Add automatic release to PyPI and Github

Signed-off-by: Aurélien Bompard <[email protected]>
fedora-infra · Jan 10, 2024 · 3df9c11 · 3df9c11
1 parent 6500b29
commit 3df9c11
Show file tree

Hide file tree

Showing 4 changed files with 179 additions and 78 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -0,0 +1,172 @@
+name: Tests & Build
+
+on:
+  push:
+    branches:
+      - stable
+      - dev
+    tags:
+      - v**
+  pull_request:
+    branches:
+      - stable
+      - dev
+
+jobs:
+  misc_tests:
+    name: Misc tests
+    container:
+      image: fedorapython/fedora-python-tox
+      options: --user 1001:1001
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run tests
+        run: tox -e ${{ matrix.tox_env }}
+    strategy:
+      matrix:
+        tox_env:
+          - lint
+          - format
+          - licenses
+          - security
+          - docs
+    runs-on: ubuntu-latest
+
+  unit_tests:
+    name: Unit tests
+    container: fedorapython/fedora-python-tox:latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Mark the directory as safe for git
+        run: git config --global --add safe.directory $PWD
+      - name: Run tests
+        run: tox -e ${{ matrix.tox_env }}
+    strategy:
+      matrix:
+        tox_env:
+          - py39-unittest
+          - py310-unittest
+    runs-on: ubuntu-latest
+
+  integration_tests:
+    name: Integration tests
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install RabbitMQ
+        uses: mer-team/[email protected]
+        with:
+          RABBITMQ_TAG: "3-management-alpine"
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python }}
+      - name: Install Tox
+        run: pip install tox
+      - name: Run integration tests
+        # Run tox using the version of Python in `PATH`
+        run: tox -e py-integration
+    strategy:
+      matrix:
+        python:
+          - "3.9"
+          - "3.10"
+    runs-on: ubuntu-latest
+
+  # https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/
+  build:
+    name: Build distribution 📦
+    runs-on: ubuntu-latest
+    needs:
+      - misc_tests
+      - unit_tests
+      - integration_tests
+    outputs:
+      release-notes: ${{ steps.extract-changelog.outputs.markdown }}
+
+    steps:
+
+      - uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.x"
+
+      - name: Install pypa/build
+        run: python3 -m pip install build --user
+
+      - name: Build a binary wheel and a source tarball
+        run: python3 -m build
+
+      - name: Store the distribution packages
+        uses: actions/upload-artifact@v4
+        with:
+          name: python-package-distributions
+          path: dist/
+
+      - name: Extract changelog section
+        id: extract-changelog
+        uses: sean0x42/markdown-extract@v2
+        with:
+          file: docs/release_notes.md
+          pattern: 'v[[:digit:].]+'
+          no-print-matched-heading: true
+      - name: Show the changelog
+        env:
+          CHANGELOG: ${{ steps.extract-changelog.outputs.markdown }}
+        run: echo "$CHANGELOG"
+
+
+  publish-to-pypi:
+    name: Publish to PyPI 🚀
+    # only publish to PyPI on final tag pushes
+    if: startsWith(github.ref, 'refs/tags/') && !contains(github.ref, 'rc')
+    needs:
+      - build
+    runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      url: https://pypi.org/p/noggin-aaa
+    permissions:
+      id-token: write  # IMPORTANT: mandatory for trusted publishing
+
+    steps:
+      - name: Download all the dists
+        uses: actions/download-artifact@v4
+        with:
+          name: python-package-distributions
+          path: dist/
+
+      - name: Publish distribution to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+
+
+  github-release:
+    name: Create a GitHub Release 📢
+    needs:
+      - publish-to-pypi
+      - build
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write  # IMPORTANT: mandatory for making GitHub Releases
+      id-token: write  # IMPORTANT: mandatory for sigstore
+
+    steps:
+      - name: Download all the dists
+        uses: actions/download-artifact@v4
+        with:
+          name: python-package-distributions
+          path: dist/
+
+      - name: Sign the dists with Sigstore
+        uses: sigstore/[email protected]
+        with:
+          inputs: >-
+            ./dist/*.tar.gz
+            ./dist/*.whl
+
+      - name: Release
+        uses: softprops/action-gh-release@v1
+        with:
+          files: dist/*
+          fail_on_unmatched_files: true
+          body: ${{ needs.build.outputs.release-notes }}
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
diff --git a/docs/contributing.rst b/docs/contributing.rst
@@ -192,11 +192,13 @@ Releasing
 
 When cutting a new release, follow these steps:
 
-#. Update the version in ``pyproject.toml``
+#. Update the version in ``pyproject.toml`` by running ``poetry version major|minor|patch``
+   depending on the contents of the release.
+#. Run ``poetry install`` to update the package's metadata.
 #. Add missing authors to the release notes fragments by changing to the ``news`` directory and
    running the ``get-authors.py`` script, but check for duplicates and errors
-#. Generate the release notes by running ``poetry run towncrier`` (in the base directory)
-#. Adjust the release notes in ``docs/release_notes.rst``.
+#. Generate the release notes by running ``poetry run towncrier build`` (in the base directory)
+#. Adjust the release notes in ``docs/release_notes.md``.
 #. Generate the docs with ``tox -r -e docs`` and check them in ``docs/_build/html``.
 #. Commit the changes
 #. Push the commit to the upstream Github repository (via a PR or not).
@@ -205,9 +207,7 @@ When cutting a new release, follow these steps:
 #. Tag the commit with ``-s`` to generate a signed tag
 #. Push the commit to the upstream Github repository with ``git push``,
    and the new tag with ``git push --tags``
-#. Generate a tarball and push to PyPI with the command ``poetry publish --build``
-#. Create `the release on GitHub <https://github.com/fedora-infra/noggin/tags>`_ and copy the
-   release notes in there,
+#. The tarball will be automatically published to PyPI, and a Github release will be created.
 #. Deploy and announce.
 
 

diff --git a/news/_template.md b/news/_template.md
@@ -60,7 +60,7 @@ reviews for this release:
 {% for text, values in sections[section]["author"].items() -%}
 - {{ text }}
 {% endfor -%}
-{%- endif -%}
+{%- endif %}
 
 {% else -%}
 No significant changes.