2020 build_wheels :
2121 name : Build whl on ${{ matrix.os }}
2222 runs-on : ${{ matrix.os }}
23+ env :
24+ # Changing this requires changing pyproject.toml
25+ EXECUTABLE : bids-validator
2326 strategy :
2427 matrix :
2528 # windows-latest is an Intel runner
@@ -32,70 +35,49 @@ jobs:
3235 - ubuntu-latest
3336 - ubuntu-24.04-arm
3437 fail-fast : false
38+ permissions :
39+ attestations : write
3540 steps :
3641 - uses : actions/checkout@v4
3742 with :
3843 fetch-depth : 0
3944 - uses : denoland/setup-deno@v2
4045 with :
4146 deno-version : v2.x
42- - name : Set up Python
43- uses : actions/setup-python@v5
44- with :
45- python-version : 3.9
46- - name : Install build and twine
47- run : python -m pip install build twine
4847 - name : Compile deno binaries
4948 run : |
50- cd tools/pypi-whl
51- deno compile -ERNW --allow-run -o dist/bids-validator ../../src/bids-validator.ts
49+ deno compile -ERNW --allow-run -o dist/${EXECUTABLE} ../../src/bids-validator.ts
50+ working-directory : tools/pypi-whl
5251 - name : Print out the content of the dist folder after building validator binary
5352 run : ls -l tools/pypi-whl/dist/
54- - uses : actions/upload-artifact@v4
53+ - uses : hynek/build-and-inspect-python-package@v2
5554 with :
56- name : bids-validator-${{ matrix.os }}
57- path : |
58- tools/pypi-whl/dist/bids-validator
59- tools/pypi-whl/dist/bids-validator.*
60- name : Build wheel
61- run : python -m build --wheel
62- working-directory : tools/pypi-whl
63- - name : Print out the content of the dist folder after building the wheel
64- run : ls -l tools/pypi-whl/dist/
65- - name : Validate the wheel installs the BIDS validator correctly
66- run : |
67- python -m venv .venv
68- if [[ "$RUNNER_OS" == "Windows" ]]; then
69- ACTIVATE_PATH=.venv/Scripts/activate
70- BIDS_VALIDATOR_BINARY_NAME=bids-validator.exe
71- VENV_BIN_DIR=.venv/Scripts
72- else
73- ACTIVATE_PATH=.venv/bin/activate
74- BIDS_VALIDATOR_BINARY_NAME=bids-validator
75- VENV_BIN_DIR=.venv/bin
76- fi
77- source "$ACTIVATE_PATH"
55+ # Use attestation only if the action is triggered inside the repo
56+ attest-build-provenance-github : ${{ github.event_name == 'push' }}
57+ path : tools/pypi-whl
58+ - uses : actions/setup-python@v5
59+ with :
60+ python-version : 3
61+ - name : Check wheel
62+ run :
7863 pip install tools/pypi-whl/dist/*.whl
79- bids-validator --version
80- ls -lh "$VENV_BIN_DIR"
81- diff "$VENV_BIN_DIR"/"$BIDS_VALIDATOR_BINARY_NAME" tools/pypi-whl/dist/"$BIDS_VALIDATOR_BINARY_NAME"
82- deactivate
83- name : Check if distribution's description will render correctly on PyPI
84- run : twine check tools/pypi-whl/dist/*.whl
85- - uses : actions/upload-artifact@v4
64+ ${EXECUTABLE} --version
65+
66+ upload_wheels :
67+ name : Publish wheels to PyPI
68+ needs : [build_wheels]
69+ runs-on : ubuntu-latest
70+ steps :
71+ - name : Download packages built by build-and-inspect-python-package
72+ uses : actions/download-artifact@v4
8673 with :
87- name : wheel-${{ matrix.os }}
88- path : tools/pypi-whl/dist/*.whl
89- - name : Publish wheels if corresponds to a tag
90- # TODO: might be suboptimal since we might skip a tag if not the latest commit
91- run : |
92- cd tools/pypi-whl
93- # if a clean tag, no - in it
94- if git describe | grep -e -; then
95- echo not releasing;
96- else
97- twine upload --verbose --repository testpypi dist/*.whl
98- fi
99- env :
100- TWINE_USERNAME : __token__
101- TWINE_PASSWORD : ${{ secrets.PYPI_TOKEN }}
74+ name : Packages
75+ path : dist
76+ - name : Inspect artifacts
77+ run : ls -lR
78+ - name : Upload package to PyPI
79+ if : github.ref_type == 'tag'
80+ uses : pypa/gh-action-pypi-publish@release/v1
81+ with :
82+ repository-url : https://test.pypi.org/legacy/
83+ skip-existing : true
0 commit comments