Skip to content

fix: attempt to repair release process #46

fix: attempt to repair release process

fix: attempt to repair release process #46

Workflow file for this run

name: Release
"on":
push:
branches: ["main", "release/**"]
concurrency:
group: deploy
cancel-in-progress: false # prevent hickups with semantic-release
env:
PYTHON_VERSION_DEFAULT: "3.10.8"
jobs:
release:
runs-on: ubuntu-latest
concurrency: release
permissions:
# NOTE: this enables trusted publishing.
# See https://github.com/pypa/gh-action-pypi-publish/tree/release/v1#trusted-publishing
# and https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/
id-token: write
contents: write
steps:
# NOTE: commits using GITHUB_TOKEN does not trigger workflows
- uses: actions/create-github-app-token@v1
id: trigger-token
with:
app-id: ${{ vars.TRIGGER_WORKFLOW_GH_APP_ID}}
private-key: ${{ secrets.TRIGGER_WORKFLOW_GH_APP_KEY }}
- uses: actions/checkout@v4
with:
fetch-depth: 0
repository: opentargets/gentropy
token: ${{ secrets.GITHUB_TOKEN }}
persist-credentials: false
- name: Python Semantic Release
id: semrelease
# v9.6.0 is required due to the python v3.12 in the newer version of semantic release action which
# breaks the poetry build command.
uses: python-semantic-release/python-semantic-release@v9.6.0
with:
github_token: ${{ steps.trigger-token.outputs.token }}
- name: Publish package to GitHub Release
uses: python-semantic-release/upload-to-gh-release@main
if: ${{ steps.semrelease.outputs.released }} == 'true'
with:
# NOTE: allow to start the workflow when push action on tag gets executed
# requires using GH_APP to authenitcate, otherwise push authorised with
# the GITHUB_TOKEN does not trigger the tag artifact workflow.
# see https://github.com/actions/create-github-app-token
github_token: ${{ secrets.GITHUB_TOKEN }}
tag: ${{ steps.semrelease.outputs.tag }}
- name: Store the distribution packages
uses: actions/upload-artifact@v4
with:
name: python-package-distributions
path: dist/
publish-to-pypi:
needs: release
name: >-
Publish 📦 in PyPI
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/p/gentropy
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- name: Install and configure Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
installer-parallel: true
- name: checkout on v1.7.0
uses: actions/checkout@v4
with:
ref: v1.7.0
- name: build
run: poetry build
- name: Publish distribution 📦 to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
publish-to-testpypi:
name: Publish 📦 in TestPyPI
needs: release
if: github.ref != 'refs/heads/main'
runs-on: ubuntu-latest
environment:
name: testpypi
url: https://test.pypi.org/p/gentropy
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Publish distribution 📦 to TestPyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
repository-url: https://test.pypi.org/legacy/
documentation:
needs: release
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION_DEFAULT }}
- name: Install and configure Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
installer-parallel: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v4
with:
path: .venv
key: |
venv-${{ runner.os }}-\
${{ env.PYTHON_VERSION_DEFAULT }}-\
${{ hashFiles('**/poetry.lock') }}
- name: Install dependencies
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
run: poetry install --no-interaction --no-root
- name: Install library
run: poetry install --without tests --no-interaction
- name: Publish docs
run: poetry run mkdocs gh-deploy --force