9.16.0 #15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: CI/CD | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - release/** | |
| # default token permissions = none | |
| permissions: {} | |
| jobs: | |
| eval-changes: | |
| name: Evaluate changes | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 100 # Must at least retrieve a set of commits to compare changes | |
| # primarily because of any 'Rebase and Merge' PR action in GitHub | |
| - name: Evaluate | Check common file types for changes | |
| id: core-changed-files | |
| uses: tj-actions/changed-files@v45.0.6 | |
| with: | |
| base_sha: ${{ github.event.push.before }} | |
| files_yaml_from_source_file: .github/changed-files-spec.yml | |
| - name: Evaluate | Check specific file types for changes | |
| id: ci-changed-files | |
| uses: tj-actions/changed-files@v45.0.6 | |
| with: | |
| base_sha: ${{ github.event.push.before }} | |
| files_yaml: | | |
| ci: | |
| - .github/workflows/cicd.yml | |
| - .github/workflows/validate.yml | |
| - name: Evaluate | Detect if any of the combinations of file sets have changed | |
| id: all-changes | |
| run: | | |
| printf '%s\n' "any_changed=false" >> $GITHUB_OUTPUT | |
| if [ "${{ steps.core-changed-files.outputs.build_any_changed }}" == "true" ] || \ | |
| [ "${{ steps.ci-changed-files.outputs.ci_any_changed }}" == "true" ] || \ | |
| [ "${{ steps.core-changed-files.outputs.docs_any_changed }}" == "true" ] || \ | |
| [ "${{ steps.core-changed-files.outputs.src_any_changed }}" == "true" ] || \ | |
| [ "${{ steps.core-changed-files.outputs.tests_any_changed }}" == "true" ]; then | |
| printf '%s\n' "any_changed=true" >> $GITHUB_OUTPUT | |
| fi | |
| outputs: | |
| any-file-changes: ${{ steps.all-changes.outputs.any_changed }} | |
| build-changes: ${{ steps.core-changed-files.outputs.build_any_changed }} | |
| ci-changes: ${{ steps.ci-changed-files.outputs.ci_any_changed }} | |
| doc-changes: ${{ steps.core-changed-files.outputs.docs_any_changed }} | |
| src-changes: ${{ steps.core-changed-files.outputs.src_any_changed }} | |
| test-changes: ${{ steps.core-changed-files.outputs.tests_any_changed }} | |
| validate: | |
| uses: ./.github/workflows/validate.yml | |
| needs: eval-changes | |
| with: | |
| python-versions-linux: '["3.8", "3.9", "3.10", "3.11", "3.12", "3.13"]' | |
| # Since the test suite takes ~4 minutes to complete on windows, and windows is billed higher | |
| # we are only going to run it on the oldest version of python we support. The older version | |
| # will be the most likely area to fail as newer minor versions maintain compatibility. | |
| python-versions-windows: '["3.8", "3.9", "3.10", "3.11", "3.12", "3.13"]' | |
| files-changed: ${{ needs.eval-changes.outputs.any-file-changes }} | |
| build-files-changed: ${{ needs.eval-changes.outputs.build-changes }} | |
| ci-files-changed: ${{ needs.eval-changes.outputs.ci-changes }} | |
| doc-files-changed: ${{ needs.eval-changes.outputs.doc-changes }} | |
| src-files-changed: ${{ needs.eval-changes.outputs.src-changes }} | |
| test-files-changed: ${{ needs.eval-changes.outputs.test-changes }} | |
| permissions: {} | |
| secrets: {} | |
| release: | |
| name: Semantic Release | |
| runs-on: ubuntu-latest | |
| concurrency: push | |
| needs: validate | |
| if: ${{ needs.validate.outputs.new-release-detected == 'true' }} | |
| permissions: | |
| contents: write | |
| env: | |
| GITHUB_ACTIONS_AUTHOR_NAME: github-actions | |
| GITHUB_ACTIONS_AUTHOR_EMAIL: actions@users.noreply.github.com | |
| steps: | |
| # Note: we need to checkout the repository at the workflow sha in case during the workflow | |
| # the branch was updated. To keep PSR working with the configured release branches, | |
