From e57ecb0f4ce958bd4f2fb2d88caf5f5384c14ee5 Mon Sep 17 00:00:00 2001 From: Modeseven Industrial Solutions Date: Sun, 28 Jul 2024 22:56:02 +0100 Subject: [PATCH] Fix: Set output variable correctly when incrementing tag (#71) Signed-off-by: Matthew Watkins --- .../semantic-tag-increment/action.yaml | 8 +- .github/workflows/release.yaml | 222 ++++++++++++++++++ 2 files changed, 226 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/release.yaml diff --git a/.github/actions/semantic-tag-increment/action.yaml b/.github/actions/semantic-tag-increment/action.yaml index 9cdc7e0..e29aa14 100644 --- a/.github/actions/semantic-tag-increment/action.yaml +++ b/.github/actions/semantic-tag-increment/action.yaml @@ -9,15 +9,15 @@ inputs: description: "The existing semantic tag to be incremented" required: true type: - description: "The type of increment to perform [ major|minor|patch ]" - required: true + description: "Increment to perform [major|minor|patch]" + required: false default: "patch" outputs: incremented: #Β Any single/leading non-numeric "v" character will be stripped description: "The incremented semantic tag [purely numeric]" - value: ${{ steps.increment.outputs.incremented }} + value: ${{ steps.increment-tag.outputs.incremented }} runs: using: "composite" @@ -53,7 +53,7 @@ runs: if ! [[ "$TAG" =~ $PATTERN ]]; then echo "Invalid semantic tag"; exit 1 else - echo "Supplied tag: $TAG" + echo "Numeric tag: $TAG" fi REGEX='[^0-9]*\([0-9]*\)[.]\([0-9]*\)[.]\([0-9]*\)\([0-9A-Za-z-]*\)' diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..7d51128 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,222 @@ +--- +# SPDX-License-Identifier: Apache-2.0 +# SPDX-FileCopyrightText: 2024 The Linux Foundation + +name: "πŸ“¦ Release and Publish" + +# GitHub/PyPI trusted publisher documentation: +# https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/ + +# yamllint disable-line rule:truthy +on: + workflow_dispatch: + pull_request: + branches: [main, master] + types: [closed] + push: + branches: [main, master] + tags: + - "v*.*.*" + +env: + python-version: "3.10" + package-path: "dist" + +### BUILD ### + +jobs: + build: + name: "🐍 Build Project" + if: github.event.pull_request.merged == true || + github.event.workflow_dispatch + runs-on: ubuntu-latest + permissions: + contents: write + # id-token: write + outputs: + publish: ${{ steps.build.outputs.publish }} + + steps: + ### BUILDING ### + + - name: "Checkout repository" + uses: actions/checkout@v4 + + - name: "Setup Python" + uses: actions/setup-python@v5 + with: + python-version: ${{ env.python-version }} + + - name: "Setup PDM for build commands" + uses: pdm-project/setup-pdm@v4 + with: + python-version: ${{ env.python-version }} + + - name: "Report workflow/release metadata" + id: release-metadata + # yamllint disable-line rule:line-length + uses: os-climate/devops-reusable-workflows/.github/actions/latest-semantic-tag@main + + - name: "🏷️ Create initial tag" + id: set-initial-tag + # needs: parse-tags + if: steps.release-metadata.outputs.tag-missing == 'true' + # https://github.com/softprops/action-gh-release + uses: softprops/action-gh-release@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + prerelease: true + tag_name: v0.0.1 + + - name: "Build with PDM backend" + id: build + # needs: release-metadata + if: steps.release-metadata.outputs.tag-missing == 'false' + run: | + pdm build + if ! (ls ${{ env.package-path }}/*.dev*.