-
Notifications
You must be signed in to change notification settings - Fork 190
108 lines (96 loc) · 2.99 KB
/
publish.yaml
File metadata and controls
108 lines (96 loc) · 2.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
name: publish
on:
# on pull request, run build step to catch errors earlier, but do not publish
pull_request:
# on push
# ... to any branch, just build and check package
# ... to master, publish to test PyPI registry
# ... to version tag, publish to production PyPI registry
push:
branches: ["**"]
tags: ["v[0-9]*"]
permissions: {}
jobs:
build:
# https://github.community/t/duplicate-checks-on-push-and-pull-request-simultaneous-event/18012/5
if: ${{ github.event_name == 'push' || github.event.pull_request.head.repo.fork }}
permissions:
contents: read
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v3
- name: setup python
uses: actions/setup-python@v5
with:
python-version: 3.x
cache: pip
cache-dependency-path: |
pyproject.toml
requirements*.txt
setup.py
- name: install tools
run: pip install --upgrade build check-manifest setuptools twine wheel
- name: build package
run: python -m build
- name: check manifest
run: check-manifest
- name: twine check
run: twine check dist/*
- name: script/test install_check_version
run: stages=check_version script/test
- uses: actions/upload-artifact@v4
with:
name: dist
path: dist/
if-no-files-found: error
retention-days: 1
publish-prod:
if: ${{ github.event_name == 'push' && github.repository == 'httplib2/httplib2' && startsWith(github.ref, 'refs/tags/') }}
needs: [build]
environment:
name: pypi-public
url: https://pypi.org/p/httplib2
permissions:
attestations: write
id-token: write # for trusted publishing
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/download-artifact@v4
with:
name: dist
path: dist/
- uses: actions/attest-build-provenance@v3
with:
subject-path: 'dist/*'
- name: publish to public PyPI
if: startsWith(github.ref, 'refs/tags/')
uses: pypa/gh-action-pypi-publish@release/v1
with:
packages-dir: dist/
publish-test:
if: ${{ github.event_name == 'push' && github.repository == 'httplib2/httplib2' && github.ref == 'refs/heads/master' }}
needs: [build]
environment:
name: pypi-test
url: https://test.pypi.org/p/httplib2
permissions:
attestations: write
id-token: write # for trusted publishing
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/download-artifact@v4
with:
name: dist
path: dist/
- uses: actions/attest-build-provenance@v3
with:
subject-path: 'dist/*'
- name: publish to test.PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
packages-dir: dist/
repository-url: https://test.pypi.org/legacy/
skip-existing: true