This GitHub Action will publish a Python project to pypi.org.
- Publish to pypi using your pypi token.
- Semi-automatic versioning.
- Automatic repository version tagging.
- Prerelease support.
- Dry run support.
- Tested on linux/windows/mac.
Some limitations exist by design:
- You cannot overwrite an existing package.
- You cannot publish a version that is lower than the latest from pypi.
- Python must be preconfigured and installed; a
pythonexecutable must be in the path. - The Python project must be configured to use Poetry.
- You must provide a secret
pypitoken.
Note: The packages pip, setuptools, wheel and pipx will be installed/upgraded
using the python executable from the path.
The default usage requires a project name and a token:
- name: Publish to pypi
uses: coveooss/[email protected]
with:
project-name: my-project-name
pypi-token: ${{ secrets.PYPI_TOKEN }}
The project will be published, your changeset will be tagged with a v1.2.3 kind of tag and revisions will increase automatically.
In this repository, we don't keep a @v1 or latest tag that we update as new revisions are released.
Instead, we leverage our own repository tagging feature to provide users with a v{major}.{minor}.{revision} tag.
This is similar to specifying the changeset's sha, but offers more visibility on the evolution of the action
and allows us to transparently issue security and emergency hotfixes if that ever becomes a necessity.
- If you want guaranteed immutability, specify a
@sha. - If you want general immutability and potential hotfixes, specify a
v{major}.{minor}.{revision}. - If you want to live dangerously, specify
@main.
This action features semi-automatic versioning based on the value of the version field from your pyproject.toml
and the latest released version from pypi.
In a nutshell:
- Use the
pyproject.tomlto set a minimum version to release. The action will increment from there. - Keep publishing to bump revisions. No need to edit the version in
pyproject.toml. - To set a new minor or major, bump and commit the version in
pyproject.toml(i.e.: step 1!).
The revision bump is automatic (the x in 3.5.x).
The next revision is always based on pypi's realtime api; you cannot overwrite an existing package or go back in time.
The new version will be added to the pyproject.toml file included with the distribution,
but it will not be committed to the repository. This is normal!
We use coveo-pypi-cli to compute the next version.
If you want to bump the minor or major, just do it manually in the pyproject.toml and commit that.
It will become the next released version.
- Open the
pyproject.tomlfile. - Edit and commit the next version number (e.g.: 1.1.0 -> 1.2.0).
- Publish your project.
- Your
pyproject.tomlhasversion=0.1.0. - There are no releases in pypi.
- The next prerelease would be
0.1.0a1. - The next release will be
0.1.0.
- Your
pyproject.tomlstill hasversion=0.1.0. - The latest release is
0.1.0. - The next prerelease would be
0.1.1a1. - The next release will be
0.1.1.
- Update your
pyproject.tomltoversion=0.2.0and commit. - The latest release is
0.1.1. - The next prerelease would be
0.2.0a1. - The next release will be
0.2.0.
- Update your
pyproject.tomltoversion=1.0.0and commit. - The latest release is
0.2.0. - The next prerelease would be
1.0.0a1. - The next release will be
1.0.0.
- Update your
pyproject.tomltoversion=1.4.4and commit. - The latest release is
1.0.0. - The next prerelease would be
1.4.4a1. - The next release will be
1.4.4.
Just for the sake of completing the example:
- Your
pyproject.tomlis still set toversion=1.4.4. - The latest release is
1.4.4. - The next prerelease would be
1.4.5a1. - The next release will be
1.4.5.
Whenever a new distribution is published, the repository will be tagged with its version.
The tag has the {prefix}{version}{prerelease} format and the default settings will give you something like v1.2.3a4.
Use the tag-prefix option to customize the prefix part.
Note: The tag and the auto versioning system are completely independent. If you don't want the tags, feel free to delete them, or better: open a PR with a new option to skip them! 🚀
You can launch a dry run of the publish operation, which will:
- Compute the next version and prerelease version it would publish and echo it to the logs.
- Compute the tag it would write and echo that to the logs.
- Build the sdist and wheel of your project.
The dry run option is detailed at the top of the action file.
The recommended usage will provide you this behavior:
- Running the action from the main branch will automatically publish a new version.
- Running the action from other branches will produce a dry run.
- Running the action manually on a branch and typing in "true" when prompted will publish a prerelease version.
First, you need to add some inputs in the workflow dispatch:
workflow_dispatch:
inputs:
publish:
description: "Publish to pypi.org? (will not work from forks!)"
required: false
default: 'false'
Here's how we suggest you design the uses step:
- name: Publish to pypi
uses: coveooss/[email protected]
with:
project-name: my-project-name
pypi-token: ${{ secrets.PYPI_TOKEN }}
pre-release: ${{ github.ref != 'refs/heads/main' }}
dry-run: ${{ github.ref != 'refs/heads/main' && github.event.inputs.publish != 'true' }}
More options are described at the top of the action file.
When starting a new project, we recommend setting your project's version to 0.1.0 as the first official public release,
as described in the semantic versioning FAQ.
Since the action cannot overwrite packages or go back in time, you only have to start using this action.
- If the version already exists in pypi, a new one will be used.
- If the version doesn't exist, it's the new starting point.
So, it's perfectly fine to use a version of 0.1.0 for an existing package even if e.g. 3.5.6 is released.
The next version will be 3.5.7! Or if you think this move is potentially breaking, set it to 3.6 or 4.0 to set a new minimum.