chore: Update python-publish.yml to use latest version of github-tag-… #23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Python 🐍 distribution 📦 to PyPI and TestPyPI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| types: [closed] # To ensure it only runs on merged PRs | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| jobs: | |
| build: | |
| name: Build distribution 📦 | |
| runs-on: ubuntu-latest | |
| outputs: | |
| new_tag: ${{ steps.tag_update_verification.outputs.new_tag }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.x' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install build | |
| - name: Bump version and push tag | |
| id: taggerDryRun | |
| uses: anothrNick/[email protected] # Don't use @master or @v1 unless you're happy to test the latest version | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # if you don't want to set write permissions use a PAT token | |
| WITH_V: true | |
| DRY_RUN: true | |
| DEFAULT_BUMP: ${{ github.event.pull_request.merged_at && 'minor' || 'patch' }} # Minor bump for merges, patch otherwise | |
| - name: Tag Update Verification | |
| id: tag_update_verification | |
| run: | | |
| echo "new_tag=${{ steps.taggerDryRun.outputs.new_tag }}" >> "$GITHUB_OUTPUT" | |
| echo "The current tag is: ${{ steps.taggerDryRun.outputs.tag }}" | |
| echo "The version increment was: ${{ steps.taggerDryRun.outputs.part }}" | |
| echo "The next tag version will be: ${{ steps.taggerDryRun.outputs.new_tag }}" | |
| - name: Minor version for each merge | |
| id: taggerFinal | |
| uses: anothrNick/[email protected] | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| WITH_V: true | |
| DEFAULT_BUMP: ${{ github.event.pull_request.merged_at && 'minor' || 'patch' }} # Minor bump for merges, patch otherwise | |
| - name: Build package | |
| run: python -m build | |
| - name: Store the distribution packages | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| publish-to-testpypi: | |
| name: Publish to TestPyPI | |
| needs: | |
| - build | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: testpypi | |
| url: https://test.pypi.org/p/steamstore-etl | |
| permissions: | |
| id-token: write # IMPORTANT: mandatory for trusted publishing | |
| steps: | |
| - name: Download all the dists | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| - name: Publish distribution 📦 to TestPyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ | |
| skip-existing: true | |
| publish-to-pypi: | |
| name: Publish to PyPI | |
| needs: | |
| - build | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: pypi | |
| url: https://pypi.org/p/steamstore-etl | |
| permissions: | |
| id-token: write # IMPORTANT: mandatory for trusted publishing | |
| steps: | |
| - name: Download all the dists | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| - name: Publish distribution 📦 to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| github-release: | |
| name: >- | |
| Sign the Python 🐍 distribution 📦 with Sigstore | |
| and upload them to GitHub Release | |
| needs: | |
| - build | |
| - publish-to-testpypi | |
| - publish-to-pypi | |
| runs-on: ubuntu-latest | |
| env: | |
| GITHUB_TOKEN: ${{ github.token }} | |
| new_tag: ${{needs.build.outputs.new_tag}} | |
| permissions: | |
| contents: write # IMPORTANT: mandatory for making GitHub Releases | |
| id-token: write # IMPORTANT: mandatory for sigstore | |
| steps: | |
| - name: Download all the dists | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| - name: Sign the dists with Sigstore | |
| uses: sigstore/[email protected] | |
| with: | |
| inputs: >- | |
| ./dist/*.tar.gz | |
| ./dist/*.whl | |
| - name: Create GitHub Release | |
| run: >- | |
| gh release create $new_tag --repo '${{ github.repository }}' --notes "" | |
| - name: Upload artifact signatures to GitHub Release | |
| # Upload to GitHub Release using the `gh` CLI. | |
| # `dist/` contains the built packages, and the | |
| # sigstore-produced signatures and certificates. | |
| run: >- | |
| gh release upload $new_tag dist/** --repo '${{ github.repository }}' |