Bump cryptography from 46.0.5 to 46.0.6 #52
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| bump: | |
| description: "Version bump type" | |
| required: true | |
| default: "patch" | |
| type: choice | |
| options: | |
| - major | |
| - minor | |
| - patch | |
| target: | |
| description: "Publish target" | |
| required: true | |
| default: "testpypi" | |
| type: choice | |
| options: | |
| - pypi | |
| - testpypi | |
| pull_request: | |
| types: [closed] | |
| branches: [main] | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| id-token: write | |
| jobs: | |
| # ── Stage 1: workflow_dispatch → run tests and create release PR ── | |
| tests: | |
| if: github.event_name == 'workflow_dispatch' | |
| uses: ./.github/workflows/pytest-actions.yaml | |
| prepare-release: | |
| if: github.event_name == 'workflow_dispatch' | |
| needs: tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Bump version | |
| id: version | |
| run: | | |
| current=$(python -c " | |
| import re, pathlib | |
| text = pathlib.Path('osipy/_version.py').read_text() | |
| print(re.search(r'__version__\s*=\s*\"(.+?)\"', text).group(1)) | |
| ") | |
| IFS='.' read -r major minor patch <<< "$current" | |
| case "${{ inputs.bump }}" in | |
| major) major=$((major + 1)); minor=0; patch=0 ;; | |
| minor) minor=$((minor + 1)); patch=0 ;; | |
| patch) patch=$((patch + 1)) ;; | |
| esac | |
| new_version="${major}.${minor}.${patch}" | |
| sed -i "s/__version__ = \".*\"/__version__ = \"${new_version}\"/" osipy/_version.py | |
| echo "version=${new_version}" >> "$GITHUB_OUTPUT" | |
| - name: Create release PR | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| version="${{ steps.version.outputs.version }}" | |
| branch="release/v${version}" | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git checkout -b "$branch" | |
| git add osipy/_version.py | |
| git commit -m "release: v${version}" | |
| git push origin "$branch" | |
| gh pr create \ | |
| --title "release: v${version}" \ | |
| --body "Automated version bump to v${version}. Publish target: **${{ inputs.target }}**." \ | |
| --base main \ | |
| --head "$branch" | |
| # ── Stage 2: PR merged → tag, build, publish ── | |
| detect-target: | |
| if: >- | |
| github.event_name == 'pull_request' | |
| && github.event.pull_request.merged == true | |
| && startsWith(github.event.pull_request.head.ref, 'release/') | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.version.outputs.version }} | |
| target: ${{ steps.target.outputs.target }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Get version | |
| id: version | |
| run: | | |
| version=$(python3 -c " | |
| import re, pathlib | |
| text = pathlib.Path('osipy/_version.py').read_text() | |
| print(re.search(r'__version__\s*=\s*\"(.+?)\"', text).group(1)) | |
| ") | |
| echo "version=${version}" >> "$GITHUB_OUTPUT" | |
| - name: Detect publish target from PR body | |
| id: target | |
| run: | | |
| body="${{ github.event.pull_request.body }}" | |
| if echo "$body" | grep -qF '**testpypi**'; then | |
| echo "target=testpypi" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "target=pypi" >> "$GITHUB_OUTPUT" | |
| fi | |
| publish: | |
| needs: detect-target | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: ${{ needs.detect-target.outputs.target }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v5 | |
| - name: Create tag | |
| run: | | |
| git tag "v${{ needs.detect-target.outputs.version }}" | |
| git push origin "v${{ needs.detect-target.outputs.version }}" | |
| - name: Build package | |
| run: uv build | |
| - name: Create GitHub release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| tag_name: "v${{ needs.detect-target.outputs.version }}" | |
| name: "v${{ needs.detect-target.outputs.version }}" | |
| target_commitish: main | |
| generate_release_notes: true | |
| files: dist/* | |
| - name: Publish to PyPI | |
| if: needs.detect-target.outputs.target == 'pypi' | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| - name: Publish to TestPyPI | |
| if: needs.detect-target.outputs.target == 'testpypi' | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ |