Skip to content

chore: bumping dependency for pip-audit warning fix (#322) #282

chore: bumping dependency for pip-audit warning fix (#322)

chore: bumping dependency for pip-audit warning fix (#322) #282

Workflow file for this run

name: Continuous Delivery of Python package
on:
push:
branches:
- main
workflow_dispatch:
inputs:
production_release:
description: "Production release?"
required: true
default: "true"
concurrency: release
permissions:
contents: write
packages: read
jobs:
ci-check-python:
name: Check Python
uses: ./.github/workflows/check-python.yaml
ci-build-python:
name: Build Python
uses: ./.github/workflows/build-python.yaml
needs: ci-check-python
release:
name: Release Library
needs: ci-build-python
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
# Fetch entire repository history so we can determine version number from it
fetch-depth: 0
- name: Install poetry
run: pipx install poetry
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.10"
cache: "poetry"
- name: Install dependencies
run: poetry install --no-interaction --no-root
- name: Get branch name
shell: bash
run: echo "branch=${GITHUB_REF#refs/heads/}" >> $GITHUB_OUTPUT
id: get_branch
- name: Set Git user as GitHub actions
run: git config --global user.email "actions@github.com" && git config --global user.name "github-actions"
- name: Create Continuous Deployment - Feature Branch
if: steps.get_branch.outputs.branch != 'main' && inputs.production_release != 'true'
run: |
poetry run semantic-release \
-v DEBUG \
--prerelease \
--patch \
--define=prerelease_tag=beta+${{ steps.get_branch.outputs.branch }} \
--define=branch=${{ steps.get_branch.outputs.branch }} \
publish
gh release edit --prerelease "$(git describe $(git rev-list --tags --max-count=1))"
# --define=upload_to_repository=true \
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPOSITORY_USERNAME: __token__
REPOSITORY_PASSWORD: ${{ secrets.PYPI_API_KEY }}
- name: Create Continuous Deployment - Beta (non-prod)
if: steps.get_branch.outputs.branch == 'main' && inputs.production_release != 'true'
run: |
poetry run semantic-release \
-v DEBUG \
--prerelease \
--define=branch=main \
publish
gh release edit --prerelease "v$(poetry run semantic-release print-version --current)"
# --define=upload_to_repository=true \
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPOSITORY_USERNAME: __token__
REPOSITORY_PASSWORD: ${{ secrets.PYPI_API_KEY }}
- name: Create Continuous Deployment - Production
if: steps.get_branch.outputs.branch == 'main' && inputs.production_release == 'true'
run: |
poetry run semantic-release \
-v DEBUG \
--define=version_source="commit" \
--define=patch_without_tag=true \
--define=upload_to_repository=true \
--define=branch=main \
publish
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPOSITORY_USERNAME: __token__
REPOSITORY_PASSWORD: ${{ secrets.PYPI_API_KEY }}
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: algokit-cli
path: dist/algokit*-py3-none-any.whl
if-no-files-found: error
cd-publish-release-packages:
name: Publish Release Packages
needs: release
# if: ${{ github.ref_name == 'chocolatey-package' }} && inputs.production_release != 'true' # used to test manual release from a branch
if: ${{ github.ref_name == 'main' && inputs.production_release == 'true' }} # Might want to adjust this to publish (pre-release) on merge as well.
uses: ./.github/workflows/publish-release-packages.yaml
with:
artifactName: algokit-cli
secrets: inherit