Update to pypa/gh-action-pypi-publish
1.12.3
#412
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
pull_request: | |
push: | |
branches: [develop, main] | |
tags: ["[0-9]+.[0-9]+.[0-9]+*"] | |
workflow_dispatch: | |
inputs: | |
environment: | |
description: GitHub Actions deployment environment | |
required: false | |
type: environment | |
jobs: | |
setup: | |
runs-on: ubuntu-latest | |
outputs: | |
environment-name: ${{ steps.set-env.outputs.environment-name }} | |
environment-url: ${{ steps.set-env.outputs.environment-url }} | |
repo-name: ${{ steps.set-env.outputs.repo-name }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set GitHub Actions deployment environment | |
id: set-env | |
run: | | |
repo_name=${GITHUB_REPOSITORY##*/} | |
if ${{ github.event_name == 'workflow_dispatch' }}; then | |
environment_name=${{ inputs.environment }} | |
elif ${{ github.ref_type == 'tag' }}; then | |
environment_name="PyPI" | |
else | |
environment_name="" | |
fi | |
if [ "$environment_name" = "PyPI" ]; then | |
url="https://pypi.org/project/$repo_name/" | |
environment_url="$url$GITHUB_REF_NAME/" | |
else | |
timestamp="$(date -Iseconds)" | |
url="https://api.github.com/repos/$GITHUB_REPOSITORY/deployments" | |
environment_url="$url?timestamp=$timestamp" | |
fi | |
echo "environment-name=$environment_name" >>"$GITHUB_OUTPUT" | |
echo "environment-url=$environment_url" >>"$GITHUB_OUTPUT" | |
echo "repo-name=$repo_name" >>"$GITHUB_OUTPUT" | |
- name: Create annotation for deployment environment | |
if: steps.set-env.outputs.environment-name != '' | |
run: echo "::notice::Deployment environment ${{ steps.set-env.outputs.environment-name }}" | |
ci: | |
runs-on: ubuntu-latest | |
needs: [setup] | |
permissions: | |
id-token: write | |
strategy: | |
matrix: | |
python-version: ["3.9", "3.10", "3.11", "3.12"] | |
env: | |
HATCH_ENV: "ci" | |
HATCH_VERSION: "1.13.0" | |
PIPX_VERSION: "1.7.1" | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Set up pip cache | |
if: runner.os == 'Linux' | |
uses: actions/cache@v4 | |
with: | |
path: ~/.cache/pip | |
key: ${{ runner.os }}-pip-${{ hashFiles('pyproject.toml') }} | |
restore-keys: ${{ runner.os }}-pip- | |
- name: Install pipx for Python ${{ matrix.python-version }} | |
run: python -m pip install "pipx==$PIPX_VERSION" | |
- name: Install Hatch | |
run: pipx install "hatch==$HATCH_VERSION" | |
- name: Test Hatch version | |
run: | | |
HATCH_VERSION_INSTALLED=$(hatch --version) | |
echo "The HATCH_VERSION environment variable is set to $HATCH_VERSION." | |
echo "The installed Hatch version is ${HATCH_VERSION_INSTALLED##Hatch, version }." | |
case $HATCH_VERSION_INSTALLED in | |
*$HATCH_VERSION) echo "Hatch version correct." ;; | |
*) echo "Hatch version incorrect." && exit 1 ;; | |
esac | |
- name: Install dependencies | |
run: hatch env create ${{ env.HATCH_ENV }} | |
- name: Test virtualenv location | |
run: | | |
EXPECTED_VIRTUALENV_PATH=$GITHUB_WORKSPACE/.venv | |
INSTALLED_VIRTUALENV_PATH=$(hatch env find) | |
echo "The virtualenv should be at $EXPECTED_VIRTUALENV_PATH." | |
echo "Hatch is using a virtualenv at $INSTALLED_VIRTUALENV_PATH." | |
case "$INSTALLED_VIRTUALENV_PATH" in | |
"$EXPECTED_VIRTUALENV_PATH") echo "Correct Hatch virtualenv." ;; | |
*) echo "Incorrect Hatch virtualenv." && exit 1 ;; | |
esac | |
- name: Test that Git tag version and Python package version match | |
if: github.ref_type == 'tag' && matrix.python-version == '3.12' | |
run: | | |
GIT_TAG_VERSION=$GITHUB_REF_NAME | |
PACKAGE_VERSION=$(hatch version) | |
echo "The Python package version is $PACKAGE_VERSION." | |
echo "The Git tag version is $GIT_TAG_VERSION." | |
if [ "$PACKAGE_VERSION" = "$GIT_TAG_VERSION" ]; then | |
echo "Versions match." | |
else | |
echo "Versions do not match." && exit 1 | |
fi | |
