Skip to content

Merge pull request #568 from fedora-infra/renovate/lock-file-maintenance #299

Merge pull request #568 from fedora-infra/renovate/lock-file-maintenance

Merge pull request #568 from fedora-infra/renovate/lock-file-maintenance #299

Workflow file for this run

name: Test & Build
on:
push:
branches:
- stable
- develop
tags:
- "*"
pull_request:
branches:
- stable
- develop
jobs:
checks:
name: Run Checks
runs-on: ubuntu-latest
container: fedorapython/fedora-python-tox:latest
steps:
- uses: actions/checkout@v4
- name: Mark the directory as safe for git
run: git config --global --add safe.directory $PWD
- name: Install RPM dependencies
run: |
dnf install -y krb5-devel libpq-devel gettext python-tox poetry
- name: Run tests
run: tox -e ${{ matrix.tox_env }}
strategy:
matrix:
tox_env:
- py39
- py310
- py311
- docs
- lint
- format
# https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/
build:
name: Build distribution πŸ“¦
runs-on: ubuntu-latest
needs:
- checks
outputs:
release-notes: ${{ steps.extract-changelog.outputs.markdown }}
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Install pypa/build
run: python3 -m pip install build --user
- name: Build a binary wheel and a source tarball
run: python3 -m build
- name: Store the distribution packages
uses: actions/upload-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Extract changelog section
id: extract-changelog
uses: sean0x42/markdown-extract@v2
with:
file: docs/changelog.md
pattern: 'Version\s+[[:word:].-]+'
no-print-matched-heading: true
- name: Show the changelog
env:
CHANGELOG: ${{ steps.extract-changelog.outputs.markdown }}
run: echo "$CHANGELOG"
publish-to-pypi:
name: Publish to PyPI πŸš€
if: startsWith(github.ref, 'refs/tags/') && !contains(github.ref, 'rc') # only publish to PyPI on final tag pushes
needs:
- build
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/p/tahrir
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Publish distribution to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
github-release:
name: Create a GitHub Release πŸ“’
needs:
- publish-to-pypi
- build
runs-on: ubuntu-latest
permissions:
contents: write # IMPORTANT: mandatory for making GitHub Releases
id-token: write # IMPORTANT: mandatory for sigstore
steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Sign the dists with Sigstore
uses: sigstore/[email protected]
with:
inputs: >-
./dist/*.tar.gz
./dist/*.whl
- name: Release
uses: softprops/action-gh-release@v2
with:
files: dist/*
fail_on_unmatched_files: true
body: ${{ needs.build.outputs.release-notes }}
# generate_release_notes: true