-
Notifications
You must be signed in to change notification settings - Fork 1
139 lines (120 loc) · 5.03 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: release
run-name: Release ${{ inputs.VERSION }} (pre-release - ${{ inputs.IS_PRE_RELEASE }}) by @${{ github.actor }} from ${{ github.ref_name }}
on:
workflow_dispatch:
inputs:
VERSION:
description: "The version to release"
required: true
IS_PRE_RELEASE:
description: "It IS a pre-release"
required: true
default: false
type: boolean
jobs:
bump: # This job is used to bump the version and create a release
runs-on: ubuntu-latest
env:
VERSION: ${{ inputs.VERSION }}
GH_TOKEN: ${{ github.token }}
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
permissions:
contents: write
steps:
- name: set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: install dependencies
run: |
pip install --upgrade pip
pip install build hatch
- name: configure git with the bot credentials
run: |
mkdir -p ~/.ssh
ssh-keyscan github.com >> ~/.ssh/known_hosts
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
ssh-add - <<< "${{ secrets.NEXTMVBOT_SSH_KEY }}"
echo "${{ secrets.NEXTMVBOT_SIGNING_KEY }}" > ~/.ssh/signing.key
chmod 600 ~/.ssh/signing.key
git config --global user.name "nextmv-bot"
git config --global user.email "[email protected]"
git config --global gpg.format ssh
git config --global user.signingkey ~/.ssh/signing.key
git clone [email protected]:nextmv-io/nextplot.git
- name: upgrade version with hatch
run: hatch version ${{ env.VERSION }}
working-directory: ./nextplot
- name: commit new version
run: |
git add nextplot/__about__.py
git commit -S -m "Bump version to $VERSION"
git push
git tag $VERSION
git push origin $VERSION
working-directory: ./nextplot
- name: create release
run: |
PRERELEASE_FLAG=""
if [ ${{ inputs.IS_PRE_RELEASE }} = true ]; then
PRERELEASE_FLAG="--prerelease"
fi
gh release create $VERSION \
--verify-tag \
--generate-notes \
--title $VERSION $PRERELEASE_FLAG
working-directory: ./nextplot
- name: ensure passing build
run: python -m build
working-directory: ./nextplot
release: # This job is used to publish the release to PyPI/TestPyPI
runs-on: ubuntu-latest
needs: bump
strategy:
matrix:
include:
- target-env: pypi
target-url: https://pypi.org/p/nextplot
- target-env: testpypi
target-url: https://test.pypi.org/p/nextplot
environment:
name: ${{ matrix.target-env }}
url: ${{ matrix.target-url }}
permissions:
contents: read
id-token: write # This is required for trusted publishing to PyPI
steps:
- name: git clone develop
uses: actions/checkout@v4
with:
ref: develop
- name: set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: install dependencies
run: |
pip install --upgrade pip
pip install build hatch
- name: build binary wheel and source tarball
run: python -m build
- name: Publish package distributions to PyPI
if: ${{ matrix.target-env == 'pypi' }}
uses: pypa/gh-action-pypi-publish@release/v1
with:
packages-dir: ./dist
- name: Publish package distributions to TestPyPI
if: ${{ matrix.target-env == 'testpypi' }}
uses: pypa/gh-action-pypi-publish@release/v1
with:
repository-url: https://test.pypi.org/legacy/
packages-dir: ./dist
notify:
runs-on: ubuntu-latest
needs: release
if: ${{ needs.release.result == 'success' && inputs.IS_PRE_RELEASE == false }}
steps:
- name: notify slack
run: |
export DATA="{\"text\":\"Release notification - nextplot ${{ inputs.VERSION }} (see <https://github.com/nextmv-io/nextplot/releases/${{ inputs.VERSION }}|release notes> / <https://pypi.org/project/nextplot|PyPI>)\"}"
curl -X POST -H 'Content-type: application/json' --data "$DATA" ${{ secrets.SLACK_URL_MISSION_CONTROL }}