Publish Pre-Release to TestPyPI #25
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Pre-Release to TestPyPI | |
| on: workflow_dispatch | |
| jobs: | |
| publish: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| # This environment is required as an input to pypa/gh-action-pypi-publish | |
| environment: | |
| name: testpypi | |
| url: https://test.pypi.org/p/seclab-taskflow-agent | |
| env: | |
| GITHUB_REPO: ${{ github.repository }} | |
| permissions: | |
| contents: write | |
| id-token: write # For trusted publishing | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| persist-credentials: false | |
| - name: Set up Python | |
| uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 | |
| with: | |
| python-version: "3.13" | |
| - name: Install Hatch | |
| run: pip install --upgrade hatch | |
| - name: Generate new pre-release version number | |
| id: create_version_number | |
| run: | | |
| # Convert current version number to an alpha release of the next version. | |
| # For example, 1.0.2 becomes 1.0.3a0 | |
| hatch version micro,a | |
| # Get latest version number from test.pypi.org | |
| CURRENT_VERSION_NUMBER=$(pip index versions --pre --index-url https://test.pypi.org/simple seclab-taskflow-agent | sed 's/[^(]*[(]\([^)]*\)[)].*/\1/' | head -n 1) | |
| # Set version number to match test.pypi.org | |
| hatch version "$CURRENT_VERSION_NUMBER" || echo TestPyPI is behind current version | |
| # Bump version number | |
| hatch version a | |
| # Create a name for the release | |
| echo "RELEASE_NAME=test-release-v`hatch version`" >> $GITHUB_OUTPUT | |
| - name: Build the wheel | |
| run: python3 -m hatch build | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| - name: Publish to TestPyPI | |
| uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ | |
| verbose: true | |
| - name: Sign with sigstore | |
| uses: sigstore/gh-action-sigstore-python@f832326173235dcb00dd5d92cd3f353de3188e6c # v3.1.0 | |
| with: | |
| inputs: >- | |
| ./dist/*.tar.gz | |
| ./dist/*.whl | |
| - name: Create GitHub Release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| RELEASE_NAME: ${{ steps.create_version_number.outputs.RELEASE_NAME }} | |
| run: gh release create $RELEASE_NAME dist/* --repo $GITHUB_REPO --prerelease --generate-notes |