From e157950f17db885786d602aa2f9f3ff02ec44d8a Mon Sep 17 00:00:00 2001 From: Pradyun Gedam Date: Sat, 27 Apr 2024 11:59:47 +0100 Subject: [PATCH] Update the release.yml file This now more closely follows the guidance provided about this. --- .github/workflows/release.yml | 108 +++++++++++++++++++++++++--------- 1 file changed, 79 insertions(+), 29 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 756b3d47..874de2e8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -2,47 +2,97 @@ # and then try to upload to TestPyPI. The second step seems to be consistently # failing. :) -name: Release -on: - push: - tags: - - "*" - -permissions: - id-token: write - contents: write +name: Build and release +on: [push] jobs: build: runs-on: ubuntu-latest + steps: - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v4 + with: + python-version: "3.x" + + - run: pip install build + - run: python -m build - - name: Install dependencies - run: pip install build + - uses: actions/upload-artifact@v4 + with: + name: distributions + path: dist/ + + publish-pypi: + runs-on: ubuntu-latest - - name: Generate final distribution - run: python -m build + if: startsWith(github.ref, 'refs/tags/') + needs: [build] - - name: Upload source distribution as an action artifact - uses: actions/upload-artifact@v4 + environment: + name: release + permissions: + id-token: write + + steps: + - uses: actions/download-artifact@v4 with: - name: sdist - path: dist/furo-*.tar.gz - - name: Upload wheel distribution as an action artifact - uses: actions/upload-artifact@v4 + name: python-package-distributions + path: dist/ + + - uses: pypa/gh-action-pypi-publish@release/v1 + + publish-testpypi: + runs-on: ubuntu-latest + + if: startsWith(github.ref, 'refs/tags/') + needs: [build] + + environment: + name: release + permissions: + id-token: write + + steps: + - uses: actions/download-artifact@v4 with: - name: wheel - path: dist/furo-*-py3-none-any.whl + name: python-package-distributions + path: dist/ + + - uses: pypa/gh-action-pypi-publish@release/v1 + with: + repository-url: https://test.pypi.org/legacy/ + + github-release: + runs-on: ubuntu-latest + + needs: [publish-to-testpypi] + + permissions: + contents: write + id-token: write - - name: Make a GitHub Release - uses: softprops/action-gh-release@v2 + steps: + - uses: actions/download-artifact@v3 with: - files: dist/* + name: python-package-distributions + path: dist/ - - name: Upload to TestPyPI - uses: pypa/gh-action-pypi-publish@release/v1 + - uses: sigstore/gh-action-sigstore-python@v1.2.3 with: - repository_url: https://test.pypi.org/legacy/ - verbose: true + inputs: ./dist/*.tar.gz ./dist/*.whl + + - name: Create a GitHub release + run: >- + gh release create --repo '${{ github.repository }}' + '${{ github.ref_name }}' + env: + GITHUB_TOKEN: ${{ github.token }} + + - name: Upload signed release files to GitHub release + run: >- + gh release upload --repo '${{ github.repository }}' + '${{ github.ref_name }}' + dist/** + env: + GITHUB_TOKEN: ${{ github.token }}