-
Notifications
You must be signed in to change notification settings - Fork 9
149 lines (135 loc) · 4.69 KB
/
release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
name: Release
"on":
push:
branches: ["main", "release/**"]
concurrency:
group: deploy
cancel-in-progress: false # prevent hickups with semantic-release
env:
PYTHON_VERSION_DEFAULT: "3.10.8"
jobs:
release:
runs-on: ubuntu-latest
concurrency: release
permissions:
# NOTE: this enables trusted publishing.
# See https://github.com/pypa/gh-action-pypi-publish/tree/release/v1#trusted-publishing
# and https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/
id-token: write
contents: write
steps:
# NOTE: commits using GITHUB_TOKEN does not trigger workflows
- uses: actions/create-github-app-token@v1
id: trigger-token
with:
app-id: ${{ vars.TRIGGER_WORKFLOW_GH_APP_ID}}
private-key: ${{ secrets.TRIGGER_WORKFLOW_GH_APP_KEY }}
- uses: actions/checkout@v4
with:
fetch-depth: 0
repository: opentargets/gentropy
token: ${{ secrets.GITHUB_TOKEN }}
persist-credentials: false
- name: Python Semantic Release
id: semrelease
# v9.6.0 is required due to the python v3.12 in the newer version of semantic release action which
# breaks the poetry build command.
uses: python-semantic-release/python-semantic-release@v9.6.0
with:
github_token: ${{ steps.trigger-token.outputs.token }}
- name: Publish package to GitHub Release
uses: python-semantic-release/upload-to-gh-release@main
if: ${{ steps.semrelease.outputs.released }} == 'true'
with:
# NOTE: allow to start the workflow when push action on tag gets executed
# requires using GH_APP to authenitcate, otherwise push authorised with
# the GITHUB_TOKEN does not trigger the tag artifact workflow.
# see https://github.com/actions/create-github-app-token
github_token: ${{ secrets.GITHUB_TOKEN }}
tag: ${{ steps.semrelease.outputs.tag }}
- name: Store the distribution packages
uses: actions/upload-artifact@v4
with:
name: python-package-distributions
path: dist/
publish-to-pypi:
needs: release
name: >-
Publish 📦 in PyPI
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/p/gentropy
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- name: Install and configure Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
installer-parallel: true
- name: checkout on v1.7.0
uses: actions/checkout@v4
with:
ref: v1.7.0
- name: build
run: poetry build
- name: Publish distribution 📦 to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
publish-to-testpypi:
name: Publish 📦 in TestPyPI
needs: release
if: github.ref != 'refs/heads/main'
runs-on: ubuntu-latest
environment:
name: testpypi
url: https://test.pypi.org/p/gentropy
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Publish distribution 📦 to TestPyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
repository-url: https://test.pypi.org/legacy/
documentation:
needs: release
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION_DEFAULT }}
- name: Install and configure Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
installer-parallel: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v4
with:
path: .venv
key: |
venv-${{ runner.os }}-\
${{ env.PYTHON_VERSION_DEFAULT }}-\
${{ hashFiles('**/poetry.lock') }}
- name: Install dependencies
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
run: poetry install --no-interaction --no-root
- name: Install library
run: poetry install --without tests --no-interaction
- name: Publish docs
run: poetry run mkdocs gh-deploy --force