|
1 | | -name: Release |
| 1 | +--- |
| 2 | +name: 📦 Packaging |
2 | 3 |
|
3 | 4 | on: |
4 | 5 | push: |
|
8 | 9 | types: |
9 | 10 | - published |
10 | 11 |
|
| 12 | +env: |
| 13 | + FORCE_COLOR: 1 # Request colored output from CLI tools supporting it |
| 14 | + MYPY_FORCE_COLOR: 1 # MyPy's color enforcement |
| 15 | + PIP_DISABLE_PIP_VERSION_CHECK: 1 # Hide "there's a newer pip" message |
| 16 | + PIP_NO_PYTHON_VERSION_WARNING: 1 # Hide "this Python is deprecated" message |
| 17 | + PIP_NO_WARN_SCRIPT_LOCATION: 1 # Hide "script dir is not in $PATH" message |
| 18 | + PRE_COMMIT_COLOR: always |
| 19 | + PROJECT_NAME: pip-tools |
| 20 | + PY_COLORS: 1 # Recognized by the `py` package, dependency of `pytest` |
| 21 | + PYTHONIOENCODING: utf-8 |
| 22 | + PYTHONUTF8: 1 |
| 23 | + TOX_PARALLEL_NO_SPINNER: 1 # Disable tox's parallel run spinner animation |
| 24 | + TOX_TESTENV_PASSENV: >- # Make tox-wrapped tools see color requests |
| 25 | + FORCE_COLOR |
| 26 | + MYPY_FORCE_COLOR |
| 27 | + NO_COLOR |
| 28 | + PIP_DISABLE_PIP_VERSION_CHECK |
| 29 | + PIP_NO_PYTHON_VERSION_WARNING |
| 30 | + PIP_NO_WARN_SCRIPT_LOCATION |
| 31 | + PRE_COMMIT_COLOR |
| 32 | + PY_COLORS |
| 33 | + PYTEST_THEME |
| 34 | + PYTEST_THEME_MODE |
| 35 | + PYTHONIOENCODING |
| 36 | + PYTHONLEGACYWINDOWSSTDIO |
| 37 | + PYTHONUTF8 |
| 38 | + UPSTREAM_REPOSITORY_ID: >- |
| 39 | + 5746963 |
| 40 | +
|
| 41 | +run-name: >- |
| 42 | + ${{ |
| 43 | + github.event.action == 'published' |
| 44 | + && format('📦 Releasing v{0}...', github.ref_name) |
| 45 | + || format('🌱 Smoke-testing packaging for commit {0}', github.sha) |
| 46 | + }} |
| 47 | + triggered by: ${{ github.event_name }} of ${{ |
| 48 | + github.ref |
| 49 | + }} ${{ |
| 50 | + github.ref_type |
| 51 | + }} |
| 52 | + (workflow run ID: ${{ |
| 53 | + github.run_id |
| 54 | + }}; number: ${{ |
| 55 | + github.run_number |
| 56 | + }}; attempt: ${{ |
| 57 | + github.run_attempt |
| 58 | + }}) |
| 59 | +
|
11 | 60 | jobs: |
12 | 61 | build: |
13 | | - if: github.repository == 'jazzband/pip-tools' |
| 62 | + name: >- |
| 63 | + 📦 v${{ github.ref_name }} |
| 64 | + [mode: ${{ |
| 65 | + github.event.action == 'published' |
| 66 | + && 'release' || 'nightly' |
| 67 | + }}] |
| 68 | +
|
14 | 69 | runs-on: ubuntu-latest |
15 | 70 |
|
| 71 | + timeout-minutes: 2 |
| 72 | + |
16 | 73 | steps: |
17 | | - - uses: actions/checkout@v3 |
| 74 | + - uses: actions/checkout@v4 |
18 | 75 | with: |
19 | 76 | fetch-depth: 0 |
20 | 77 |
|
21 | 78 | - name: Set up Python |
22 | | - uses: actions/setup-python@v4 |
| 79 | + uses: actions/setup-python@v5 |
23 | 80 | with: |
24 | 81 | python-version: 3.9 |
25 | 82 |
|
26 | 83 | - name: Install dependencies |
27 | 84 | run: | |
28 | | - python -m pip install -U pip |
29 | | - python -m pip install -U twine build setuptools-scm |
| 85 | + python -Im pip install -U twine build setuptools-scm |
30 | 86 |
|
31 | 87 | - name: Build package |
32 | 88 | run: | |
33 | | - python -m setuptools_scm |
34 | | - python -m build |
| 89 | + python -Im setuptools_scm |
| 90 | + python -Im build |
35 | 91 | twine check --strict dist/* |
36 | 92 |
|
37 | | - - name: Upload packages to Jazzband |
38 | | - if: github.event.action == 'published' |
39 | | - uses: pypa/gh-action-pypi-publish@release/v1 |
| 93 | + - name: Store the distribution packages |
| 94 | + uses: actions/upload-artifact@v4 |
40 | 95 | with: |
41 | | - user: jazzband |
42 | | - password: ${{ secrets.JAZZBAND_RELEASE_KEY }} |
43 | | - repository_url: https://jazzband.co/projects/pip-tools/upload |
| 96 | + name: python-package-distributions |
| 97 | + # NOTE: Exact expected file names are specified here |
| 98 | + # NOTE: as a safety measure — if anything weird ends |
| 99 | + # NOTE: up being in this dir or not all dists will be |
| 100 | + # NOTE: produced, this will fail the workflow. |
| 101 | + path: | |
| 102 | + dist/*.tar.gz |
| 103 | + dist/*.whl |
| 104 | + retention-days: >- |
| 105 | + ${{ |
| 106 | + github.event.action == 'published' |
| 107 | + && 90 || 30 |
| 108 | + }} |
| 109 | +
|
| 110 | + publish-pypi: |
| 111 | + name: >- |
| 112 | + 📦 |
| 113 | + Publish v${{ github.ref_name }} to PyPI |
| 114 | + needs: |
| 115 | + - build |
| 116 | + if: >- |
| 117 | + github.event.action == 'published' |
| 118 | + && '5746963' == github.repository_id |
| 119 | +
|
| 120 | + runs-on: ubuntu-latest |
| 121 | + |
| 122 | + timeout-minutes: 2 # docker+network are slow sometimes |
| 123 | + |
| 124 | + environment: |
| 125 | + name: pypi |
| 126 | + url: >- |
| 127 | + https://pypi.org/project/${{ env.PROJECT_NAME }}/${{ github.ref_name }} |
| 128 | +
|
| 129 | + permissions: |
| 130 | + id-token: write # PyPI Trusted Publishing (OIDC) |
| 131 | + |
| 132 | + steps: |
| 133 | + - name: Download all the dists |
| 134 | + uses: actions/download-artifact@v4 |
| 135 | + with: |
| 136 | + name: python-package-distributions |
| 137 | + path: dist/ |
| 138 | + - name: >- |
| 139 | + 📦 |
| 140 | + Publish v${{ github.ref_name }} to PyPI |
| 141 | + 🔏 |
| 142 | + uses: pypa/gh-action-pypi-publish@release/v1 |
0 commit comments