Publish release #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| type: environment | |
| description: "Environment in which to execute the release process" | |
| push: | |
| branches: [ "ci/*", "ci-*" ] | |
| jobs: | |
| ci: | |
| name: Run CI pipeline | |
| uses: msetina/moj-elektro-v1/.github/workflows/build-pipeline.yml@main | |
| permissions: | |
| actions: write | |
| contents: read | |
| extract-params: | |
| name: Determine release parameters | |
| runs-on: ubuntu-latest | |
| permissions: {} | |
| outputs: | |
| publish-env: ${{ steps.setenv.outputs.envname }} | |
| release-version: ${{ steps.getversion.outputs.version }} | |
| steps: | |
| - id: setenv | |
| run: | | |
| if [[ $GITHUB_EVENT_NAME == 'release' ]]; then | |
| echo envname=release >> "$GITHUB_OUTPUT" | |
| elif [[ $GITHUB_EVENT_NAME == 'push' ]]; then | |
| # at times it may be convenient to temporarily turn on release-on-push | |
| # for testing purposes, so leaving this line in helps make that smoother | |
| echo envname=test-release >> "$GITHUB_OUTPUT" | |
| elif [[ $GITHUB_EVENT_NAME == 'workflow_dispatch' ]]; then | |
| echo "envname=${{ inputs.environment }}" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "Cannot run release workflow for trigger event $GITHUB_EVENT_NAME" | |
| exit 1 | |
| fi | |
| cat "$GITHUB_OUTPUT" | |
| publish: | |
| name: Publish release artifacts | |
| needs: [extract-params,ci] | |
| runs-on: ubuntu-latest | |
| environment: ${{ needs.extract-params.outputs.publish-env }} | |
| permissions: | |
| # we use PyPI's trusted publisher model -> expose identity token | |
| id-token: write | |
| # we want to add sigstore's artifacts to the release on GitHub | |
| contents: write | |
| discussions: write | |
| steps: | |
| - name: Download dist artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: plugin-dist | |
| path: dist/ | |
| - name: Upload to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: ${{ vars.REPOSITORY_URL }} | |
| - name: Sign with sigstore | |
| uses: sigstore/[email protected] | |
| with: | |
| inputs: ./dist/* | |
| # useful to inspect workflow artifacts in test runs | |
| upload-signing-artifacts: true | |
| - name: Create GitHub release | |
| if: needs.extract-params.outputs.publish-env == 'release' && startsWith(github.ref, 'refs/tags/') | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| files: | | |
| dist/*.whl | |
| dist/*.tar.gz | |
| dist/*.sigstore | |
| fail_on_unmatched_files: true | |
| discussion_category_name: Announcements | |
| prerelease: true | |
| name: moj-elektro-v1 ${{ needs.extract-params.outputs.release-version }} |