ci: Publish multiple wheel fix #9

Workflow file for this run

.github/workflows/publish.yaml at 13020fd

	name: Test & Release

	on:
	release:
	types: [published]

	pull_request:
	branches:
	- master

	permissions:
	contents: read

	jobs:
	linux:
	runs-on: ubuntu-latest
	permissions:
	id-token: write # ability to mint the OIDC token permission is necessary to persist the attestation
	contents: read
	attestations: write # persist the attestation
	strategy:
	matrix:
	platform: [ 'x86_64-unknown-linux-gnu', 'aarch64-unknown-linux-gnu' ]
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4
	with:
	egress-policy: block
	allowed-endpoints: >
	api.github.com:443
	cdn.quay.io:443
	cdn01.quay.io:443
	cdn02.quay.io:443
	cdn03.quay.io:443
	crates.io:443
	files.pythonhosted.org:443
	ghcr.io:443
	github.com:443
	index.crates.io:443
	objects.githubusercontent.com:443
	pkg-containers.githubusercontent.com:443
	pypi.org:443
	quay.io:443
	sh.rustup.rs:443
	static.crates.io:443
	static.rust-lang.org:443
	uploads.github.com:443

	- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
	- uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d
	with:
	python-version: 3.8
	architecture: x64

	- uses: PyO3/maturin-action@52b28abb0c6729beb388babfc348bf6ff5aaff31
	with:
	manylinux: auto
	target: ${{ matrix.platform }}
	command: build
	args: --release --sdist -o dist -i 3.8 3.9 3.10 3.11 3.12

	- name: Upload wheels
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # 4.3.3
	with:
	name: wheels-${{ matrix.platform }}
	path: dist/*.whl

	windows:
	runs-on: windows-latest
	permissions:
	id-token: write # ability to mint the OIDC token permission is necessary to persist the attestation
	contents: read
	attestations: write # persist the attestation
	strategy:
	matrix:
	target: [x64]
	python-version: ['3.8', '3.9', '3.10', '3.11', '3.12']
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4
	with:
	egress-policy: audit

	- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
	- uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d
	with:
	python-version: ${{ matrix.python-version }}

	- uses: PyO3/maturin-action@52b28abb0c6729beb388babfc348bf6ff5aaff31
	env:
	PYO3_PYTHON: python${{ matrix.python-version }}
	with:
	command: build
	args: --release -o dist

	- name: Upload wheels
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # 4.3.3
	with:
	name: wheels-${{ matrix.python-version }}-${{ matrix.target }}
	path: dist/*.whl

	macos:
	runs-on: macos-latest
	permissions:
	id-token: write # ability to mint the OIDC token permission is necessary to persist the attestation
	contents: read
	attestations: write # persist the attestation
	strategy:
	matrix:
	python-version: ['3.8', '3.9', '3.10', '3.11', '3.12']
	target: ['universal2', 'x86_64-apple-darwin']
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4
	with:
	egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

	- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
	- uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d
	with:
	python-version: ${{ matrix.python-version }}

	- name: Build wheels - ${{ matrix.target }}
	uses: PyO3/maturin-action@52b28abb0c6729beb388babfc348bf6ff5aaff31
	env:
	PYO3_PYTHON: python${{ matrix.python-version }}
	with:
	target: ${{ matrix.target }}
	command: build
	args: --release -o dist

	- name: Upload wheels
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # 4.3.3
	with:
	name: wheels-${{ matrix.python-version }}-${{ matrix.target }}
	path: dist/*.whl

	python-release-github:
	runs-on: ubuntu-latest
	needs: [ macos, windows, linux ]
	permissions:
	contents: write # To add assets to a release.
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.1.0
	with:
	disable-sudo: true
	egress-policy: block
	allowed-endpoints: >
	api.github.com:443
	github.com:443
	uploads.github.com:443
	static.rust-lang.org:443

	- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
	with:
	ref: ${{ github.head_ref }}

	- uses: dtolnay/rust-toolchain@d8352f6b1d2e870bc5716e7a6d9b65c4cc244a1a
	with:
	toolchain: "1.73.0"

	- name: Set up Python 3.8
	uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
	with:
	python-version: 3.8

	- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
	with:
	path: wheels
	pattern: wheels-*
	merge-multiple: true

	- name: Upload release binaries
	uses: alexellis/upload-assets@13926a61cdb2cb35f5fdef1c06b8b591523236d3
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	asset_paths: '["./wheels/tantivy-*"]'

	release-pypy:
	name: Release
	runs-on: ubuntu-latest
	needs: [ macos, windows, linux ]
	permissions:
	id-token: write # IMPORTANT: this permission is mandatory for trusted publishing
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4
	with:
	egress-policy: audit

	- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
	with:
	path: wheels
	pattern: wheels-*
	merge-multiple: true

	- name: Publish package distributions to Test PyPI
	uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14
	with:
	repository-url: https://test.pypi.org/legacy/
	packages-dir: wheels/
	skip-existing: true

	- name: Publish package distributions to PyPI
	if: always()
	uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14
	with:
	packages-dir: wheels/
	skip-existing: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci: Publish multiple wheel fix #9

Workflow file

ci: Publish multiple wheel fix #9

Jobs

Run details

Workflow file for this run