new release 0.10.39 #173
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release | |
| on: | |
| push: | |
| branches: [release-test-pypi, release-test-github, release-test-full] | |
| tags: [v*] | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| release-artifact-id: ${{ steps.upload-release.outputs.artifact-id }} | |
| wheel-artifact-id: ${{ steps.upload-wheel.outputs.artifact-id }} | |
| artifact-runner: ${{ github.job }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Reject any VCS dependencies | |
| continue-on-error: ${{ github.ref_type == 'branch' && github.ref_name != 'release-test-full' }} | |
| uses: pkgcore/gh-actions/reject-python-vcs-deps@main | |
| - name: Install bash 5.3 | |
| uses: pkgcore/gh-actions/bash-5.3@main | |
| - name: Set up Python 3.13 | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.13" | |
| cache: 'pip' | |
| cache-dependency-path: pyproject.toml | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install build ".[doc]" | |
| - name: Build the release | |
| run: | | |
| make release | |
| - name: Output dist file info | |
| run: | | |
| sha512sum dist/* | |
| echo ::group::Release contents | |
| tar -ztf dist/*.tar.gz | sort | |
| echo ::endgroup:: | |
| echo ::group::All generated content in dist | |
| find . | |
| echo ::endgroup:: | |
| - name: Upload wheel | |
| id: upload-wheel | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| name: wheel-release | |
| path: dist/*.whl | |
| if-no-files-found: error | |
| - name: Upload release source | |
| id: upload-release | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| name: release-source | |
| path: dist/*.tar.gz | |
| if-no-files-found: error | |
| test: | |
| needs: [build] | |
| uses: ./.github/workflows/test.yml | |
| with: | |
| release-artifact-id: ${{ needs.build.outputs.release-artifact-id }} | |
| disable-format-check: true | |
| publish: | |
| if: github.ref_type == 'tag' | |
| needs: [build, test] | |
| environment: release | |
| permissions: | |
| id-token: write # Used to authenticate to PyPI via OIDC | |
| contents: write # release uploads | |
| runs-on: ubuntu-latest | |
| steps: | |
| - &common_download_artifacts | |
| name: Download artifacts | |
| uses: actions/download-artifact@v5 | |
| with: | |
| merge-multiple: true # store both in the root, not in named directories | |
| artifact-ids: ${{ needs.build.outputs.release-artifact-id }},${{ needs.build.outputs.wheel-artifact-id }} | |
| - name: Publish github source | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| files: '*.tar.*' | |
| fail_on_unmatched_files: true | |
| draft: true | |
| - name: Publish to PyPi server | |
| uses: pypa/gh-action-pypi-publish@release/v1.13 | |
| with: | |
| packages-dir: . | |
| test-publish: | |
| # use the full form to ensure insane tags and errors in 'on' filter still don't kick. | |
| if: github.ref_type == 'branch' | |
| needs: [build, test] | |
| environment: test-release | |
| permissions: | |
| id-token: write # Used to authenticate to PyPI via OIDC | |
| contents: write # release uploads- | |
| runs-on: ubuntu-latest | |
| steps: | |
| - *common_download_artifacts | |
| - name: Publish github source | |
| uses: softprops/action-gh-release@v2 | |
| if: github.ref_name == 'release-test-github' || github.ref_name == 'release-test-full' | |
| with: | |
| files: '*.tar.*' | |
| fail_on_unmatched_files: true | |
| draft: true | |
| - name: Publish to Test PyPi server | |
| if: github.ref_name == 'release-test-pypi' || github.ref_name == 'release-test-full' | |
| uses: pypa/gh-action-pypi-publish@release/v1.13 | |
| with: | |
| packages-dir: . | |
| repository-url: https://test.pypi.org/legacy/ | |
| # attestations are bound in a way re-releasing isn't possible. Disable for tests. | |
| attestations: false | |
| build-and-push-docker-image: | |
| if: startsWith(github.ref, 'refs/tags/') | |
| needs: ["publish"] | |
| runs-on: ubuntu-latest | |
| environment: release | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Scrape build info | |
| run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/v}" >> $GITHUB_ENV | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/pkgcore/pkgcheck | |
| tags: | | |
| type=semver,pattern={{version}} | |
| type=sha | |
| - name: Build and push | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| build-args: | | |
| PKGCHECK_VERSION=${{ env.RELEASE_VERSION }} |