*); then + echo "publish=true" >> "$GITHUB_OUTPUT" + fi + + ### SIGNING ### + + - name: "Sign packages with Sigstore" + uses: sigstore/gh-action-sigstore-python@v3.0.0 + env: + package-path: ${{ env.package-path }} + with: + inputs: >- + ./${{ env.package-path }}/*.tar.gz + ./${{ env.package-path }}/*.whl + + - name: Store the distribution packages + uses: actions/upload-artifact@v4 + with: + name: ${{ github.ref_name }} + path: ${{ env.package-path }} + + ### PUBLISH GITHUB ### + + github: + name: "πŸ“¦ Publish to GitHub" + # Only publish on tag pushes + needs: build + runs-on: ubuntu-latest + permissions: + # IMPORTANT: mandatory to publish artefacts + contents: write + steps: + - name: "⬇ Download build artefacts" + uses: actions/download-artifact@v4 + with: + name: ${{ github.ref_name }} + path: ${{ env.package-path }} + + - name: "πŸŒ₯️ Set environment variables" + id: setenv + run: | + # vernum="${{ env.python-version }}.$(date +'%Y%m%d%H%M')" + datetime="$(date +'%Y%m%d%H%M')" + echo "datetime=${datetime}" >> "$GITHUB_OUTPUT" + + - name: "πŸ“¦ Publish DEVELOPMENT artefacts to GitHub" + if: startsWith(github.ref, 'refs/tags/') != true + # https://github.com/softprops/action-gh-release + uses: softprops/action-gh-release@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + prerelease: true + tag_name: ${{ github.ref_name }}-dev + name: "Test/Development Build: ${{ github.ref_name }}" + # body_path: ${{ github.workspace }}/CHANGELOG.rst + files: | + ${{ env.package-path }}/*.tar.gz + ${{ env.package-path }}/*.whl + ${{ env.package-path }}/*.sigstore* + + - name: "πŸ“¦ Publish PRODUCTION artefacts to GitHub" + if: startsWith(github.ref, 'refs/tags/') + # https://github.com/softprops/action-gh-release + uses: softprops/action-gh-release@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + prerelease: false + tag_name: ${{ github.ref_name }} + name: "Test/Development Build: ${{ github.ref_name }}" + # body_path: ${{ github.workspace }}/CHANGELOG.rst + files: | + ${{ env.package-path }}/*.tar.gz + ${{ env.package-path }}/*.whl + ${{ env.package-path }}/*.sigstore* + + ### PUBLISH PYPI TEST ### + + testpypi: + name: "πŸ“¦ Test PyPI publishing" + # Only publish on tag pushes + # if: startsWith(github.ref, 'refs/tags/') + needs: build + runs-on: ubuntu-latest + environment: + name: testpypi + permissions: + # IMPORTANT: mandatory for trusted publishing + id-token: write + steps: + - name: "⬇ Download build artefacts" + uses: actions/download-artifact@v4 + with: + name: ${{ github.ref_name }} + path: ${{ env.package-path }} + + - name: "Validate build artefacts" + id: files + run: | + if [ -f ${{ env.package-path }}/buildvars.txt ]; then + rm ${{ env.package-path }}/buildvars.txt + fi + if (ls ${{ env.package-path }}/*.sigstore*); then + rm ${{ env.package-path }}/*.sigstore* + fi + + - name: "Publish to test PyPI" + uses: pypa/gh-action-pypi-publish@release/v1 + with: + repository-url: https://test.pypi.org/legacy/ + verbose: true + packages-dir: ${{ env.package-path }} + + ### PUBLISH PYPI ### + + pypi: + name: "πŸ“¦ Publish to PyPI" + # Only publish on tag pushes + if: + startsWith(github.ref, 'refs/tags/') && + needs.build.outputs.publish == 'true' + # contains(github.event.head_commit.message, '[release]') + needs: [build, testpypi] + runs-on: ubuntu-latest + environment: + name: pypi + permissions: + # IMPORTANT: mandatory for trusted publishing + id-token: write + steps: + - name: "⬇ Download build artefacts" + uses: actions/download-artifact@v4 + with: + name: ${{ github.ref_name }} + path: ${{ env.package-path }} + + - name: "Remove files unsupported by PyPi" + run: | + if (ls ${{ env.package-path }}/*.sigstore*); then + rm ${{ env.package-path }}/*.sigstore* + fi + +# - name: "πŸ“¦ Publish to PyPI" +# uses: pypa/gh-action-pypi-publish@release/v1 +# with: +# verbose: true +# packages-dir: ${{ env.package-path }}