Skip to content

Commit

Permalink
Update package-release workflow to prevent marking the workflow as fa…
Browse files Browse the repository at this point in the history
…iled if the deployment is rejected (#84)
  • Loading branch information
nfelt14 authored Sep 9, 2024
1 parent 70b9e53 commit 55821c1
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 8 deletions.
27 changes: 19 additions & 8 deletions .github/workflows/_reusable-package-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,7 @@ jobs:
if: github.repository == inputs.repo-name && github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
environment: package-release-gate
continue-on-error: true
permissions:
id-token: write
contents: write
Expand Down Expand Up @@ -153,14 +154,20 @@ jobs:
git_committer_name: ${{ inputs.commit-user-name }}
ssh_public_signing_key: ${{ secrets.ssh-signing-key-public }}
ssh_private_signing_key: ${{ secrets.ssh-signing-key-private }}
- name: Mark the release as approved
id: set-approved
if: ${{ steps.release.conclusion == 'success' }}
run: echo "approved=true" >> "$GITHUB_OUTPUT"
outputs:
built-version: ${{ steps.release.outputs.version }}
approved: ${{ steps.set-approved.outputs.approved }}
# Build the newly updated package
pypi-build:
name: Build package
needs: [print-inputs, bump-version]
if: inputs.build-and-publish-python-package && github.repository == inputs.repo-name
&& github.ref == 'refs/heads/main'
&& github.ref == 'refs/heads/main' && needs.bump-version.outputs.approved ==
'true'
runs-on: ubuntu-latest
permissions:
id-token: write
Expand All @@ -177,9 +184,10 @@ jobs:
# Upload the official package version to TestPyPI
upload-testpypi:
name: Upload package to TestPyPI
needs: [print-inputs, pypi-build]
needs: [print-inputs, bump-version, pypi-build]
if: inputs.build-and-publish-python-package && github.repository == inputs.repo-name
&& github.ref == 'refs/heads/main'
&& github.ref == 'refs/heads/main' && needs.bump-version.outputs.approved ==
'true'
runs-on: ubuntu-latest
environment: package-testpypi
permissions:
Expand All @@ -198,9 +206,10 @@ jobs:
# Upload the official package version to PyPI
upload-pypi:
name: Upload package to PyPI
needs: [print-inputs, upload-testpypi]
needs: [print-inputs, bump-version, upload-testpypi]
if: inputs.build-and-publish-python-package && github.repository == inputs.repo-name
&& github.ref == 'refs/heads/main'
&& github.ref == 'refs/heads/main' && needs.bump-version.outputs.approved ==
'true'
runs-on: ubuntu-latest
environment: package-release
permissions:
Expand All @@ -218,9 +227,10 @@ jobs:
# Upload the official package binaries to the GitHub Release
upload-github:
name: Upload package to GitHub Release
needs: [print-inputs, upload-pypi]
needs: [print-inputs, bump-version, upload-pypi]
if: inputs.build-and-publish-python-package && github.repository == inputs.repo-name
&& github.ref == 'refs/heads/main'
&& github.ref == 'refs/heads/main' && needs.bump-version.outputs.approved ==
'true'
runs-on: ubuntu-latest
permissions:
id-token: write
Expand Down Expand Up @@ -251,7 +261,8 @@ jobs:
- upload-pypi
- upload-github
if: inputs.build-and-publish-python-package && github.repository == inputs.repo-name
&& github.ref == 'refs/heads/main'
&& github.ref == 'refs/heads/main' && needs.bump-version.outputs.approved ==
'true'
runs-on: ${{ matrix.os-name }}-latest
permissions: {}
strategy:
Expand Down
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ Things to be included in the next release go here.
- Bumped dependency versions.
- Changed the `_reusable-update-python-and-pre-commit-dependencies.yml` workflow to no longer only work on PRs from Dependabot, users will now need to apply any conditional login in the calling workflow.
- Updated the `_reusable-update-python-and-pre-commit-dependencies.yml` workflow to allow using [`renovate`](https://docs.renovatebot.com/) instead of Dependabot to update dependencies.
- Updated the `_reusable-package-release.yml` workflow to not show as failed if the `bump-release` deployment is rejected by a reviewer.

---

Expand Down

0 comments on commit 55821c1

Please sign in to comment.