Skip to content
Snippets Groups Projects
release.yml 2.54 KiB
Newer Older
name: Build and publish Python distribution to PyPI and TestPyPI

on: push

jobs:
  build:
    name: Build distribution
    if: startsWith(github.ref, 'refs/tags/v') # only publish to PyPI on version tag pushes
    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v4
    - name: Set up Python
      uses: actions/setup-python@v5.1.1
      with:
        python-version: "3.x"

    - name: Install pypa/build
      run: python3 -m pip install build --user
    - name: Build a binary wheel and a source tarball
      run: python3 -m build
    - name: Store the distribution packages
      uses: actions/upload-artifact@v4
      with:
        name: python-package-distributions
        path: dist/

  publish-to-pypi:
    name: Publish Python distribution to PyPI
    if: startsWith(github.ref, 'refs/tags/v') # only publish to PyPI on version tag pushes
    needs:
    - build
    runs-on: ubuntu-latest
    environment:
      name: pypi
      url: https://pypi.org/p/mwclient
    permissions:
      id-token: write  # IMPORTANT: mandatory for trusted publishing

    steps:
    - name: Download all the dists
      uses: actions/download-artifact@v4
      with:
        name: python-package-distributions
        path: dist/
    - name: Publish distribution to PyPI
      uses: pypa/gh-action-pypi-publish@release/v1

  github-release:
    name: Sign the distribution with Sigstore and upload as a GitHub Release
    if: startsWith(github.ref, 'refs/tags/v') # only publish to GitHub on version tag pushes
    needs:
    - publish-to-pypi
    runs-on: ubuntu-latest

    permissions:
      contents: write  # IMPORTANT: mandatory for making GitHub Releases
      id-token: write  # IMPORTANT: mandatory for sigstore

    steps:
    - name: Download all the dists
      uses: actions/download-artifact@v4
      with:
        name: python-package-distributions
        path: dist/
    - name: Sign the dists with Sigstore
      uses: sigstore/gh-action-sigstore-python@v2.1.1
      with:
        inputs: ./dist/*.tar.gz ./dist/*.whl
    - name: Create GitHub Release
      env:
        GITHUB_TOKEN: ${{ github.token }}
      run: gh release create '${{ github.ref_name }}' --repo '${{ github.repository }}' --notes ""
    - name: Upload artifact signatures to GitHub Release
      env:
        GITHUB_TOKEN: ${{ github.token }}
      # Upload to GitHub Release using the `gh` CLI.
      # `dist/` contains the built packages, and the
      # sigstore-produced signatures and certificates.
      run: gh release upload '${{ github.ref_name }}' dist/** --repo '${{ github.repository }}'