diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index e010129..a19cc85 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,125 +1,166 @@ name: Release + on: push: branches: - - workflow_release + - workflow_release tags: - - 'v[0-9]+.[0-9]+.[0-9]+' + - 'v[0-9]+.[0-9]+.[0-9]+' + - 'v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+' + - 'v[0-9]+.[0-9]+.[0-9]+-alpha' + - 'v[0-9]+.[0-9]+.[0-9]+-beta' jobs: - build: - name: build + build_release: + name: build_release runs-on: macos-latest strategy: matrix: python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"] + env: + MACOSX_DEPLOYMENT_TARGET: '11.0' + steps: - - uses: actions/checkout@v4 - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - name: Install pypa/build - run: >- - python3 -m - pip install - build - --user - - - name: Build a binary wheel and a source tarball - run: python3 -m build - - name: Store the distribution packages - uses: actions/upload-artifact@v3 - with: - name: python-package-distributions - path: dist/ - - publish-to-pypi: - name: Publish Python 🐍 distribution 📦 to PyPI - if: startsWith(github.ref, 'refs/tags/') - needs: - - build + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + + - name: Install pypa/build + run: python3 -m pip install build + shell: bash + + - name: Build a binary wheel and a source tarball + id: build + run: python3 -m build + shell: bash + + - name: Upload the distribution packages + uses: actions/upload-artifact@v3 + with: + name: python-package-distributions + path: dist/ + + create_release: + name: create_release + needs: ['build_release'] runs-on: ubuntu-latest - environment: - name: pypi - url: https://pypi.org/project/pasteboard/ permissions: - id-token: write + # IMPORTANT: mandatory for making GitHub Releases + # https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs#overview + contents: write steps: - - name: Download all the dists + - name: Download the distribution packages uses: actions/download-artifact@v3 with: name: python-package-distributions path: dist/ - - name: Publish distribution 📦 to PyPI - uses: pypa/gh-action-pypi-publish@release/v1 + - name: List the distribution packages + run: ls -1 dist/* + shell: bash + + - name: Create release + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + ref_name='${{ github.ref_name }}' + echo "ref_name: $ref_name" + + # empty arguments + set -- + + # is this a test release, or a real release? + if [[ "$ref_name" == 'workflow_release' ]]; then + version='v0.0.0-test' + set -- "$@" --target '${{ github.sha }}' + else + version="$ref_name" + fi + echo "version: $version" - github-release: - name: >- - Sign the Python 🐍 distribution 📦 with Sigstore - and upload them to GitHub Release - needs: - - publish-to-pypi + # is this a pre-release (-rc*, -alpha, -beta, -test)? + if [[ "$version" == *"-"* ]]; then + set -- "$@" --prerelease + fi + + date=$(env TZ=':America/Los_Angeles' date +'%Y-%m-%d') + echo "date: $date" + + echo "args: $@" + + set -x + gh release create \ + "$version" \ + dist/* \ + --title "$version ($date)" \ + --draft \ + --repo '${{ github.repository }}' \ + "$@" + shell: bash + + publish_release_test: + name: publish_release_test + needs: ['build_release', 'create_release'] runs-on: ubuntu-latest + environment: + name: testpypi + url: https://pypi.org/project/pasteboard/ + permissions: - contents: write # IMPORTANT: mandatory for making GitHub Releases - id-token: write # IMPORTANT: mandatory for sigstore + # IMPORTANT: mandatory for trusted publishing + # https://docs.pypi.org/trusted-publishers/ + id-token: write steps: - - name: Download all the dists - uses: actions/download-artifact@v3 - with: - name: python-package-distributions - path: dist/ - - name: Sign the dists with Sigstore - uses: sigstore/gh-action-sigstore-python@v1.2.3 - with: - inputs: >- - ./dist/*.tar.gz - ./dist/*.whl - - name: Create GitHub Release - env: - GITHUB_TOKEN: ${{ github.token }} - run: >- - gh release create - '${{ github.ref_name }}' - --repo '${{ github.repository }}' - --notes "" - - name: Upload artifact signatures to GitHub Release - env: - GITHUB_TOKEN: ${{ github.token }} - # Upload to GitHub Release using the `gh` CLI. - # `dist/` contains the built packages, and the - # sigstore-produced signatures and certificates. - run: >- - gh release upload - '${{ github.ref_name }}' dist/** - --repo '${{ github.repository }}' - - publish-to-testpypi: - name: Publish Python 🐍 distribution 📦 to TestPyPI - needs: - - build + - name: Download the distribution packages + uses: actions/download-artifact@v3 + with: + name: python-package-distributions + path: dist/ + + - name: List the distribution packages + run: ls -1 dist/* + shell: bash + + - name: Publish distribution packages to Test PyPI + uses: pypa/gh-action-pypi-publish@release/v1.8 + with: + print-hash: true + repository-url: https://test.pypi.org/legacy/ + + publish_release_real: + name: publish_release_real + needs: ['build_release', 'create_release', 'publish_release_test'] runs-on: ubuntu-latest environment: - name: testpypi + name: pypi url: https://pypi.org/project/pasteboard/ permissions: - id-token: write # IMPORTANT: mandatory for trusted publishing + # IMPORTANT: mandatory for trusted publishing + # https://docs.pypi.org/trusted-publishers/ + id-token: write steps: - - name: Download all the dists - uses: actions/download-artifact@v3 - with: - name: python-package-distributions - path: dist/ - - name: Publish distribution 📦 to TestPyPI - uses: pypa/gh-action-pypi-publish@release/v1 - with: - repository-url: https://test.pypi.org/legacy/ + - name: Download the distribution packages + uses: actions/download-artifact@v3 + with: + name: python-package-distributions + path: dist/ + + - name: List the distribution packages + run: ls -1 dist/* + shell: bash + + - name: Publish distribution packages to PyPI + uses: pypa/gh-action-pypi-publish@release/v1.8 + with: + print-hash: true