зеркало из
https://github.com/VIGINUM-FR/D3lta.git
synced 2025-10-29 13:06:10 +02:00
c7107aae1d
[test.]pypi.org reject uploads of distributions with an already existing version number. Publishing to testpypi on every commit therefore does not work in the current versioning setup since it leads to duplicate release versions.
118 строки
3.2 KiB
YAML
118 строки
3.2 KiB
YAML
# derived from https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/#the-whole-ci-cd-workflow
|
|
name: Publish Python 🐍 distribution 📦 to PyPI
|
|
|
|
on: push
|
|
|
|
jobs:
|
|
unit-test:
|
|
name: Run unit tests 🤾
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
persist-credentials: false
|
|
- name: Set up Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: "3.11"
|
|
- name: Install dependencies
|
|
run: |
|
|
pip install poetry
|
|
poetry install --with dev
|
|
- name: Build a binary wheel and a source tarball
|
|
run:
|
|
poetry run pytest
|
|
|
|
build:
|
|
name: Build distribution 📦
|
|
needs:
|
|
- unit-test
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
persist-credentials: false
|
|
- name: Set up Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: "3.x"
|
|
- name: Install pypa/build
|
|
run: >-
|
|
python3 -m
|
|
pip install
|
|
build
|
|
--user
|
|
- name: Build a binary wheel and a source tarball
|
|
run: python3 -m build
|
|
- name: Store the distribution packages
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: python-package-distributions
|
|
path: dist/
|
|
|
|
publish-to-pypi:
|
|
name: >-
|
|
Publish Python 🐍 distribution 📦 to PyPI
|
|
if: startsWith(github.ref, 'refs/tags/') # only publish to PyPI on tag pushes
|
|
needs:
|
|
- build
|
|
runs-on: ubuntu-latest
|
|
environment:
|
|
name: pypi
|
|
url: https://pypi.org/p/d3lta # pypi is case insensitive so d3lta == D3lta
|
|
permissions:
|
|
id-token: write # IMPORTANT: mandatory for trusted publishing
|
|
|
|
steps:
|
|
- name: Download all the dists
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: python-package-distributions
|
|
path: dist/
|
|
- name: Publish distribution 📦 to PyPI
|
|
uses: pypa/gh-action-pypi-publish@release/v1
|
|
|
|
github-release:
|
|
name: >-
|
|
Sign the Python 🐍 distribution 📦 with Sigstore
|
|
and upload them to GitHub Release
|
|
needs:
|
|
- publish-to-pypi
|
|
runs-on: ubuntu-latest
|
|
|
|
permissions:
|
|
contents: write # IMPORTANT: mandatory for making GitHub Releases
|
|
id-token: write # IMPORTANT: mandatory for sigstore
|
|
|
|
steps:
|
|
- name: Download all the dists
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: python-package-distributions
|
|
path: dist/
|
|
- name: Sign the dists with Sigstore
|
|
uses: sigstore/gh-action-sigstore-python@v3.0.0
|
|
with:
|
|
inputs: >-
|
|
./dist/*.tar.gz
|
|
./dist/*.whl
|
|
- name: Create GitHub Release
|
|
env:
|
|
GITHUB_TOKEN: ${{ github.token }}
|
|
run: >-
|
|
gh release create
|
|
"$GITHUB_REF_NAME"
|
|
--repo "$GITHUB_REPOSITORY"
|
|
--notes ""
|
|
- name: Upload artifact signatures to GitHub Release
|
|
env:
|
|
GITHUB_TOKEN: ${{ github.token }}
|
|
# Upload to GitHub Release using the `gh` CLI.
|
|
# `dist/` contains the built packages, and the
|
|
# sigstore-produced signatures and certificates.
|
|
run: >-
|
|
gh release upload
|
|
"$GITHUB_REF_NAME" dist/**
|
|
--repo "$GITHUB_REPOSITORY" |