-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix: Set output variable correctly when incrementing tag (#71)
Signed-off-by: Matthew Watkins <[email protected]>
- Loading branch information
1 parent
bbf2d66
commit e57ecb0
Showing
2 changed files
with
226 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,222 @@ | ||
--- | ||
# SPDX-License-Identifier: Apache-2.0 | ||
# SPDX-FileCopyrightText: 2024 The Linux Foundation <https://linuxfoundation.org> | ||
|
||
name: "📦 Release and Publish" | ||
|
||
# GitHub/PyPI trusted publisher documentation: | ||
# https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/ | ||
|
||
# yamllint disable-line rule:truthy | ||
on: | ||
workflow_dispatch: | ||
pull_request: | ||
branches: [main, master] | ||
types: [closed] | ||
push: | ||
branches: [main, master] | ||
tags: | ||
- "v*.*.*" | ||
|
||
env: | ||
python-version: "3.10" | ||
package-path: "dist" | ||
|
||
### BUILD ### | ||
|
||
jobs: | ||
build: | ||
name: "🐍 Build Project" | ||
if: github.event.pull_request.merged == true || | ||
github.event.workflow_dispatch | ||
runs-on: ubuntu-latest | ||
permissions: | ||
contents: write | ||
# id-token: write | ||
outputs: | ||
publish: ${{ steps.build.outputs.publish }} | ||
|
||
steps: | ||
### BUILDING ### | ||
|
||
- name: "Checkout repository" | ||
uses: actions/checkout@v4 | ||
|
||
- name: "Setup Python" | ||
uses: actions/setup-python@v5 | ||
with: | ||
python-version: ${{ env.python-version }} | ||
|
||
- name: "Setup PDM for build commands" | ||
uses: pdm-project/setup-pdm@v4 | ||
with: | ||
python-version: ${{ env.python-version }} | ||
|
||
- name: "Report workflow/release metadata" | ||
id: release-metadata | ||
# yamllint disable-line rule:line-length | ||
uses: os-climate/devops-reusable-workflows/.github/actions/latest-semantic-tag@main | ||
|
||
- name: "🏷️ Create initial tag" | ||
id: set-initial-tag | ||
# needs: parse-tags | ||
if: steps.release-metadata.outputs.tag-missing == 'true' | ||
# https://github.com/softprops/action-gh-release | ||
uses: softprops/action-gh-release@v2 | ||
with: | ||
token: ${{ secrets.GITHUB_TOKEN }} | ||
prerelease: true | ||
tag_name: v0.0.1 | ||
|
||
- name: "Build with PDM backend" | ||
id: build | ||
# needs: release-metadata | ||
if: steps.release-metadata.outputs.tag-missing == 'false' | ||
run: | | ||
pdm build | ||
if ! (ls ${{ env.package-path }}/*.dev*.*); then | ||
echo "publish=true" >> "$GITHUB_OUTPUT" | ||
fi | ||
### SIGNING ### | ||
|
||
- name: "Sign packages with Sigstore" | ||
uses: sigstore/[email protected] | ||
env: | ||
package-path: ${{ env.package-path }} | ||
with: | ||
inputs: >- | ||
./${{ env.package-path }}/*.tar.gz | ||
./${{ env.package-path }}/*.whl | ||
- name: Store the distribution packages | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
name: ${{ github.ref_name }} | ||
path: ${{ env.package-path }} | ||
|
||
### PUBLISH GITHUB ### | ||
|
||
github: | ||
name: "📦 Publish to GitHub" | ||
# Only publish on tag pushes | ||
needs: build | ||
runs-on: ubuntu-latest | ||
permissions: | ||
# IMPORTANT: mandatory to publish artefacts | ||
contents: write | ||
steps: | ||
- name: "⬇ Download build artefacts" | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: ${{ github.ref_name }} | ||
path: ${{ env.package-path }} | ||
|
||
