Skip to content
This repository has been archived by the owner on Sep 24, 2024. It is now read-only.

Adds first PyPI publishing workflow #11

Adds first PyPI publishing workflow

Adds first PyPI publishing workflow #11

Workflow file for this run

name: Publish Python 🐍 distribution πŸ“¦ to PyPI and TestPyPI
on:
push:
tags:
- "v*"
pull_request:
branches:
- "main"
- "dev"
- "release/v[0-9].[0-9]"
workflow_dispatch:
jobs:
build_dist:
name: Build distribution πŸ“¦
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: set up python
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: set up poetry
env:
POETRY_PYPI_TOKEN_TESTPYPI: ${{ secrets.PYPI_TEST_KEY }}
POETRY_PYPI_TOKEN: ${{ secrets.PYPI_KEY }}
run: |
export VENV_PATH="$HOME/venv"
python3 -m venv $VENV_PATH
$VENV_PATH/bin/pip install -U pip setuptools
$VENV_PATH/bin/pip install poetry
export POETRY="$VENV_PATH/bin/poetry"
$POETRY config repositories.testpypi https://test.pypi.org/legacy/
cd "$GITHUB_WORKSPACE"
- name: build_dist
run: |
$POETRY build
ls ./dist/
publish-testpypi:
name: >-
Publish dist to test pypi
needs:
- build_dist
runs-on: ubuntu-latest
if: ${{ github.event_name == 'pull_request' }}
steps:
# - uses: actions/checkout@v4
- name: prepare with poetry
run: |
$POETRY publish --repository testpypi
publish-pypi:
name: >-
Publish dist to real pypi
needs:
- build_dist
runs-on: ubuntu-latest
env:
POETRY_PYPI_TOKEN: ${{ secrets.PYPI_KEY }}
if: endsWith(github.event.base_ref, 'main') == true
steps:
- name: prepare with poetry
run: |
$POETRY publish --repository testpypi --build
github-release:
name: >-
Sign the Python 🐍 distribution πŸ“¦ with Sigstore
and upload them to GitHub Release
needs:
- build_dist
- publish-pypi # will error if this step fails
runs-on: ubuntu-latest
permissions:
contents: write # IMPORTANT: mandatory for making GitHub Releases
id-token: write # IMPORTANT: mandatory for sigstore
# should only run when commits are pushed to main and a tag is there (from above)
if: endsWith(github.event.base_ref, 'main') == true
steps:
- name: Sign the dists with Sigstore
uses: sigstore/[email protected]
with:
inputs: >-
"$GITHUB_WORKSPACE"/dist/*.tar.gz
"$GITHUB_WORKSPACE"./dist/*.whl
- name: Create GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
run: >-
gh release create
'${{ github.ref_name }}'
--repo '${{ github.repository }}'
- name: Upload artifact signatures to GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
# Upload to GitHub Release using the `gh` CLI.
# `dist/` contains the built packages, and the
# sigstore-produced signatures and certificates.
run: >-
gh release upload
'${{ github.ref_name }}' dist/**
--repo '${{ github.repository }}'