUTPUT
if [[ "$TAG" =~ ^[0-9]+\.[0-9]+\.[0-9]+[a-zA-Z].*$ ]]; then
echo "is_prerelease=true" >> $GITHUB_OUTPUT
else
echo "is_prerelease=false" >> $GITHUB_OUTPUT
fi
else
echo "is_tagged=false" >> $GITHUB_OUTPUT
fi
build:
name: Build Package
needs: check-tag
if: needs.check-tag.outputs.is_tagged == 'true'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install build
- name: Build sdist and wheel
run: python -m build
- name: Upload built packages
uses: actions/upload-artifact@v4
with:
name: dist
path: dist/
publish-to-testpypi:
name: Publish to TestPyPI
needs: build
runs-on: ubuntu-latest
permissions:
id-token: write
steps:
- uses: actions/download-artifact@v4
with:
name: dist
path: dist/
- name: Publish to TestPyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
repository-url: https://test.pypi.org/legacy/
test-install:
name: Test Install from TestPyPI
needs: publish-to-testpypi
runs-on: ubuntu-latest
steps:
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Test install from TestPyPI
run: |
python -m pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple spm-python
python -c "import spm"
publish-to-pypi:
name: Publish to PyPI
needs: test-install
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/project/spm-python/
permissions:
id-token: write
steps:
- uses: actions/download-artifact@v4
with:
name: dist
path: dist/
- name: Publish to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
sign-and-release:
name: Sign and Create GitHub Release
needs: [check-tag, publish-to-pypi]
if: needs.check-tag.outputs.is_tagged == 'true'
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
steps:
- uses: actions/download-artifact@v4
with:
name: dist
path: dist/
- name: Sign with Sigstore
uses: sigstore/[email protected]
with:
inputs: >-
dist/*.tar.gz
dist/*.whl
- name: Create GitHub Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release create "${{ needs.check-tag.outputs.tag_name }}" \
--repo "$GITHUB_REPOSITORY" \
--notes "" \
$([[ "${{ needs.check-tag.outputs.is_prerelease }}" == "true" ]] && echo "--prerelease") \
dist/*
- name: Upload artifact signatures
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release upload "${{ needs.check-tag.outputs.tag_name }}" dist/** --repo "$GITHUB_REPOSITORY"