Skip to content
.github/workflows/release.yml

ops: remove test-pypi upload, add button for releasing #43

Sign in to view logs

ops: remove test-pypi upload, add button for releasing

ops: remove test-pypi upload, add button for releasing #43

Workflow file for this run

.github/workflows/release.yml at 2d7fcf2
---

Check failure on line 1 in .github/workflows/release.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/release.yml

Invalid workflow file 

(Line: 68, Col: 9): Job 'create-release' depends on unknown job 'publish-to-testpypi'.
name: Publish Python 🐍 distribution 📦 to PyPI and TestPyPI
on:
workflow_dispatch:
push:
branches:
- main
paths:
- "vulncheck_sdk/**"
permissions:
contents: write
jobs:
build:
name: Build distribution 📦
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Poetry
uses: abatilo/actions-poetry@v2
with:
poetry-version: "2.2.1"
- name: Install testing requirements
run: poetry add requests==2.32.5
- name: Install dependencies
run: make deps
- name: Test with pytest
env:
VULNCHECK_API_TOKEN: ${{ secrets.VULNCHECK_API_TOKEN }}
run: make test
- name: Build Module
run: make build
- name: Store the distribution packages
uses: actions/upload-artifact@v4
with:
name: python-package-distributions
path: dist/
publish-to-pypi:
name: >-
Publish Python 🐍 distribution 📦 to PyPI
needs:
- build
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/p/vulncheck-sdk
permissions:
id-token: write
steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Publish distribution 📦 to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
create-release:
name: Create release
needs:
- build
- publish-to-pypi
- publish-to-testpypi
runs-on: ubuntu-latest
steps:
- uses: actions/create-github-app-token@v1
id: generate_token
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
- name: Check out HEAD ref
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ github.head_ref }}
path: head
fetch-tags: true
- name: Get versions
id: versions
working-directory: head
run: |
CURRENT_VERSION=$(yq e '.additionalProperties.packageVersion' python-generator-config.yaml)
echo "current_version=$CURRENT_VERSION" >> $GITHUB_OUTPUT
echo "All available tags:"
git tag -l
LATEST_TAG=$(git tag --sort=-v:refname | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+$' | head -n1)
if [ -z "$LATEST_TAG" ]; then
echo "No valid version tags found"
exit 1
fi
echo "Found latest tag: $LATEST_TAG"
echo "latest_tag=$LATEST_TAG" >> $GITHUB_OUTPUT
- name: Check out previous release
uses: actions/checkout@v4
with:
fetch-depth: 0
path: previous
ref: ${{ steps.versions.outputs.latest_tag }}
fetch-tags: true
- name: Make temp openapi-diff file
run: touch ${{ github.workspace }}/head/openapi-diff.md
- name: Run openapi-diff
uses: docker://openapitools/openapi-diff:latest
with:
args: previous/openapi.json head/openapi.json --markdown head/openapi-diff.md
- name: Check if tag exists
id: check_tag
working-directory: head
run: |
if git ls-remote --exit-code --tags origin "refs/tags/v${{ steps.versions.outputs.current_version }}"; then
echo "Tag v${{ steps.versions.outputs.current_version }} already exists, skipping release"
echo "exists=true" >> $GITHUB_OUTPUT
else
echo "exists=false" >> $GITHUB_OUTPUT
fi
- name: Create and push tag
if: steps.check_tag.outputs.exists == 'false'
working-directory: head
env:
GH_TOKEN: ${{ steps.generate_token.outputs.token }}
run: |
git config --global url."https://x-access-token:${GH_TOKEN}@github.com/".insteadOf "https://github.com/"
git tag -f v${{ steps.versions.outputs.current_version }}
git push --force origin v${{ steps.versions.outputs.current_version }}
- name: Release
if: steps.check_tag.outputs.exists == 'false'
uses: softprops/action-gh-release@v2
with:
body_path: ${{ github.workspace }}/head/openapi-diff.md
tag_name: v${{ steps.versions.outputs.current_version }}
token: ${{ steps.generate_token.outputs.token }}