-
Notifications
You must be signed in to change notification settings - Fork 3
128 lines (110 loc) · 4.31 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
name: publish
on:
workflow_dispatch:
inputs:
VERSION:
description: "The version to release"
required: true
IS_PRE_RELEASE:
description: "It IS a pre-release"
required: true
default: false
type: boolean
jobs:
bump: # This job is used to bump the version and create a release
runs-on: ubuntu-latest
env:
VERSION: ${{ inputs.VERSION }}
GH_TOKEN: ${{ github.token }}
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
permissions:
contents: write
steps:
- name: set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: install dependencies
run: |
pip install --upgrade pip
pip install build hatch
- name: configure git with the bot credentials
run: |
mkdir -p ~/.ssh
ssh-keyscan github.com >> ~/.ssh/known_hosts
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
ssh-add - <<< "${{ secrets.BOT_SSH_KEY }}"
echo "${{ secrets.BOT_SIGNING_KEY }}" > ~/.ssh/signing.key
chmod 600 ~/.ssh/signing.key
git config --global user.name "Merschbotmann"
git config --global user.email "bot.merschformann@gmail.com"
git config --global gpg.format ssh
git config --global user.signingkey ~/.ssh/signing.key
git clone git@github.com:merschformann/brickmos.git
- name: upgrade version with hatch
run: hatch version ${{ env.VERSION }}
working-directory: ./brickmos
- name: commit new version
run: |
git add brickmos/__about__.py
git commit -S -m "Bump version to $VERSION"
git push
git tag $VERSION
git push origin $VERSION
working-directory: ./brickmos
- name: create release
run: |
PRERELEASE_FLAG=""
if [ ${{ inputs.IS_PRE_RELEASE }} = true ]; then
PRERELEASE_FLAG="--prerelease"
fi
gh release create $VERSION \
--verify-tag \
--generate-notes \
--title $VERSION $PRERELEASE_FLAG
working-directory: ./brickmos
- name: ensure passing build
run: python -m build
working-directory: ./brickmos
publish: # This job is used to publish the release to PyPI/TestPyPI
runs-on: ubuntu-latest
needs: bump
strategy:
matrix:
include:
- target-env: pypi
target-url: https://pypi.org/p/brickmos
- target-env: testpypi
target-url: https://test.pypi.org/p/brickmos
environment:
name: ${{ matrix.target-env }}
url: ${{ matrix.target-url }}
permissions:
contents: read
id-token: write # This is required for trusted publishing to PyPI
steps:
- name: git clone main
uses: actions/checkout@v4
with:
ref: main
- name: set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: install dependencies
run: |
pip install --upgrade pip
pip install build hatch
- name: build binary wheel and source tarball
run: python -m build
- name: Publish package distributions to PyPI
if: ${{ matrix.target-env == 'pypi' }}
uses: pypa/gh-action-pypi-publish@release/v1
with:
packages-dir: ./dist
- name: Publish package distributions to TestPyPI
if: ${{ matrix.target-env == 'testpypi' }}
uses: pypa/gh-action-pypi-publish@release/v1
with:
repository-url: https://test.pypi.org/legacy/
packages-dir: ./dist