diff --git a/.github/dependabot.yml b/.github/dependabot.yml index bef60b2..f03da23 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -2,12 +2,15 @@ # package ecosystems to update and where the package manifests are located. # Please see the documentation for all configuration options: # https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates +# also see +# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates version: 2 updates: - # Maintain dependencies for GitHub Actions + # Workflow files in .github/workflows will be checked - package-ecosystem: "github-actions" directory: "/" schedule: # Check for updates to GitHub Actions every week interval: "weekly" + diff --git a/.github/workflows/release-package.yaml b/.github/workflows/release.yaml similarity index 51% rename from .github/workflows/release-package.yaml rename to .github/workflows/release.yaml index fc68ded..6859de8 100644 --- a/.github/workflows/release-package.yaml +++ b/.github/workflows/release.yaml @@ -1,12 +1,14 @@ -name: Publish package to pypi +name: Release on: - push: - branches: [main] - paths: - - "src/coastpy/**" + release: + types: + - created workflow_dispatch: +permissions: + contents: read + concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true @@ -16,21 +18,29 @@ defaults: shell: bash -l {0} jobs: - build_and_publish: + check-package: + name: Build & inspect our package. runs-on: ubuntu-latest - steps: - uses: actions/checkout@v4 - - - name: Set up Micromamba - uses: mamba-org/setup-micromamba@v1 with: - environment-file: ci/envs/312-release-package.yaml + fetch-depth: 0 + - uses: hynek/build-and-inspect-python-package@v2 + + release-pypi: + permissions: + id-token: write + contents: read + name: Publish released package to pypi.org + runs-on: ubuntu-latest + needs: check-package - # NOTE: 'poetry install' because we assume all packages are available in the release env - - name: Build package - run: | - poetry build + steps: + - name: Download packages built by build-and-inspect-python-package + uses: actions/download-artifact@v4 + with: + name: Packages + path: dist - name: Publish package distributions to TestPyPI uses: pypa/gh-action-pypi-publish@release/v1 @@ -39,9 +49,8 @@ jobs: password: ${{ secrets.TEST_PYPI_API_TOKEN }} repository-url: https://test.pypi.org/legacy/ - # Publish to PyPI - name: Publish package distributions to PyPI uses: pypa/gh-action-pypi-publish@release/v1 with: user: __token__ - password: ${{ secrets.PYPI_API_TOKEN }} + password: ${{ secrets.PYPI_TOKEN }} diff --git a/ci/envs/312-release-package.yaml b/ci/envs/312-release.yaml similarity index 100% rename from ci/envs/312-release-package.yaml rename to ci/envs/312-release.yaml diff --git a/pyproject.toml b/pyproject.toml index a6fc4ac..a64b8e3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -80,7 +80,7 @@ Homepage = "https://github.com/florisCalkoen/coastpy" source = "vcs" [tool.hatch.build.hooks.vcs] -version-file = "src/coastpy/_version.py" +version-file = "src/coastpy/__init__.py" [tool.ruff] line-length = 88