Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement current best practice for using Github Actions for package building and PyPI distribution #182

Merged
merged 8 commits into from
Aug 22, 2024
Merged

Implement current best practice for using Github Actions for package building and PyPI distribution #182

Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
6d9f14e
Use latest reference code for CI/CD to PyPI using Github Actions
kjd Aug 3, 2024
e98f6b8
Verbose reporting on Test PyPI upload
kjd Aug 3, 2024
1361c16
Rename idna* to idna_preflight*
kjd Aug 3, 2024
7e2073a
Use actions/download-artifact@v4
kjd Aug 3, 2024
b8d9784
Back out idna_preflight substitution
kjd Aug 3, 2024
f8a8de4
Do not try to build/send packages to TestPyPI for now
kjd Aug 22, 2024
c109d3a
Merge branch 'master' into github-pypi-actions
kjd Aug 22, 2024
e1a1541
Pin Github Actions dependencies
kjd Aug 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
129 changes: 104 additions & 25 deletions .github/workflows/deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,35 +1,114 @@
# This workflow will install Python dependencies, run tests and lint with a variety of Python versions
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
# Adapted from https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/

name: "Publish to PyPI"
name: Publish to PyPI
on: push
jobs:

on:
push:
tags:
- "*"
build:
name: Build distribution
runs-on: ubuntu-latest

permissions:
contents: "read"
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Set up Python
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5
with:
python-version: "3.x"
- name: Install pypa/build
run: python3 -m pip install build --user
- name: Build a binary wheel and a source tarball
run: python3 -m build
- name: Store the distribution packages
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4
with:
name: python-package-distributions
path: dist/

jobs:
publish:
name: "Publish to PyPI"
runs-on: "ubuntu-latest"
publish-to-pypi:
name: >-
Publish to PyPI
if: startsWith(github.ref, 'refs/tags/') # only publish to PyPI on tag pushes
needs:
- build
runs-on: ubuntu-latest
environment:
name: "publish"
name: pypi
url: https://pypi.org/p/idna # Replace <package-name> with your PyPI project name
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing

steps:
- name: "Checkout repository"
uses: "actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b"
- name: Download all the dists
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: python-package-distributions
path: dist/
- name: Publish distribution to PyPI
uses: pypa/gh-action-pypi-publish@release/v1

- name: "Setup Python"
uses: "actions/setup-python@b55428b1882923874294fa556849718a1d7f2ca5"
github-release:
name: Sign and upload GitHub Release
needs:
- publish-to-pypi
runs-on: ubuntu-latest

permissions:
contents: write # IMPORTANT: mandatory for making GitHub Releases
id-token: write # IMPORTANT: mandatory for sigstore

steps:
- name: Download the dists
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
python-version: "3.x"
name: python-package-distributions
path: dist/
- name: Sign with Sigstore
uses: sigstore/[email protected]
with:
inputs: >-
./dist/*.tar.gz
./dist/*.whl
- name: Create GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
run: >-
gh release create
'${{ github.ref_name }}'
--repo '${{ github.repository }}'
--notes ""
- name: Upload artifact signatures to GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
# Upload to GitHub Release using the `gh` CLI.
# `dist/` contains the built packages, and the
# sigstore-produced signatures and certificates.
run: >-
gh release upload
'${{ github.ref_name }}' dist/**
--repo '${{ github.repository }}'

# publish-to-testpypi:
# name: Publish to Test PyPI
# needs:
# - build
# runs-on: ubuntu-latest

# environment:
# name: testpypi
# url: https://test.pypi.org/p/idna

- name: "Build dists"
run: |
python -m pip install build
python -m build
# permissions:
# id-token: write # IMPORTANT: mandatory for trusted publishing

- name: "Publish to PyPI"
uses: "pypa/gh-action-pypi-publish@37f50c210e3d2f9450da2cd423303d6a14a6e29f"
# steps:
# - name: Download all the dists
# uses: actions/download-artifact@v4
# with:
# name: python-package-distributions
# path: dist/
# - name: Publish distribution to TestPyPI
# uses: pypa/gh-action-pypi-publish@release/v1
# with:
# verbose: true
# print-hash: true
# repository-url: https://test.pypi.org/legacy/