-
Notifications
You must be signed in to change notification settings - Fork 9
145 lines (130 loc) · 4.73 KB
/
release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
name: Release
"on":
push:
branches: ["main", "release/**"]
concurrency:
group: deploy
cancel-in-progress: false # prevent hickups with semantic-release
env:
PYTHON_VERSION_DEFAULT: "3.10.8"
jobs:
release:
runs-on: ubuntu-latest
concurrency: release
permissions:
# NOTE: this enables trusted publishing.
# See https://github.com/pypa/gh-action-pypi-publish/tree/release/v1#trusted-publishing
# and https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/
id-token: write
contents: write
steps:
# NOTE: commits using GITHUB_TOKEN does not trigger workflows
- uses: actions/create-github-app-token@v1
id: trigger-token
with:
app-id: ${{ vars.TRIGGER_WORKFLOW_GH_APP_ID}}
private-key: ${{ secrets.TRIGGER_WORKFLOW_GH_APP_KEY }}
- uses: actions/checkout@v4
with:
fetch-depth: 0
repository: opentargets/gentropy
token: ${{ secrets.GITHUB_TOKEN }}
persist-credentials: false
- name: Python Semantic Release
id: semrelease
# v9.6.0 is required due to the python v3.12 in the newer version of semantic release action which
# breaks the poetry build command.
uses: python-semantic-release/python-semantic-release@v9.6.0
with:
github_token: ${{ steps.trigger-token.outputs.token }}
- name: Publish package to GitHub Release
uses: python-semantic-release/upload-to-gh-release@main
if: ${{ steps.semrelease.outputs.released == 'true' }}
with:
# NOTE: allow to start the workflow when push action on tag gets executed
# requires using GH_APP to authenitcate, otherwise push authorised with
# the GITHUB_TOKEN does not trigger the tag artifact workflow.
# see https://github.com/actions/create-github-app-token
github_token: ${{ secrets.GITHUB_TOKEN }}
tag: ${{ steps.semrelease.outputs.tag }}
- name: Debug
run: echo "Released ${{ steps.semrelease.outputs.released }}"
- name: Store the distribution packages
uses: actions/upload-artifact@v4
with:
name: python-package-distributions
path: dist/
# publish-to-pypi:
# needs: release
# name: >-
# Publish 📦 in PyPI
# if: github.ref == 'refs/heads/main'
# runs-on: ubuntu-latest
# environment:
# name: pypi
# url: https://pypi.org/p/gentropy
# permissions:
# id-token: write # IMPORTANT: mandatory for trusted publishing
# steps:
# - name: Download all the dists
# uses: actions/download-artifact@v4
# with:
# name: python-package-distributions
# path: dist/
# - name: Publish distribution 📦 to PyPI
# uses: pypa/gh-action-pypi-publish@release/v1
# publish-to-testpypi:
# name: Publish 📦 in TestPyPI
# needs: release
# if: github.ref != 'refs/heads/main'
# runs-on: ubuntu-latest
# environment:
# name: testpypi
# url: https://test.pypi.org/p/gentropy
# permissions:
# id-token: write # IMPORTANT: mandatory for trusted publishing
# steps:
# - name: Download all the dists
# uses: actions/download-artifact@v4
# with:
# name: python-package-distributions
# path: dist/
# - name: Publish distribution 📦 to TestPyPI
# uses: pypa/gh-action-pypi-publish@release/v1
# with:
# repository-url: https://test.pypi.org/legacy/
# documentation:
# needs: release
# runs-on: ubuntu-latest
# if: github.ref == 'refs/heads/main'
# steps:
# - uses: actions/checkout@v4
# with:
# fetch-depth: 0
# token: ${{ secrets.GITHUB_TOKEN }}
# - name: Set up Python
# uses: actions/setup-python@v4
# with:
# python-version: ${{ env.PYTHON_VERSION_DEFAULT }}
# - name: Install and configure Poetry
# uses: snok/install-poetry@v1
# with:
# virtualenvs-create: true
# virtualenvs-in-project: true
# installer-parallel: true
# - name: Load cached venv
# id: cached-poetry-dependencies
# uses: actions/cache@v4
# with:
# path: .venv
# key: |
# venv-${{ runner.os }}-\
# ${{ env.PYTHON_VERSION_DEFAULT }}-\
# ${{ hashFiles('**/poetry.lock') }}
# - name: Install dependencies
# if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
# run: poetry install --no-interaction --no-root
# - name: Install library
# run: poetry install --without tests --no-interaction
# - name: Publish docs
# run: poetry run mkdocs gh-deploy --force