Skip to content

Create CNAME

Create CNAME #40

name: Publish Python Distribution to PyPI
on:
push:
branches:
- main
jobs:
version-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Get Latest Tag
id: get-latest-tag
uses: actions-ecosystem/[email protected]
with:
semver_only: true
with_initial_version: false
- name: Code vs Releases Version Check
id: release-info
run: |
RELEASE_VERSION=$(echo $LATEST_RELEASE | tr -d "v ")
VERSION=$(cat diplomat/__init__.py | grep "__version__" | cut -d "=" -f 2 | tr -d '" ')
if ! [[ "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]
then
echo "$VERSION is not a valid version!"
exit 1
fi
PROPOSED_TAG="v$VERSION"
echo "Python package version: $VERSION"
echo "Github release version: $RELEASE_VERSION"
echo "Next proposed tag: $PROPOSED_TAG"
echo "PYTHON_VERSION=$VERSION" >> "$GITHUB_OUTPUT"
echo "RELEASE_VERSION=$RELEASE_VERSION" >> "$GITHUB_OUTPUT"
echo "NEXT_TAG=$PROPOSED_TAG" >> "$GITHUB_OUTPUT"
env:
LATEST_RELEASE: ${{ steps.get-latest-tag.outputs.tag }}
outputs:
RELEASE_VERSION: ${{ steps.release-info.outputs.RELEASE_VERSION }}
PYTHON_VERSION: ${{ steps.release-info.outputs.PYTHON_VERSION }}
NEXT_TAG: ${{ steps.release-info.outputs.NEXT_TAG }}
build:
name: Build distribution
needs:
- version-check
if: "${{ needs.version-check.outputs.RELEASE_VERSION != needs.version-check.outputs.PYTHON_VERSION }}"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.x"
- name: Install pypa/build
run: python3 -m pip install build --user
- name: Build a binary wheel and a source tarball
run: python3 -m build
- name: Store the distribution packages
uses: actions/upload-artifact@v3
with:
name: python-package-distributions
path: dist/
outputs:
NEXT_TAG: "${{ needs.version-check.outputs.NEXT_TAG }}"
publish-to-pypi:
name: Publish Python distribution to PyPI
needs:
- build
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/p/diplomat-track # We'll call our package diplomat-track...
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- name: Download all the dists
uses: actions/download-artifact@v3
with:
name: python-package-distributions
path: dist/
- name: Publish distribution to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
skip-existing: true
outputs:
NEXT_TAG: "${{ needs.build.outputs.NEXT_TAG }}"
github-release:
name: Sign the Python distribution with Sigstore and upload them to GitHub Release
needs:
- publish-to-pypi
runs-on: ubuntu-latest
permissions:
contents: write # IMPORTANT: mandatory for making GitHub Releases
id-token: write # IMPORTANT: mandatory for sigstore
steps:
- name: Pull down release notes.
uses: actions/checkout@v3
with:
sparse-checkout: 'RELEASE_NOTES.md'
sparse-checkout-cone-mode: false
- name: Download all the dists
uses: actions/download-artifact@v3
with:
name: python-package-distributions
path: dist/
- name: Create GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
run: >-
gh release create
'${{ needs.publish-to-pypi.outputs.NEXT_TAG }}'
--title 'DIPLOMAT Release ${{ needs.publish-to-pypi.outputs.NEXT_TAG }}'
--repo '${{ github.repository }}'
--notes-file "RELEASE_NOTES.md"
- name: Upload artifact signatures to GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
# Upload to GitHub Release using the `gh` CLI.
# `dist/` contains the built packages, and the
# sigstore-produced signatures and certificates.
run: >-
gh release upload
'${{ needs.publish-to-pypi.outputs.NEXT_TAG }}' dist/**
--repo '${{ github.repository }}'