| # we force a checkout of the desired release branch but at the workflow sha HEAD. | |
| - name: Setup | Checkout Repository at workflow sha | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.sha }} | |
| - name: Setup | Force correct release branch on workflow sha | |
| run: | | |
| git checkout -B ${{ github.ref_name }} | |
| - name: Setup | Download Build Artifacts | |
| uses: actions/download-artifact@v4 | |
| id: artifact-download | |
| with: | |
| name: ${{ needs.validate.outputs.distribution-artifacts }} | |
| path: dist | |
| - name: Release | Python Semantic Release | |
| id: release | |
| uses: ./ | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| root_options: "-v" | |
| build: false | |
| - name: Release | Add distribution artifacts to GitHub Release Assets | |
| uses: python-semantic-release/publish-action@v9.15.2 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| tag: ${{ steps.release.outputs.tag }} | |
| - name: Release | Update Minor Release Tag Reference | |
| if: steps.release.outputs.released == 'true' && steps.release.outputs.is_prerelease == 'false' | |
| env: | |
| FULL_VERSION_TAG: ${{ steps.release.outputs.tag }} | |
| GIT_COMMITTER_NAME: ${{ env.GITHUB_ACTIONS_AUTHOR_NAME }} | |
| GIT_COMMITTER_EMAIL: ${{ env.GITHUB_ACTIONS_AUTHOR_EMAIL }} | |
| run: | | |
| MINOR_VERSION_TAG="$(echo "$FULL_VERSION_TAG" | cut -d. -f1,2)" | |
| git tag --force --annotate "$MINOR_VERSION_TAG" "${FULL_VERSION_TAG}^{}" -m "$MINOR_VERSION_TAG" | |
| git push -u origin "$MINOR_VERSION_TAG" --force | |
| - name: Release | Update Major Release Tag Reference | |
| if: steps.release.outputs.released == 'true' && steps.release.outputs.is_prerelease == 'false' | |
| env: | |
| FULL_VERSION_TAG: ${{ steps.release.outputs.tag }} | |
| GIT_COMMITTER_NAME: ${{ env.GITHUB_ACTIONS_AUTHOR_NAME }} | |
| GIT_COMMITTER_EMAIL: ${{ env.GITHUB_ACTIONS_AUTHOR_EMAIL }} | |
| run: | | |
| MAJOR_VERSION_TAG="$(echo "$FULL_VERSION_TAG" | cut -d. -f1)" | |
| git tag --force --annotate "$MAJOR_VERSION_TAG" "${FULL_VERSION_TAG}^{}" -m "$MAJOR_VERSION_TAG" | |
| git push -u origin "$MAJOR_VERSION_TAG" --force | |
| outputs: | |
| released: ${{ steps.release.outputs.released }} | |
| tag: ${{ steps.release.outputs.tag }} | |
| deploy: | |
| name: Deploy | |
| runs-on: ubuntu-latest | |
| if: ${{ needs.release.outputs.released == 'true' && github.repository == 'python-semantic-release/python-semantic-release' }} | |
| needs: | |
| - validate | |
| - release | |
| environment: | |
| name: pypi | |
| url: https://pypi.org/project/python-semantic-release/ | |
| permissions: | |
| # https://docs.github.com/en/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#metadata | |
| id-token: write # needed for PyPI upload | |
| steps: | |
| # Note: we need to checkout the repository at the workflow sha in case during the workflow | |
| # the branch was updated. To keep PSR working with the configured release branches, | |
| # we force a checkout of the desired release branch but at the workflow sha HEAD. | |
| - name: Setup | Checkout Repository at workflow sha | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| ref: ${{ github.sha }} | |
| - name: Setup | Force correct release branch on workflow sha | |
| run: | | |
| git checkout -B ${{ github.ref_name }} | |
| - name: Setup | Download Build Artifacts | |
| uses: actions/download-artifact@v4 | |
| id: artifact-download | |
| with: | |
| name: ${{ needs.validate.outputs.distribution-artifacts }} | |
| path: dist | |
| # see https://docs.pypi.org/trusted-publishers/ | |
| - name: Publish package distributions to PyPI | |
| id: pypi-publish | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| verbose: true |