Release #32
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| # Orchestrates both production and development releases. | |
| # PyPI publishing is done directly in this top-level workflow | |
| # because PyPI Trusted Publishing does not support reusable workflows. | |
| # See: https://docs.pypi.org/trusted-publishers/troubleshooting/#reusable-workflows-on-github | |
| on: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - '[0-9]+.[0-9]+.[0-9]+' | |
| workflow_dispatch: {} | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| # ── Production Release (tag push) ────────────────────────────── | |
| build_prod: | |
| name: 🚀 Production Release | |
| if: startsWith(github.ref, 'refs/tags/') | |
| uses: ./.github/workflows/release-prod.yml | |
| secrets: inherit | |
| permissions: | |
| contents: read # Required for checkout | |
| id-token: write # Required for nodejs OIDC | |
| publish_prod_pypi: | |
| name: 📤 Publish to PyPI | |
| if: startsWith(github.ref, 'refs/tags/') | |
| needs: build_prod | |
| runs-on: ubuntu-latest | |
| environment: pypi | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: 📥 Download marimo dist | |
| uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 | |
| with: | |
| name: pypi-marimo | |
| path: dist/ | |
| - name: 📤 Upload to PyPI | |
| uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # release/v1 | |
| with: | |
| skip-existing: true | |
| verbose: true | |
| - name: 📢 Notify release result | |
| if: always() | |
| continue-on-error: true | |
| uses: marimo-team/internal-gh-actions/release-notification@ba06d4db1f3c5c9b86983ce409e57196f8376777 # main | |
| with: | |
| status: ${{ job.status }} | |
| slack-webhook-url: ${{ secrets.SLACK_WEBHOOK_URL_RELEASES }} | |
| artifact-url: "https://pypi.org/project/marimo/" | |
| publish_docker: | |
| name: 🐋 Publish Docker images | |
| if: startsWith(github.ref, 'refs/tags/') | |
| needs: [build_prod, publish_prod_pypi] | |
| uses: ./.github/workflows/publish-docker.yml | |
| with: | |
| marimo_version: ${{ needs.build_prod.outputs.marimo_version }} | |
| secrets: inherit | |
| permissions: | |
| contents: read # Required for checkout | |
| packages: write # Required for Docker image publishing | |
| # ── Development Release (push to main) ───────────────────────── | |
| build_dev: | |
| name: 🔧 Development Release | |
| if: github.ref == 'refs/heads/main' | |
| uses: ./.github/workflows/release-dev.yml | |
| secrets: inherit | |
| permissions: | |
| contents: read # Required for checkout | |
| id-token: write # Required for nodejs OIDC | |
| publish_dev_pypi_marimo: | |
| name: 📤 Publish marimo to TestPyPI | |
| if: github.ref == 'refs/heads/main' | |
| needs: build_dev | |
| runs-on: ubuntu-latest | |
| environment: testpypi | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: 📥 Download marimo dist | |
| uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 | |
| with: | |
| name: pypi-marimo-dev | |
| path: dist/ | |
| - name: 📤 Upload to TestPyPI | |
| uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # release/v1 | |
| with: | |
| verbose: true | |
| repository-url: https://test.pypi.org/legacy/ | |
| publish_dev_pypi_marimo_base: | |
| name: 📤 Publish marimo-base to TestPyPI | |
| if: github.ref == 'refs/heads/main' | |
| needs: build_dev | |
| runs-on: ubuntu-latest | |
| environment: testpypi | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: 📥 Download marimo-base dist | |
| uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 | |
| with: | |
| name: pypi-marimo-base-dev | |
| path: dist/ | |
| - name: 📤 Upload to TestPyPI | |
| uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # release/v1 | |
| with: | |
| verbose: true | |
| repository-url: https://test.pypi.org/legacy/ | |
| comment_pr: | |
| name: 📝 Comment PR | |
| if: github.ref == 'refs/heads/main' | |
| needs: [build_dev, publish_dev_pypi_marimo, publish_dev_pypi_marimo_base] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: 📝 Comment PR | |
| uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 | |
| continue-on-error: true | |
| env: | |
| MARIMO_VERSION: ${{ needs.build_dev.outputs.marimo_version }} | |
| with: | |
| script: | | |
| try { | |
| const marimoVersion = process.env.MARIMO_VERSION || 'unknown'; | |
| const pullRequest = await github.rest.search.issuesAndPullRequests({ | |
| q: `sha:${context.sha} is:pr is:merged` | |
| }); | |
| if (pullRequest.data.items.length > 0) { | |
| await github.rest.issues.createComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: pullRequest.data.items[0].number, | |
| body: `🚀 Development release published. You may be able to view the changes at https://marimo.app?v=${encodeURIComponent(marimoVersion)}` | |
| }); | |
| } else { | |
| console.log("No merged PR found for this SHA."); | |
| } | |
| } catch (err) { | |
| console.error(err); | |
| } |