-
Notifications
You must be signed in to change notification settings - Fork 0
132 lines (115 loc) · 3.53 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: Release
run-name: bump ${{ inputs.version }} version by @${{ github.actor }}
on:
workflow_dispatch:
inputs:
version:
type: choice
description: 'part of the project version to update'
options:
- major
- minor
- patch
required: true
env:
PIP_NO_OPTION: on
PIP_NO_CLEAN: on
PIP_PREFER_BINARY: on
permissions:
contents: write
packages: write
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false
jobs:
release:
runs-on: ubuntu-latest
timeout-minutes: 10
outputs:
tag: ${{ steps.release.outputs.tag }}
steps:
- name: Checkout repo
uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Cache requirements
uses: actions/cache@v4
env:
cache-name: cache-requirements
with:
path: ~/.cache/pip
key: ${{ env.cache-name }}-${{ hashFiles('requirements.txt') }}
restore-keys: |
${{ env.cache-name }}-
- name: Setup python
uses: actions/setup-python@v5
with:
python-version: 3.11
- name: Install requirements
run: make setup
- name: Configure git
env:
SIGNING_KEY: ${{ secrets.SIGNING_KEY }}
SIGNING_PUB: ${{ secrets.SIGNING_PUB }}
run: |
eval "$(ssh-agent -s)"
install --directory ~/.ssh --mode 700
base64 -d <<< '${{ secrets.SIGNING_KEY }}' > ~/.ssh/mex
base64 -d <<< '${{ secrets.SIGNING_PUB }}' > ~/.ssh/mex.pub
chmod 600 ~/.ssh/*
ssh-add ~/.ssh/mex
git config --local user.email ${{ vars.MEX_BOT_EMAIL }}
git config --local user.name ${{ vars.MEX_BOT_USER }}
git config --local gpg.format ssh
git config --local user.signingkey ~/.ssh/mex.pub
git config --local commit.gpgsign true
- name: Release new version
id: release
env:
GH_TOKEN: ${{ secrets.WORKFLOW_TOKEN }}
run: |
pdm release ${{ inputs.version }}
echo "tag=$(git describe --abbrev=0 --tags)" >> "$GITHUB_OUTPUT"
containerize:
runs-on: ubuntu-latest
timeout-minutes: 10
needs: release
steps:
- name: Build, tag and push docker image to ghcr
uses: GlueOps/[email protected]
with:
tags: "${{ github.sha }},${{ needs.release.outputs.tag }},latest"
distribute:
runs-on: ubuntu-latest
timeout-minutes: 10
needs: release
steps:
- name: Checkout repo
uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Cache requirements
uses: actions/cache@v4
env:
cache-name: cache-requirements
with:
path: ~/.cache/pip
key: ${{ env.cache-name }}-${{ hashFiles('requirements.txt') }}
restore-keys: |
${{ env.cache-name }}-
- name: Setup python
uses: actions/setup-python@v5
with:
python-version: 3.11
- name: Install requirements
run: make setup
- name: Build wheel and sdist distros and create a github release
env:
GH_TOKEN: ${{ secrets.WORKFLOW_TOKEN }}
PDM_CHECK_UPDATE: False
run: |
gh release create ${{ needs.release.outputs.tag }} --generate-notes --latest --verify-tag
pdm build --dest dist
for filename in dist/*; do
gh release upload ${{ needs.release.outputs.tag }} ${filename};
done