Steam-Sales-Analysis/.github/workflows/python-publish.yml at main · DataForgeOpenAIHub/Steam-Sales-Analysis · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
name: Publish Python 🐍 distribution 📦 to PyPI and TestPyPI

on:
  push:
    branches:
      - main
    paths:
      - 'steam_sales/**'
      - 'setup.py'
      - 'pyproject.toml'
      - 'MANIFEST.in'
      - 'setup.cfg'
      - 'requirements.txt'
  pull_request:
    types: [closed]  # To ensure it only runs on merged PRs
  workflow_dispatch:

permissions:
  contents: write

jobs:
  build:
    name: Build distribution 📦
    runs-on: ubuntu-latest

    outputs:
      new_tag: ${{ steps.tag_update_verification.outputs.new_tag }}

    steps:
    - uses: actions/checkout@v4

    - name: Set up Python
      uses: actions/setup-python@v5
      with:
        python-version: '3.x'

    - name: Install dependencies
      run: |
        python -m pip install --upgrade pip
        pip install build

    - name: Bump version and push tag
      id: taggerDryRun
      uses: anothrNick/github-tag-action@1.63.0 # Don't use @master or @v1 unless you're happy to test the latest version
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # if you don't want to set write permissions use a PAT token
        WITH_V: true
        DRY_RUN: true
        DEFAULT_BUMP: ${{ github.event.pull_request.merged_at && 'minor' || 'patch' }}  # Minor bump for merges, patch otherwise

    - name: Tag Update Verification
      id: tag_update_verification
      run: |
        echo "new_tag=${{ steps.taggerDryRun.outputs.new_tag }}" >> "$GITHUB_OUTPUT"
        echo "The current tag is: ${{ steps.taggerDryRun.outputs.tag }}"
        echo "The version increment was: ${{ steps.taggerDryRun.outputs.part }}"
        echo "The next tag version will be: ${{ steps.taggerDryRun.outputs.new_tag }}"

    - name: Minor version for each merge
      id: taggerFinal
      uses: anothrNick/github-tag-action@1.63.0
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        WITH_V: true
        DEFAULT_BUMP: ${{ github.event.pull_request.merged_at && 'minor' || 'patch' }}  # Minor bump for merges, patch otherwise

    - name: Build package
      run: python -m build

    - name: Store the distribution packages
      uses: actions/upload-artifact@v4
      with:
        name: python-package-distributions
        path: dist/
        retention-days: 7

  publish-to-testpypi:
    name: Publish to TestPyPI
    needs:
    - build
    runs-on: ubuntu-latest

    environment:
      name: testpypi
      url: https://test.pypi.org/p/steamstore-etl

    permissions:
      id-token: write  # IMPORTANT: mandatory for trusted publishing

    steps:
    - name: Download all the dists
      uses: actions/download-artifact@v4
      with:
        name: python-package-distributions
        path: dist/

    - name: Publish distribution 📦 to TestPyPI
      uses: pypa/gh-action-pypi-publish@release/v1
      with:
        repository-url: https://test.pypi.org/legacy/
        skip-existing: true


  publish-to-pypi:
    name: Publish to PyPI
    needs:
    - build
    runs-on: ubuntu-latest
    environment:
      name: pypi
      url: https://pypi.org/p/steamstore-etl
    permissions:
      id-token: write  # IMPORTANT: mandatory for trusted publishing

    steps:
    - name: Download all the dists
      uses: actions/download-artifact@v4
      with:
        name: python-package-distributions
        path: dist/

    - name: Publish distribution 📦 to PyPI
      uses: pypa/gh-action-pypi-publish@release/v1


  github-release:
    name: >-
      Sign the Python 🐍 distribution 📦 with Sigstore
      and upload them to GitHub Release
    needs:
      - build
      - publish-to-testpypi
      - publish-to-pypi
    runs-on: ubuntu-latest

    env:
      GITHUB_TOKEN: ${{ github.token }}
      new_tag: ${{needs.build.outputs.new_tag}}

    permissions:
      contents: write  # IMPORTANT: mandatory for making GitHub Releases
      id-token: write  # IMPORTANT: mandatory for sigstore

    steps:
    - name: Download all the dists
      uses: actions/download-artifact@v4
      with:
        name: python-package-distributions
        path: dist/

    - name: Sign the dists with Sigstore
      uses: sigstore/gh-action-sigstore-python@v2.1.1
      with:
        inputs: >-
          ./dist/*.tar.gz
          ./dist/*.whl

    - name: Create GitHub Release
      run: >-
        gh release create $new_tag --repo '${{ github.repository }}' --notes ""

    - name: Upload artifact signatures to GitHub Release
      # Upload to GitHub Release using the `gh` CLI.
      # `dist/` contains the built packages, and the
      # sigstore-produced signatures and certificates.
      run: >-
        gh release upload $new_tag dist/** --repo '${{ github.repository }}'