chore: github fucking sucks #82
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release | |
| on: | |
| push: | |
| branches: [deploy, release-test-pypi] | |
| tags: [v*] | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| release-artifact-id: ${{ steps.upload-release.outputs.artifact-id }} | |
| wheel-artifact-id: ${{ steps.upload-wheel.outputs.artifact-id }} | |
| artifact-runner: ${{ github.job }} | |
| permissions: | |
| contents: write # Used to authenticate github release publish | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Reject any VCS dependencies | |
| if: false | |
| shell: python | |
| run: | | |
| import re, tomllib | |
| manifest = tomllib.load(open('pyproject.toml', 'rb')) | |
| deps = manifest['build-system']['requires'] | |
| deps.extend(manifest['project']['dependencies']) | |
| if rejects := list(filter(re.compile(r'@[^+]+').search, deps)): | |
| rejects = " \n".join(sorted(rejects)) | |
| raise Exception(f'VCS dependencies were detected in [build-system]:\n {rejects}') | |
| - name: Set up Python 3.13 | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.13" | |
| cache: 'pip' | |
| cache-dependency-path: pyproject.toml | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install build ".[doc]" | |
| - name: Build sdist | |
| run: | | |
| git clean -fxd | |
| make man | |
| make sdist | |
| - name: Build wheel | |
| run: make wheel | |
| - name: Output dist file info | |
| run: | | |
| sha512sum dist/* | |
| echo ::group::Release contents | |
| tar -ztf dist/*.tar.gz | sort | |
| echo ::endgroup:: | |
| echo ::group::All generated content in dist | |
| find . | |
| echo ::endgroup:: | |
| - name: Upload wheel | |
| id: upload-wheel | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| name: wheel-release | |
| path: dist/*.whl | |
| if-no-files-found: error | |
| - name: Upload release source | |
| id: upload-release | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| name: release-source | |
| path: dist/*.tar.gz | |
| if-no-files-found: error | |
| publish: | |
| if: github.ref_type == 'tag' | |
| needs: [build] | |
| environment: release | |
| permissions: | |
| id-token: write # Used to authenticate to PyPI via OIDC | |
| contents: read | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v5 | |
| with: | |
| merge-multiple: true # store both in the root, not in named directories | |
| artifact-ids: ${{ needs.build.outputs.release-artifact-id }},${{ needs.build.outputs.wheel-artifact-id }} | |
| - name: debug | |
| run: find . | |
| - name: Publish github source | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| files: '*.tar.*' | |
| fail_on_unmatched_files: true | |
| draft: true | |
| - name: Publish to PyPi server | |
| uses: pypa/gh-action-pypi-publish@release/v1.13 | |
| with: | |
| packages-dir: . | |
| test-publish: | |
| # use the full form to ensure insane tags and errors in 'on' filter still don't kick. | |
| if: github.ref == 'refs/heads/release-test-pypi' | |
| needs: [build] | |
| environment: test-release | |
| permissions: | |
| id-token: write # Used to authenticate to PyPI via OIDC | |
| contents: read | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v5 | |
| with: | |
| merge-multiple: true | |
| artifact-ids: ${{ needs.build.outputs.wheel-artifact-id }} | |
| - name: debug | |
| run: find . | |
| - name: Publish to Test PyPi server | |
| uses: pypa/gh-action-pypi-publish@release/v1.13 | |
| with: | |
| packages-dir: . | |
| repository-url: https://test.pypi.org/legacy |