forked from theupdateframework/python-tuf
-
Notifications
You must be signed in to change notification settings - Fork 0
87 lines (75 loc) · 2.68 KB
/
cd.yml
File metadata and controls
87 lines (75 loc) · 2.68 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
name: CD
concurrency: cd
on:
push:
tags:
- v*
permissions:
contents: write
jobs:
test:
uses: ./.github/workflows/_test.yml
build:
name: Build
runs-on: ubuntu-latest
needs: test
outputs:
release_id: ${{ steps.gh-release.outputs.id }}
steps:
- name: Checkout release tag
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
with:
ref: ${{ github.event.workflow_run.head_branch }}
- name: Set up Python
uses: actions/setup-python@d09bd5e6005b175076f227b13d9730d56e9dcfcb
with:
python-version: '3.x'
- name: Install build dependency
run: python3 -m pip install --upgrade pip build
- name: Build binary wheel and source tarball
run: python3 -m build --sdist --wheel --outdir dist/ .
- id: gh-release
name: Publish GitHub release candiate
uses: softprops/action-gh-release@1e07f4398721186383de40550babbdf2b84acfc5
with:
name: ${{ github.ref_name }}-rc
tag_name: ${{ github.ref }}
body: "Release waiting for review..."
files: dist/*
- name: Store build artifacts
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8
# NOTE: The GitHub release page contains the release artifacts too, but using
# GitHub upload/download actions seems robuster: there is no need to compute
# download URLs and tampering with artifacts between jobs is more limited.
with:
name: build-artifacts
path: dist
release:
name: Release
runs-on: ubuntu-latest
needs: build
environment: release
steps:
- name: Fetch build artifacts
uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
with:
name: build-artifacts
path: dist
- name: Publish binary wheel and source tarball on PyPI
uses: pypa/gh-action-pypi-publish@717ba43cfbb0387f6ce311b169a825772f54d295
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
- name: Finalize GitHub release
uses: actions/github-script@7a5c598405937d486b0331594b5da2b14db670da
with:
script: |
await github.rest.repos.updateRelease({
owner: context.repo.owner,
repo: context.repo.repo,
release_id: '${{ needs.build.outputs.release_id }}',
name: '${{ github.ref_name }}',
body: 'See [CHANGELOG.md](https://github.com/' +
context.repo.owner + '/' + context.repo.repo +
'/blob/${{ github.ref_name }}/docs/CHANGELOG.md) for details.'
})