-
Notifications
You must be signed in to change notification settings - Fork 40
112 lines (104 loc) · 3.99 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
name: "Publish"
run-name: "Publish - ${{ inputs.package }} - ${{ inputs.deploy-to }} - ${{ github.actor }}"
on:
workflow_dispatch:
inputs:
package:
description: "Choose the package to publish"
type: choice
options:
- "dbt-adapters"
- "dbt-tests-adapter"
deploy-to:
description: "Choose whether to publish to test or prod"
type: environment
default: "prod"
branch:
description: "Choose the branch to publish from"
type: string
default: "main"
pypi-internal:
description: "Publish Internally"
type: boolean
default: true
pypi-public:
description: "Publish to PyPI"
type: boolean
default: false
# don't publish to the same target in parallel
concurrency:
group: ${{ github.workflow }}-${{ inputs.package }}-${{ inputs.deploy-to }}
cancel-in-progress: true
jobs:
unit-tests:
uses: ./.github/workflows/_unit-tests.yml
with:
package: ${{ inputs.package }}
branch: ${{ inputs.branch }}
generate-changelog:
needs: unit-tests
uses: ./.github/workflows/_generate-changelog.yml
with:
package: ${{ inputs.package }}
merge: ${{ inputs.deploy-to == 'prod' }}
branch: ${{ inputs.branch }}
secrets: inherit
publish-internal:
if: ${{ inputs.pypi-internal == true }}
needs: generate-changelog
uses: ./.github/workflows/_publish-internal.yml
with:
package: ${{ inputs.package }}
deploy-to: ${{ inputs.deploy-to }}
branch: ${{ needs.generate-changelog.outputs.branch-name }}
secrets: inherit
package:
if: ${{ inputs.pypi-public == true }}
uses: ./.github/workflows/_package-directory.yml
with:
package: ${{ inputs.package }}
publish:
needs: package
runs-on: ${{ vars.DEFAULT_RUNNER }}
environment:
name: ${{ inputs.deploy-to }}
url: ${{ vars.PYPI_PROJECT_URL }}/${{ inputs.package }}
permissions:
# this permission is required for trusted publishing
# see https://github.com/marketplace/actions/pypi-publish
id-token: write
steps:
- uses: actions/checkout@v4
with:
ref: ${{ inputs.branch }}
- uses: actions/setup-python@v5
with:
python-version: ${{ vars.DEFAULT_PYTHON_VERSION }}
- uses: pypa/hatch@install
# hatch will build using test PyPI first and fall back to prod PyPI when deploying to test
# this is done via environment variables in the test environment in GitHub
- run: hatch build && hatch run build:check-all
working-directory: ./${{ needs.package.outputs.directory }}
- uses: pypa/gh-action-pypi-publish@release/v1
with:
repository-url: ${{ vars.PYPI_REPOSITORY_URL }}
packages-dir: ./${{ needs.package.outputs.directory }}dist/
verify:
runs-on: ${{ vars.DEFAULT_RUNNER }}
needs: [package, publish]
# check the correct index
environment:
name: ${{ inputs.deploy-to }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ inputs.branch }}
- id: version
run: echo "version=$(hatch version)" >> $GITHUB_OUTPUT
working-directory: ./${{ needs.package.outputs.directory }}
- uses: nick-fields/retry@v3
with:
timeout_seconds: 10
retry_wait_seconds: 10
max_attempts: 15 # 5 minutes: (10s timeout + 10s delay) * 15 attempts
command: wget ${{ vars.PYPI_PROJECT_URL }}/${{ steps.version.outputs.version }}