-
Notifications
You must be signed in to change notification settings - Fork 18
165 lines (146 loc) · 5.32 KB
/
release.yml
File metadata and controls
165 lines (146 loc) · 5.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
---
name: "Release"
on: # yamllint disable-line rule:truthy rule:comments
release:
types: ["published"]
jobs:
build:
name: "Build package with poetry"
runs-on: "ubuntu-latest"
if: "startsWith(github.ref, 'refs/tags/v')"
steps:
- uses: "actions/checkout@v4"
- name: "Setup environment"
uses: "networktocode/gh-action-setup-poetry-environment@v7"
with:
poetry-version: "2.1.3"
python-version: "3.12"
poetry-install-options: "--no-root"
- name: "Build Documentation"
run: "poetry run invoke build-and-check-docs"
- name: "Run Poetry Build"
run: "poetry build"
- name: "Check that the release tag matches the version in pyproject.toml"
run: |
if [ "${{ github.ref_name }}" != "v$(poetry version -s)" ]; then exit 1; fi
- uses: "actions/upload-artifact@v4"
with:
name: "distfiles"
path: "dist/"
if-no-files-found: "error"
publish-github:
name: "Publish to GitHub"
runs-on: "ubuntu-latest"
if: "startsWith(github.ref, 'refs/tags/v')"
permissions:
contents: "write"
needs: "build"
steps:
- uses: "actions/checkout@v4"
- name: "Retrieve built package from cache"
uses: "actions/download-artifact@v4"
with:
name: "distfiles"
path: "dist/"
- name: "Upload binaries to release"
run: "gh release upload ${{ github.ref_name }} dist/*.{tar.gz,whl}"
env:
GH_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
publish-pypi:
name: "Push Package to PyPI"
runs-on: "ubuntu-latest"
if: "startsWith(github.ref, 'refs/tags/v')"
needs: "build"
environment: "pypi"
permissions:
# IMPORTANT: this permission is mandatory for Trusted Publishing
id-token: "write"
steps:
- name: "Retrieve built package from cache"
uses: "actions/download-artifact@v4"
with:
name: "distfiles"
path: "dist/"
- name: "Publish package distributions to PyPI"
uses: "pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e" # v1.13.0
slack-notify:
needs:
- "publish-github"
- "publish-pypi"
runs-on: "ubuntu-latest"
env:
# Secrets cannot be directly referenced in if: conditionals. They must be set as a job env var first.
# Ref: https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#example-using-secrets
SLACK_WEBHOOK_URL: "${{ secrets.OSS_PYPI_SLACK_WEBHOOK_URL }}"
SLACK_WEBHOOK_TYPE: "INCOMING_WEBHOOK"
SLACK_MESSAGE: >-
*NOTIFICATION: NEW-RELEASE-PUBLISHED*\n
Repository: <${{ github.server_url }}/${{ github.repository }}|${{ github.repository }}>\n
Release: <${{ github.server_url }}/${{ github.repository }}/releases/tag/${{ github.ref_name }}|${{ github.ref_name }}>\n
Published by: <${{ github.server_url }}/${{ github.actor }}|${{ github.actor }}>
steps:
- name: "Send a notification to Slack"
if: "${{ env.SLACK_WEBHOOK_URL != '' }}"
uses: "slackapi/slack-github-action@fcfb566f8b0aab22203f066d80ca1d7e4b5d05b3" # v1.27.1
with:
payload: |
{
"text": "${{ env.SLACK_MESSAGE }}",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "${{ env.SLACK_MESSAGE }}"
}
}
]
}
create-pr-to-develop:
if: "github.event.release.target_commitish == 'main'"
permissions:
contents: "write"
pull-requests: "write"
name: "Create a PR from main into develop"
needs:
- "publish-github"
- "publish-pypi"
runs-on: "ubuntu-latest"
steps:
- name: "Checkout main"
uses: "actions/checkout@v4"
with:
ref: "main"
fetch-depth: 0
- name: "Setup environment"
uses: "networktocode/gh-action-setup-poetry-environment@v6"
with:
poetry-version: "2.1.3"
poetry-install-options: "--no-root"
- name: "Create release branch from main"
id: "branch"
run: |
git config user.name "${{ github.actor }}"
git config user.email "${{ github.actor }}@users.noreply.github.com"
TAG_NAME="${{ github.event.release.tag_name }}"
VERSION="${TAG_NAME#v}"
BRANCH_NAME="release-${VERSION}-to-develop"
# Ensure release branch doesn't already exist
if git rev-parse --verify origin/$BRANCH_NAME > /dev/null 2>&1; then
echo "Error: Release branch $BRANCH_NAME already exists."
exit 1
fi
git checkout -b "$BRANCH_NAME"
poetry version prepatch
git add pyproject.toml && git commit -m "Bump version"
git push origin "$BRANCH_NAME"
echo "branch_name=$BRANCH_NAME" >> $GITHUB_OUTPUT
- name: "Create Pull Request to develop"
env:
GH_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
run: |
gh pr create \
--title "Post release ${{ github.event.release.tag_name }} to develop" \
--body "Please do a merge commit." \
--base "develop" \
--head "${{ steps.branch.outputs.branch_name }}"