- name: Run Hatch script for code quality checks | |
run: hatch run ${{ env.HATCH_ENV }}:check | |
- uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ secrets.AWS_S3_BUCKET_REGION }} | |
role-to-assume: ${{ secrets.AWS_IAM_ROLE_ARN }} | |
role-duration-seconds: 1200 | |
- name: Run tests | |
run: hatch run ${{ env.HATCH_ENV }}:coverage run -m pytest --durations=0 --durations-min=0.1 | |
timeout-minutes: 5 | |
env: | |
AWS_IAM_ACCESS_KEY_FASTENV: ${{ secrets.AWS_IAM_ACCESS_KEY_FASTENV }} | |
AWS_IAM_ACCESS_KEY_SESSION: ${{ env.AWS_ACCESS_KEY_ID }} | |
AWS_IAM_SECRET_KEY_FASTENV: ${{ secrets.AWS_IAM_SECRET_KEY_FASTENV }} | |
AWS_IAM_SECRET_KEY_SESSION: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
AWS_IAM_SESSION_TOKEN: ${{ env.AWS_SESSION_TOKEN }} | |
AWS_S3_BUCKET_HOST: ${{ secrets.AWS_S3_BUCKET_HOST }} | |
BACKBLAZE_B2_ACCESS_KEY_FASTENV: ${{ secrets.BACKBLAZE_B2_ACCESS_KEY_FASTENV }} | |
BACKBLAZE_B2_BUCKET_HOST: ${{ secrets.BACKBLAZE_B2_BUCKET_HOST }} | |
BACKBLAZE_B2_BUCKET_REGION: ${{ secrets.BACKBLAZE_B2_BUCKET_REGION }} | |
BACKBLAZE_B2_SECRET_KEY_FASTENV: ${{ secrets.BACKBLAZE_B2_SECRET_KEY_FASTENV }} | |
CLOUDFLARE_R2_ACCESS_KEY_FASTENV: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_FASTENV }} | |
CLOUDFLARE_R2_BUCKET_HOST: ${{ secrets.CLOUDFLARE_R2_BUCKET_HOST }} | |
CLOUDFLARE_R2_SECRET_KEY_FASTENV: ${{ secrets.CLOUDFLARE_R2_SECRET_KEY_FASTENV }} | |
- name: Enforce test coverage | |
run: hatch run ${{ env.HATCH_ENV }}:coverage report | |
- name: Build Python package | |
run: hatch build | |
- name: Upload Python package artifacts | |
if: > | |
github.ref_type == 'tag' && | |
matrix.python-version == '3.12' && | |
needs.setup.outputs.environment-name == 'PyPI' | |
uses: actions/upload-artifact@v4 | |
with: | |
if-no-files-found: error | |
name: ${{ needs.setup.outputs.repo-name }}-${{ github.ref_name }} | |
path: dist | |
pypi: | |
environment: | |
name: ${{ needs.setup.outputs.environment-name }} | |
url: ${{ needs.setup.outputs.environment-url }} | |
if: github.ref_type == 'tag' && needs.setup.outputs.environment-name == 'PyPI' | |
needs: [setup, ci] | |
permissions: | |
id-token: write | |
runs-on: ubuntu-latest | |
steps: | |
- name: Download Python package artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
merge-multiple: true | |
name: ${{ needs.setup.outputs.repo-name }}-${{ github.ref_name }} | |
path: dist | |
- name: Publish Python package to PyPI | |
uses: pypa/gh-action-pypi-publish@67339c736fd9354cd4f8cb0b744f2b82a74b5c70 | |
changelog: | |
if: github.ref_type == 'tag' | |
needs: [ci, pypi] | |
permissions: | |
contents: write | |
pull-requests: write | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
ref: develop | |
- name: Generate changelog from Git tags | |
run: | | |
echo '# Changelog | |
' >CHANGELOG.md | |
echo '# Changelog | |
[View on GitHub](https://github.com/${{github.repository}}/blob/HEAD/CHANGELOG.md) | |
' >docs/changelog.md | |
GIT_LOG_FORMAT='## %(subject) - %(taggerdate:short) | |
%(contents:body) | |
Tagger: %(taggername) %(taggeremail) | |
Date: %(taggerdate:iso) | |
```text | |
%(contents:signature)``` | |
' | |
git tag -l --sort=-taggerdate:iso --format="$GIT_LOG_FORMAT" >>CHANGELOG.md | |
git tag -l --sort=-taggerdate:iso --format="$GIT_LOG_FORMAT" >>docs/changelog.md | |
- name: Format changelog with Prettier | |
run: npx -s -y prettier@'^3.4' --write CHANGELOG.md docs/changelog.md | |
- name: Create pull request with updated changelog | |
uses: peter-evans/create-pull-request@v6 | |
with: | |
add-paths: | | |
CHANGELOG.md | |
docs/changelog.md | |
author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | |
branch: create-pull-request/${{ github.ref_name }} | |
commit-message: Update changelog for version ${{ github.ref_name }} | |
title: Update changelog for version ${{ github.ref_name }} |