From d8e1bb9a244d9d0ca19459c04655567a0b0e238a Mon Sep 17 00:00:00 2001 From: Eric Joanis Date: Tue, 9 Jul 2024 13:53:39 -0400 Subject: [PATCH] ci: publish on version tag push rather than release PR --- .github/workflows/matrix-tests.yml | 3 +- .github/workflows/pythonpublish.yml | 72 +++++++++++++++++------------ .github/workflows/tests.yml | 1 + 3 files changed, 46 insertions(+), 30 deletions(-) diff --git a/.github/workflows/matrix-tests.yml b/.github/workflows/matrix-tests.yml index 6fc31546..96445167 100644 --- a/.github/workflows/matrix-tests.yml +++ b/.github/workflows/matrix-tests.yml @@ -3,8 +3,9 @@ # to main or release, we want to exercise the full matrix. name: Run Matrix Tests on: + workflow_call: push: - branches: [main, release] + branches: main jobs: test: strategy: diff --git a/.github/workflows/pythonpublish.yml b/.github/workflows/pythonpublish.yml index 666e82d3..f08b057e 100644 --- a/.github/workflows/pythonpublish.yml +++ b/.github/workflows/pythonpublish.yml @@ -4,10 +4,25 @@ name: Upload Python Package on: push: - branches: [release] + tags: + - v[0-9]+.** jobs: - deploy: + tests: + uses: ./.github/workflows/tests.yml + secrets: inherit + + matrix-tests: + uses: ./.github/workflows/matrix-tests.yml + secrets: inherit + + publish: runs-on: ubuntu-latest + needs: + - tests + - matrix-tests + permissions: + contents: write # allows creating a GitHub Release + id-token: write # allows signing the dists with Sigstore steps: - uses: actions/checkout@v4 - name: Set up Python @@ -18,34 +33,33 @@ jobs: run: | python -m pip install --upgrade pip pip install build twine - - name: Build and publish - env: - TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }} - TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }} - run: | - python -m build --sdist --wheel - twine upload dist/* - - name: Determine tag - id: determine_tag - run: | - echo "TAG_VERSION=$(ls dist/readalongs-*.tar.gz | sed -e 's/.*readalongs-//' -e 's/.tar.gz.*//')" >> $GITHUB_OUTPUT - - name: Bump version and push tag - id: tag_version - uses: mathieudutour/github-tag-action@v6.1 + - name: Build + run: python -m build --sdist --wheel + + - name: Sign the dists with Sigstore + uses: sigstore/gh-action-sigstore-python@v1.2.3 with: - github_token: ${{ secrets.GITHUB_TOKEN }} - custom_tag: ${{ steps.determine_tag.outputs.TAG_VERSION }} - create_annotated_tag: true + inputs: >- + ./dist/*.tar.gz + ./dist/*.whl + + - name: Update CHANGELOG + id: changelog + uses: requarks/changelog-action@v1 + with: + token: ${{ github.token }} + tag: ${{ github.ref_name }} + - name: Create a GitHub release uses: ncipollo/release-action@v1 with: - tag: ${{ steps.tag_version.outputs.new_tag }} - name: Release ${{ steps.tag_version.outputs.new_tag }} - body: ${{ steps.tag_version.outputs.changelog }} - - name: Submit a PR for the bumped version - uses: peter-evans/create-pull-request@v4 - with: - commit-message: "chore: commit version" - delete-branch: true - base: main - add-paths: readalongs/_version.py + tag: ${{ github.ref_name }} + name: ${{ github.ref_name }} + body: ${{ steps.changelog.outputs.changes }} + token: ${{ github.token }} + + - name: Publish to PyPI + env: + TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }} + TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }} + run: twine upload dist/* diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 63405a5d..9f54f6f6 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -2,6 +2,7 @@ name: Run Tests on: - pull_request - push + - workflow_call jobs: test: