forked from AsherBond/truss
-
Notifications
You must be signed in to change notification settings - Fork 0
108 lines (95 loc) · 3.77 KB
/
Copy pathmain.yml
File metadata and controls
108 lines (95 loc) · 3.77 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
name: Main - post-commit
on:
workflow_dispatch: # Allows running from actions tab
inputs:
force_pypi:
description: 'Force push to PyPI'
required: false
type: boolean
default: false
push:
branches:
- main
concurrency:
group: main-${{ github.ref_name }}
cancel-in-progress: false
jobs:
detect-version-changed:
uses: ./.github/workflows/_detect_version_changed_shared.yml
secrets: inherit
build-truss-server-base-images-if-needed:
needs: detect-version-changed
uses: ./.github/workflows/_build_truss_server_base_images_if_needed_shared.yml
with:
new_base_image_version: ${{ needs.detect-version-changed.outputs.new_base_image_version }}
build_base_images: ${{ needs.detect-version-changed.outputs.build_base_images }}
secrets: inherit
all-tests:
needs: [detect-version-changed, build-truss-server-base-images-if-needed]
if: ${{ !failure() && !cancelled() && (needs.build-truss-server-base-images-if-needed.result == 'success' || needs.build-truss-server-base-images-if-needed.result == 'skipped') }}
uses: ./.github/workflows/_integration_test_shared.yml
with:
run_only_integration: false
report_to_slack:
runs-on: ubuntu-22.04
if: always() && github.ref == 'refs/heads/main'
needs:
- all-tests
steps:
- name: get-branch
run: echo ${{ github.ref }}
- name: show-slack-status
uses: 8398a7/action-slack@v3
with:
status: custom
fields: author, job, commit, repo
custom_payload: |
{
attachments: [{
color: "${{ needs.all-tests.result == 'failure' && 'danger' || 'good' }}",
text: `Truss post-commit tests ${{ needs.all-tests.result }}: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}`,
}]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
publish-rc-to-pypi:
needs: [detect-version-changed]
# NB(nikhil): These complex conditions need to stay on one line, GHA has a parsing bug.
if: ${{ !failure() && !cancelled() && ((needs.detect-version-changed.outputs.release_version == 'true' && needs.detect-version-changed.outputs.is_prerelease_version == 'true') || github.event.inputs.force_pypi == 'true') }}
runs-on: ubuntu-22.04
permissions:
# this permission is mandatory for Trusted Publishing
id-token: write
steps:
- name: "Git tag release"
uses: actions/checkout@v4
with:
token: ${{secrets.BASETENBOT_GITHUB_TOKEN}}
- run: |
NEW_VERSION=v${{ needs.detect-version-changed.outputs.new_version }}
git config --global user.name "Github action"
git config --global user.email "github.action@baseten.co"
git tag -a $NEW_VERSION -m "Release $NEW_VERSION"
git push origin $NEW_VERSION
- uses: ./.github/actions/setup-python/
- name: Install packages
run: uv sync --no-dev # NB(nikhil): Skip installing any dependency-groups
- name: Build
run: uv build
- name: Create Release
uses: ncipollo/release-action@v1
with:
artifacts: "dist/*"
token: ${{ secrets.BASETENBOT_GITHUB_TOKEN }}
draft: false
prerelease: ${{ needs.detect-version-changed.outputs.is_prerelease_version }}
generateReleaseNotes: true
makeLatest: true
skipIfReleaseExists: true
tag: "v${{ needs.detect-version-changed.outputs.new_version }}"
- name: Publish package to PyPI (Trusted Publishing)
if: ${{ github.event_name != 'pull_request' }}
uses: pypa/gh-action-pypi-publish@release/v1
with:
verbose: true
print-hash: true