Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CI - Swap to trusted publisher for releases #1758

Merged
merged 2 commits into from
Apr 8, 2024
Merged

CI - Swap to trusted publisher for releases #1758

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6b446c0
:construction_worker: Remove token based release from CI
trallard Apr 5, 2024
7df4571
Add package inspection step
trallard Apr 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 40 additions & 15 deletions .github/workflows/publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,34 +1,59 @@
# This will run every time a tag is created and pushed to the repository.
# This will run every time a release is created and published.
# It calls our tests workflow via a `workflow_call`, and if tests pass
# then it triggers our upload to PyPI for a new release.
name: Publish to PyPI
on:
release:
types: ["published"]
types:
- published
workflow_dispatch:

env:
FORCE_COLOR: "1" # Make tools pretty.

permissions:
contents: read
id-token: write # needed for PyPI upload

jobs:
# calls our tests workflow
tests:
uses: ./.github/workflows/tests.yml
publish:
name: publish

build-package:
name: "Build & verify PST package"
needs: [tests] # require tests to pass before deploy runs
runs-on: ubuntu-latest
steps:
- name: Checkout source
- name: "Checkout repository 🛎"
uses: actions/checkout@v4
- name: Set up Python 3.9

- name: "Set up Python 3.9"
uses: actions/setup-python@v5
with:
python-version: "3.9"
- name: Install gettext for translations

- name: "Install gettext for translations 🌐"
run: |
sudo apt-get install gettext
- name: Build package
run: |
python -m pip install -U pip build
python -m build
- name: Publish
uses: pypa/gh-action-pypi-publish@release/v1

- name: "Build and inspect package 📦"
uses: hynek/build-and-inspect-python-package@v2
id: baipp

- run: echo Packages can be found at ${{ steps.baipp.outputs.dist }}

release-pypi:
runs-on: ubuntu-latest
needs: [build-package]
steps:
- name: "Download PST built package 📦"
uses: actions/download-artifact@v4
with:
user: __token__
password: ${{ secrets.PYPI_KEY }}
name: PST-package
path: dist

- name: "Publish PST package to PyPI 🚀"
uses: pypa/gh-action-pypi-publish@release/v1
# only publish if this is a published release by pydata
if: github.repository_owner == 'pydata' && github.event_name == 'release' && github.event.action == 'published'
Loading