Skip to content

fix: update modules for security #1373

fix: update modules for security

fix: update modules for security #1373

Workflow file for this run

on:
push:
branches:
- main
permissions:
contents: write
pull-requests: write
name: release-please
jobs:
create-release:
runs-on: ubuntu-latest
outputs:
phoenix_path: ${{ steps.parse.outputs.phoenix_path }}
package_path: ${{ steps.parse.outputs.package_path }}
steps:
- uses: googleapis/release-please-action@v4
with:
token: ${{ secrets.MY_RELEASE_PLEASE_TOKEN }}
id: release-please
- name: Parse release path
if: ${{ steps.release-please.outputs.releases_created == 'true' }}
id: parse
env:
PATHS_RELEASED: ${{ steps.release-please.outputs.paths_released }}
# We assume that only one path is released at a time
run: |
echo $PATHS_RELEASED | jq -r '.[0]' | while read -r PATH; do
case $PATH in
packages/*)
echo "package_path=$PATH" >> $GITHUB_OUTPUT ;;
*)
echo "phoenix_path=$PATH" >> $GITHUB_OUTPUT ;;
esac
done
publish-package:
name: Publish Package
runs-on: ubuntu-latest
needs: create-release
if: ${{ needs.create-release.outputs.package_path != '' }}
defaults:
run:
working-directory: ${{ needs.create-release.outputs.package_path }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.x"
- run: python -m pip install hatch check_wheel_contents twine
- run: hatch build
- run: check-wheel-contents dist/*.whl
- run: twine upload --skip-existing --verbose dist/*
env:
TWINE_USERNAME: "__token__"
TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
publish-phoenix:
name: Publish Phoenix
runs-on: ubuntu-latest
needs: create-release
if: ${{ needs.create-release.outputs.phoenix_path != '' }}
environment:
name: pypi
url: https://pypi.org/p/arize-phoenix
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v3
with:
version: 9.8.0
- name: Build frontend
working-directory: ./app
run: pnpm install --frozen-lockfile && pnpm run build
- uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Install Python utilities
run: python -m pip install hatch check_wheel_contents twine
- name: Build distribution
run: rm -rf dist && hatch build
- name: Check wheel contents
run: check-wheel-contents --ignore W004 dist/*.whl
- uses: pypa/gh-action-pypi-publish@release/v1