v1.0.0 #1
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: upload-pypi | |
| on: | |
| release: | |
| types: [published] | |
| permissions: | |
| contents: write | |
| id-token: write | |
| jobs: | |
| release-build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Set version from release tag | |
| run: echo "VERSION=${{ github.event.release.tag_name }}" >> $GITHUB_ENV | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.x" | |
| - name: Build release distributions | |
| run: | | |
| # NOTE: put your own distribution build steps here. | |
| python -m pip install build | |
| python -m build | |
| - name: Upload distributions | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: release-dists | |
| path: dist/ | |
| pypi-publish: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - release-build | |
| permissions: | |
| # IMPORTANT: this permission is mandatory for trusted publishing | |
| id-token: write | |
| # Dedicated environments with protections for publishing are strongly recommended. | |
| # For more information, see: https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules | |
| environment: | |
| name: pypi | |
| # OPTIONAL: uncomment and update to include your PyPI project URL in the deployment status: | |
| #url: https://pypi.org/p/${GITHUB_REPOSITORY#*/} | |
| # | |
| # ALTERNATIVE: if your GitHub Release name is the PyPI project version string | |
| # ALTERNATIVE: exactly, uncomment the following line instead: | |
| url: https://pypi.org/project/${GITHUB_REPOSITORY#*/}/${{ github.event.release.name }} | |
| steps: | |
| - name: Retrieve release distributions | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: release-dists | |
| path: dist/ | |
| - name: Publish release distributions to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| packages-dir: dist/ | |
| sign-package: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - release-build | |
| steps: | |
| - name: Download all the dists | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: release-dists | |
| path: dist/ | |
| - name: Sign the dists with Sigstore | |
| uses: sigstore/[email protected] | |
| with: | |
| inputs: >- | |
| ./dist/*.tar.gz | |
| ./dist/*.whl | |
| publish-to-testpypi: | |
| name: Publish Python 🐍 distribution 📦 to TestPyPI | |
| needs: | |
| - release-build | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: testpypi | |
| url: https://test.pypi.org/p/${GITHUB_REPOSITORY#*/} | |
| permissions: | |
| id-token: write # IMPORTANT: mandatory for trusted publishing | |
| steps: | |
| - name: Download all the dists | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: release-dists | |
| path: dist/ | |
| - name: Publish distribution 📦 to TestPyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ |