Skip to content
Snippets Groups Projects
Normal view Permalink
release.yml 2.54 KiB
Newer Older
Adam Williamson's avatar
Add a GitHub Actions-based release workflow
Adam Williamson committed
1 2 3 4 5 6 7 8 9 10 11 12 13 
name: Build and publish Python distribution to PyPI and TestPyPI

on: push

jobs:
  build:
    name: Build distribution
    if: startsWith(github.ref, 'refs/tags/v') # only publish to PyPI on version tag pushes
    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v4
    - name: Set up Python
dependabot[bot]'s avatar
Bump actions/setup-python from 5.1.0 to 5.1.1  
dependabot[bot] committed
14 
      uses: actions/setup-python@v5.1.1
Adam Williamson's avatar
Add a GitHub Actions-based release workflow
Adam Williamson committed
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 
      with:
        python-version: "3.x"

    - name: Install pypa/build
      run: python3 -m pip install build --user
    - name: Build a binary wheel and a source tarball
      run: python3 -m build
    - name: Store the distribution packages
      uses: actions/upload-artifact@v4
      with:
        name: python-package-distributions
        path: dist/

  publish-to-pypi:
    name: Publish Python distribution to PyPI
    if: startsWith(github.ref, 'refs/tags/v') # only publish to PyPI on version tag pushes
    needs:
    - build
    runs-on: ubuntu-latest
    environment:
      name: pypi
      url: https://pypi.org/p/mwclient
    permissions:
      id-token: write  # IMPORTANT: mandatory for trusted publishing

    steps:
    - name: Download all the dists
      uses: actions/download-artifact@v4
      with:
        name: python-package-distributions
        path: dist/
    - name: Publish distribution to PyPI
      uses: pypa/gh-action-pypi-publish@release/v1
Adam Williamson's avatar
Add a sign/GH release job to the release workflow  
Adam Williamson committed
48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 

  github-release:
    name: Sign the distribution with Sigstore and upload as a GitHub Release
    if: startsWith(github.ref, 'refs/tags/v') # only publish to GitHub on version tag pushes
    needs:
    - publish-to-pypi
    runs-on: ubuntu-latest

    permissions:
      contents: write  # IMPORTANT: mandatory for making GitHub Releases
      id-token: write  # IMPORTANT: mandatory for sigstore

    steps:
    - name: Download all the dists
      uses: actions/download-artifact@v4
      with:
        name: python-package-distributions
        path: dist/
    - name: Sign the dists with Sigstore
      uses: sigstore/gh-action-sigstore-python@v2.1.1
      with:
        inputs: ./dist/*.tar.gz ./dist/*.whl
    - name: Create GitHub Release
      env:
        GITHUB_TOKEN: ${{ github.token }}
      run: gh release create '${{ github.ref_name }}' --repo '${{ github.repository }}' --notes ""
    - name: Upload artifact signatures to GitHub Release
      env:
        GITHUB_TOKEN: ${{ github.token }}
      # Upload to GitHub Release using the `gh` CLI.
      # `dist/` contains the built packages, and the
      # sigstore-produced signatures and certificates.
      run: gh release upload '${{ github.ref_name }}' dist/** --repo '${{ github.repository }}'