- name: "🌥️ Set environment variables" | ||
id: setenv | ||
run: | | ||
# vernum="${{ env.python-version }}.$(date +'%Y%m%d%H%M')" | ||
datetime="$(date +'%Y%m%d%H%M')" | ||
echo "datetime=${datetime}" >> "$GITHUB_OUTPUT" | ||
- name: "📦 Publish DEVELOPMENT artefacts to GitHub" | ||
if: startsWith(github.ref, 'refs/tags/') != true | ||
# https://github.com/softprops/action-gh-release | ||
uses: softprops/action-gh-release@v2 | ||
with: | ||
token: ${{ secrets.GITHUB_TOKEN }} | ||
prerelease: true | ||
tag_name: ${{ github.ref_name }}-dev | ||
name: "Test/Development Build: ${{ github.ref_name }}" | ||
# body_path: ${{ github.workspace }}/CHANGELOG.rst | ||
files: | | ||
${{ env.package-path }}/*.tar.gz | ||
${{ env.package-path }}/*.whl | ||
${{ env.package-path }}/*.sigstore* | ||
- name: "📦 Publish PRODUCTION artefacts to GitHub" | ||
if: startsWith(github.ref, 'refs/tags/') | ||
# https://github.com/softprops/action-gh-release | ||
uses: softprops/action-gh-release@v2 | ||
with: | ||
token: ${{ secrets.GITHUB_TOKEN }} | ||
prerelease: false | ||
tag_name: ${{ github.ref_name }} | ||
name: "Test/Development Build: ${{ github.ref_name }}" | ||
# body_path: ${{ github.workspace }}/CHANGELOG.rst | ||
files: | | ||
${{ env.package-path }}/*.tar.gz | ||
${{ env.package-path }}/*.whl | ||
${{ env.package-path }}/*.sigstore* | ||
### PUBLISH PYPI TEST ### | ||
|
||
testpypi: | ||
name: "📦 Test PyPI publishing" | ||
# Only publish on tag pushes | ||
# if: startsWith(github.ref, 'refs/tags/') | ||
needs: build | ||
runs-on: ubuntu-latest | ||
environment: | ||
name: testpypi | ||
permissions: | ||
# IMPORTANT: mandatory for trusted publishing | ||
id-token: write | ||
steps: | ||
- name: "⬇ Download build artefacts" | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: ${{ github.ref_name }} | ||
path: ${{ env.package-path }} | ||
|
||
- name: "Validate build artefacts" | ||
id: files | ||
run: | | ||
if [ -f ${{ env.package-path }}/buildvars.txt ]; then | ||
rm ${{ env.package-path }}/buildvars.txt | ||
fi | ||
if (ls ${{ env.package-path }}/*.sigstore*); then | ||
rm ${{ env.package-path }}/*.sigstore* | ||
fi | ||
- name: "Publish to test PyPI" | ||
uses: pypa/gh-action-pypi-publish@release/v1 | ||
with: | ||
repository-url: https://test.pypi.org/legacy/ | ||
verbose: true | ||
packages-dir: ${{ env.package-path }} | ||
|
||
### PUBLISH PYPI ### | ||
|
||
pypi: | ||
name: "📦 Publish to PyPI" | ||
# Only publish on tag pushes | ||
if: | ||
startsWith(github.ref, 'refs/tags/') && | ||
needs.build.outputs.publish == 'true' | ||
# contains(github.event.head_commit.message, '[release]') | ||
needs: [build, testpypi] | ||
runs-on: ubuntu-latest | ||
environment: | ||
name: pypi | ||
permissions: | ||
# IMPORTANT: mandatory for trusted publishing | ||
id-token: write | ||
steps: | ||
- name: "⬇ Download build artefacts" | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: ${{ github.ref_name }} | ||
path: ${{ env.package-path }} | ||
|
||
- name: "Remove files unsupported by PyPi" | ||
run: | | ||
if (ls ${{ env.package-path }}/*.sigstore*); then | ||
rm ${{ env.package-path }}/*.sigstore* | ||
fi | ||
# - name: "📦 Publish to PyPI" | ||
# uses: pypa/gh-action-pypi-publish@release/v1 | ||
# with: | ||
# verbose: true | ||
# packages-dir: ${{ env.package-path }} |