.github/workflows/deploy.yaml

# GitHub Actions Workflow for Deployment

name: Deploy

on:
  workflow_call:
    inputs:
      deploy_env:
        type: string
        required: true
        description: Deployment Environment
      artifacts_path:
        type: string
        required: true

permissions:
  contents: read

# -----BEGIN Environment Variables-----

# Environment variables required for deployment:
#
# - PYPI_PASSWORD := PyPI password or API token.
# - PYPI_USERNAME := PyPI username. For API tokens, use "__token__".
# - TWINE_NON_INTERACTIVE := Do not interactively prompt for credentials if they are missing.
# - TWINE_REPOSITORY_URL := The repository (package index) URL to register the package to.

env:
  PYTHON_VIRTUALENV_ACTIVATE: venv/bin/activate

# -----END Environment Variables-----

jobs:
  deploy:
    name: Deploy
    runs-on: ubuntu-22.04
    environment: ${{ inputs.deploy_env }}

    steps:
      - name: Check Out VCS Repository
        uses: actions/checkout@v4.2.0

      - name: Set Up Python
        id: set_up_python
        uses: actions/setup-python@v5.2.0
        with:
          python-version: "3.10.9"

      - name: Restoring/Saving Cache
        uses: actions/cache@v4.0.2
        with:
          path: "venv"
          key: py-v1-deps-${{ runner.os }}-${{ steps.set_up_python.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements-dev.txt') }}-${{ hashFiles('Makefile', 'make/**.mk') }}

      - name: Restore Artifacts (Release)
        uses: actions/download-artifact@v4.1.8
        with:
          name: release
          path: ${{ inputs.artifacts_path }}/

      - name: Deploy
        run: |
          source "$PYTHON_VIRTUALENV_ACTIVATE"
          make deploy \
            TWINE_USERNAME="${PYPI_USERNAME:?}" \
            TWINE_PASSWORD="${PYPI_PASSWORD:?}"
        env:
          PYPI_USERNAME: ${{ vars.PYPI_USERNAME }}
          PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
          TWINE_NON_INTERACTIVE: "true"
          TWINE_REPOSITORY_URL: https://upload.pypi.org/legacy/