-
Notifications
You must be signed in to change notification settings - Fork 0
104 lines (87 loc) · 2.62 KB
/
Copy pathpublish.yml
File metadata and controls
104 lines (87 loc) · 2.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
name: Publish to PyPI
on:
push:
tags:
- '[0-9]+.[0-9]+.[0-9]+*'
workflow_dispatch:
inputs:
dry_run:
description: 'Dry run (build only, no publish)'
required: false
type: boolean
default: true
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/setup-python@v6
with:
python-version: "3.12"
- name: Install build tools
run: pip install build twine
- name: Build package
run: python -m build
- name: Check package
run: twine check dist/*
- name: Smoke test built package
run: python scripts/smoke-built-package.py
- name: Upload artifacts
uses: actions/upload-artifact@v7
with:
name: dist
path: dist/
publish:
needs: build
runs-on: ubuntu-latest
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
steps:
- uses: actions/checkout@v6
- uses: actions/download-artifact@v8
with:
name: dist
path: dist/
- name: Publish to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.PYPI_TOKEN }}
print-hash: true
verify-docs-release-audit:
needs: publish
runs-on: ubuntu-latest
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
steps:
- uses: actions/checkout@v6
- name: Verify live docs release audit after PyPI publish
env:
DOCS_RELEASE_AUDIT_ARTIFACT: sdk-python
DOCS_RELEASE_AUDIT_VERSION: ${{ github.ref_name }}
DOCS_RELEASE_AUDIT_EVIDENCE: docs-release-audit-evidence.json
DOCS_RELEASE_AUDIT_HANDOFF: docs-release-audit-handoff.json
run: scripts/ci/check-docs-release-audit.sh
- name: Upload docs release audit evidence
if: always()
uses: actions/upload-artifact@v4
with:
name: docs-release-audit-evidence
path: |
docs-release-audit-evidence.json
docs-release-audit-handoff.json
if-no-files-found: warn
publish-test:
needs: build
runs-on: ubuntu-latest
if: github.event_name == 'workflow_dispatch' && !inputs.dry_run
steps:
- uses: actions/download-artifact@v8
with:
name: dist
path: dist/
- name: Publish to TestPyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.TEST_PYPI_TOKEN }}
repository-url: https://test.pypi.org/legacy/
print-hash: true