Bump pypa/gh-action-pypi-publish from 1.11.0 to 1.12.2 #374
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and test wheels, release on new tag | |
permissions: | |
id-token: write | |
attestations: write | |
contents: read | |
env: | |
rustlib: rdp | |
wheelname: simplification | |
CIBW_BUILD_FRONTEND: build[uv] | |
on: [push, pull_request] | |
jobs: | |
get_latest_lib_tag: | |
name: Get latest Rust lib tag | |
runs-on: ubuntu-latest | |
outputs: | |
tag: ${{ steps.latest-tag.outputs.tag}} | |
steps: | |
- id: latest-tag | |
uses: oprypin/find-latest-tag@v1 | |
with: | |
repository: urschrei/${{ env.rustlib }} # The repository to scan. | |
releases-only: true # We know that all relevant tags have a GitHub release for them. | |
- run: echo "Latest lib tag ${{ steps.latest-tag.outputs.tag }}" | |
build_wheels: | |
name: Build wheels on ${{ matrix.os }} ${{ matrix.arch }} | |
needs: get_latest_lib_tag | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- os: ubuntu-latest | |
pybuilds: cp3{9,10,11,12,13}-manylinux_x86_64 | |
arch: x86_64 | |
id: linux | |
- os: ubuntu-latest | |
pybuilds: cp3{9,10,11,12,13}-manylinux_aarch64 | |
arch: aarch64 | |
id: linux_arm64 | |
- os: macos-latest | |
pybuilds: cp3{9,10,11,12,13}-macosx_x86_64 | |
arch: x86_64 | |
id: macos_x86 | |
- os: macos-latest | |
pybuilds: cp3{10,11,12,13}-macosx_arm64 | |
arch: arm64 | |
id: macos_arm64 | |
- os: windows-latest | |
pybuilds: cp3{9,10,11,12,13}-win_amd64 | |
arch: x86_64 | |
id: windows | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Optional, use if you use setuptools_scm | |
submodules: true # Optional, use if you have submodules | |
name: Check out repo | |
- name: Set up QEMU | |
if: matrix.id == 'linux_arm64' | |
uses: docker/setup-qemu-action@v3 | |
with: | |
platforms: all | |
- id: set-filename | |
name: Set compressed Rust lib filename to retrieve based on OS | |
run: | | |
if [ "${{ matrix.id }}" == "linux" ]; then | |
echo "filename=${{ env.rustlib }}-${{ needs.get_latest_lib_tag.outputs.tag }}-x86_64-unknown-linux-gnu.tar.gz" >> $GITHUB_ENV | |
elif [ "${{ matrix.id }}" == "linux_arm64" ]; then | |
echo "filename=${{ env.rustlib }}-${{ needs.get_latest_lib_tag.outputs.tag }}-aarch64-unknown-linux-gnu.tar.gz" >> $GITHUB_ENV | |
elif [ "${{ matrix.id }}" == "windows" ]; then | |
echo "filename=${{ env.rustlib }}-${{ needs.get_latest_lib_tag.outputs.tag }}-x86_64-pc-windows-msvc.tar.gz" >> $GITHUB_ENV | |
elif [ "${{ matrix.id }}" == "macos_arm64" ]; then | |
echo "filename=${{ env.rustlib }}-${{ needs.get_latest_lib_tag.outputs.tag }}-aarch64-apple-darwin.tar.gz" >> $GITHUB_ENV | |
elif [ "${{ matrix.id }}" == "macos_x86" ]; then | |
echo "filename=${{ env.rustlib }}-${{ needs.get_latest_lib_tag.outputs.tag }}-x86_64-apple-darwin.tar.gz" >> $GITHUB_ENV | |
fi | |
shell: bash | |
- id: get-rust-lib | |
uses: robinraju/[email protected] | |
name: Download latest Rust lib release | |
with: | |
token: ${{ secrets.RDP_RETRIEVAL }} | |
repository: urschrei/${{ env.rustlib }} | |
tag: ${{ needs.get_latest_lib_tag.outputs.tag }} | |
fileName: ${{ env.filename }} | |
out-file-path: rustlib | |
- name: Extract downloaded lib | |
run: | | |
tar -xvf "rustlib/${{ env.filename }}" -C src/${{ env.wheelname }} | |
mkdir wheelhouse | |
git status | |
shell: bash | |
- name: Install the latest version of uv | |
uses: astral-sh/setup-uv@v3 | |
with: | |
version: "latest" | |
- name: Build and Test Wheels | |
uses: pypa/[email protected] | |
env: | |
CIBW_TEST_REQUIRES: pytest | |
CIBW_TEST_COMMAND: 'pytest {package}' | |
CIBW_BUILD: ${{ matrix.pybuilds }} | |
CIBW_ARCHS_MACOS: ${{ matrix.arch }} | |
CIBW_ARCHS_LINUX: "auto aarch64" | |
CIBW_TEST_SKIP: "*:arm64" | |
- id: attest | |
name: Attest Build Provenance | |
uses: actions/attest-build-provenance@v1 | |
with: | |
subject-path: "./wheelhouse/*.whl" | |
- uses: actions/upload-artifact@v4 | |
name: Upload repaired wheels as artifact | |
with: | |
name: cibw-wheels-${{ matrix.os }}-${{ strategy.job-index }} | |
path: | | |
${{ steps.attest.outputs.bundle-path }} | |
./wheelhouse/*.whl | |
./wheelhouse/*.so | |
./wheelhouse/*.dylib | |
./wheelhouse/*.lib | |
./wheelhouse/*.dll | |
make_sdist: | |
name: Make SDist | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Optional, use if you use setuptools_scm | |
submodules: true # Optional, use if you have submodules | |
- name: Build SDist | |
run: pipx run build --sdist | |
- uses: actions/upload-artifact@v4 | |
with: | |
path: dist/*.tar.gz | |
release_artifacts: | |
if: github.event_name == 'push' && contains(github.ref, 'refs/tags/') | |
name: Release repaired and tested wheels | |
needs: build_wheels | |
runs-on: ubuntu-latest | |
environment: release | |
permissions: | |
# IMPORTANT: this permission is mandatory for trusted publishing | |
id-token: write | |
contents: write | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Optional, use if you use setuptools_scm | |
submodules: true # Optional, use if you have submodules | |
- name: Download compressed artifacts | |
id: download | |
uses: actions/download-artifact@v4 | |
with: | |
path: ./artifacts | |
merge-multiple: true | |
- name: Remove attestation dir, copy wheels into main dir, remove subdirs | |
run: | | |
rm -rf "${{ steps.download.outputs.download-path }}"/_temp | |
cp "${{ steps.download.outputs.download-path }}"/"${{ env.wheelname }}"/"${{ env.wheelname }}"/wheelhouse/*.whl ${{ steps.download.outputs.download-path }} | |
rm -rf "${{ steps.download.outputs.download-path }}"/"${{ env.wheelname }}" | |
shell: bash | |
- name: Display structure of downloaded files | |
run: ls -R ./artifacts | |
- name: Create release and upload wheels | |
uses: ncipollo/release-action@v1 | |
with: | |
allowUpdates: true | |
artifacts: "${{ steps.download.outputs.download-path }}/*.whl,${{ steps.download.outputs.download-path }}/*.gz,${{ steps.download.outputs.download-path }}/*.so,${{ steps.download.outputs.download-path }}/*.dylib,${{ steps.download.outputs.download-path }}/*.lib,${{ steps.download.outputs.download-path }}/*.dll" | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- name: PyPI Publish | |
uses: pypa/[email protected] | |
with: | |
packages-dir: ${{ steps.download.outputs.download-path }} | |