1+ name : Publish pamila to PyPI and TestPyPI
2+
3+ on : push
4+
5+ jobs :
6+ build :
7+ name : Build distribution
8+ runs-on : ubuntu-latest
9+
10+ steps :
11+ - uses : actions/checkout@v4
12+ - name : Set up Python
13+ uses : actions/setup-python@v5
14+ with :
15+ python-version : " 3.x"
16+ - name : Install pypa/build
17+ run : python3 -m pip install build --user
18+ - name : Build a binary wheel and a source tarball
19+ run : python3 -m build
20+ - name : Store the distribution packages
21+ uses : actions/upload-artifact@v4
22+ with :
23+ name : python-package-distributions
24+ path : dist/
25+
26+ publish-to-pypi :
27+ name : Publish accml distribution to PyPI
28+ if : startsWith(github.ref, 'refs/tags/') # only publish to PyPI on tag pushes
29+ needs :
30+ - build
31+ runs-on : ubuntu-latest
32+ environment :
33+ name : pypi
34+ url : https://pypi.org/p/pamila
35+ permissions :
36+ id-token : write # IMPORTANT: mandatory for trusted publishing
37+ steps :
38+ - name : Download all the dists
39+ uses : actions/download-artifact@v4
40+ with :
41+ name : python-package-distributions
42+ path : dist/
43+ - name : Publish distribution to PyPI
44+ uses : pypa/gh-action-pypi-publish@release/v1
45+
46+ github-release :
47+ name : Sign accl with Sigstore and upload them to GitHub Release
48+ needs :
49+ - publish-to-pypi
50+ runs-on : ubuntu-latest
51+
52+ permissions :
53+ contents : write # IMPORTANT: mandatory for making GitHub Releases
54+ id-token : write # IMPORTANT: mandatory for sigstore
55+
56+ steps :
57+ - name : Download all the dists
58+ uses : actions/download-artifact@v4
59+ with :
60+ name : python-package-distributions
61+ path : dist/
62+ - name : Sign the dists with Sigstore
63+ 64+ with :
65+ inputs : >-
66+ ./dist/*.tar.gz
67+ ./dist/*.whl
68+ name : Create GitHub Release
69+ env :
70+ GITHUB_TOKEN : ${{ github.token }}
71+ run : >-
72+ gh release create
73+ '${{ github.ref_name }}'
74+ --repo '${{ github.repository }}'
75+ --notes ""
76+ name : Upload artifact signatures to GitHub Release
77+ env :
78+ GITHUB_TOKEN : ${{ github.token }}
79+ # Upload to GitHub Release using the `gh` CLI.
80+ # `dist/` contains the built packages, and the
81+ # sigstore-produced signatures and certificates.
82+ run : >-
83+ gh release upload
84+ '${{ github.ref_name }}' dist/**
85+ --repo '${{ github.repository }}'
86+
87+ publish-to-testpypi :
88+ name : Publish accml to TestPyPI
89+ needs :
90+ - build
91+ runs-on : ubuntu-latest
92+
93+ environment :
94+ name : testpypi
95+ url : https://test.pypi.org/p/pamila
96+
97+ permissions :
98+ id-token : write # IMPORTANT: mandatory for trusted publishing
99+
100+ steps :
101+ - name : Download all the dists
102+ uses : actions/download-artifact@v4
103+ with :
104+ name : python-package-distributions
105+ path : dist/
106+ - name : Publish distribution 📦 to TestPyPI
107+ uses : pypa/gh-action-pypi-publish@release/v1
108+ with :
109+ repository-url : https://test.pypi.org/legacy/
0 commit comments