v4.2.1 - 2026-04-01 #14
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: "Release" | |
| on: # yamllint disable-line rule:truthy rule:comments | |
| release: | |
| types: ["published"] | |
| jobs: | |
| build: | |
| name: "Build package with poetry" | |
| runs-on: "ubuntu-latest" | |
| if: "startsWith(github.ref, 'refs/tags/v')" | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| - name: "Setup environment" | |
| uses: "networktocode/gh-action-setup-poetry-environment@v7" | |
| with: | |
| poetry-version: "2.1.3" | |
| python-version: "3.12" | |
| poetry-install-options: "--no-root" | |
| - name: "Build Documentation" | |
| run: "poetry run invoke build-and-check-docs" | |
| - name: "Run Poetry Build" | |
| run: "poetry build" | |
| - name: "Check that the release tag matches the version in pyproject.toml" | |
| run: | | |
| if [ "${{ github.ref_name }}" != "v$(poetry version -s)" ]; then exit 1; fi | |
| - uses: "actions/upload-artifact@v4" | |
| with: | |
| name: "distfiles" | |
| path: "dist/" | |
| if-no-files-found: "error" | |
| publish-github: | |
| name: "Publish to GitHub" | |
| runs-on: "ubuntu-latest" | |
| if: "startsWith(github.ref, 'refs/tags/v')" | |
| permissions: | |
| contents: "write" | |
| needs: "build" | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| - name: "Retrieve built package from cache" | |
| uses: "actions/download-artifact@v4" | |
| with: | |
| name: "distfiles" | |
| path: "dist/" | |
| - name: "Upload binaries to release" | |
| run: "gh release upload ${{ github.ref_name }} dist/*.{tar.gz,whl}" | |
| env: | |
| GH_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
| publish-pypi: | |
| name: "Push Package to PyPI" | |
| runs-on: "ubuntu-latest" | |
| if: "startsWith(github.ref, 'refs/tags/v')" | |
| needs: "build" | |
| environment: "pypi" | |
| permissions: | |
| # IMPORTANT: this permission is mandatory for Trusted Publishing | |
| id-token: "write" | |
| steps: | |
| - name: "Retrieve built package from cache" | |
| uses: "actions/download-artifact@v4" | |
| with: | |
| name: "distfiles" | |
| path: "dist/" | |
| - name: "Publish package distributions to PyPI" | |
| uses: "pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e" # v1.13.0 | |
| slack-notify: | |
| needs: | |
| - "publish-github" | |
| - "publish-pypi" | |
| runs-on: "ubuntu-latest" | |
| env: | |
| # Secrets cannot be directly referenced in if: conditionals. They must be set as a job env var first. | |
| # Ref: https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#example-using-secrets | |
| SLACK_WEBHOOK_URL: "${{ secrets.OSS_PYPI_SLACK_WEBHOOK_URL }}" | |
| SLACK_WEBHOOK_TYPE: "INCOMING_WEBHOOK" | |
| SLACK_MESSAGE: >- | |
| *NOTIFICATION: NEW-RELEASE-PUBLISHED*\n | |
| Repository: <${{ github.server_url }}/${{ github.repository }}|${{ github.repository }}>\n | |
| Release: <${{ github.server_url }}/${{ github.repository }}/releases/tag/${{ github.ref_name }}|${{ github.ref_name }}>\n | |
| Published by: <${{ github.server_url }}/${{ github.actor }}|${{ github.actor }}> | |
| steps: | |
| - name: "Send a notification to Slack" | |
| if: "${{ env.SLACK_WEBHOOK_URL != '' }}" | |
| uses: "slackapi/slack-github-action@fcfb566f8b0aab22203f066d80ca1d7e4b5d05b3" # v1.27.1 | |
| with: | |
| payload: | | |
| { | |
| "text": "${{ env.SLACK_MESSAGE }}", | |
| "blocks": [ | |
| { | |
| "type": "section", | |
| "text": { | |
| "type": "mrkdwn", | |
| "text": "${{ env.SLACK_MESSAGE }}" | |
| } | |
| } | |
| ] | |
| } | |
| create-pr-to-develop: | |
| if: "github.event.release.target_commitish == 'main'" | |
| permissions: | |
| contents: "write" | |
| pull-requests: "write" | |
| name: "Create a PR from main into develop" | |
| needs: | |
| - "publish-github" | |
| - "publish-pypi" | |
| runs-on: "ubuntu-latest" | |
| steps: | |
| - name: "Checkout main" | |
| uses: "actions/checkout@v4" | |
| with: | |
| ref: "main" | |
| fetch-depth: 0 | |
| - name: "Setup environment" | |
| uses: "networktocode/gh-action-setup-poetry-environment@v6" | |
| with: | |
| poetry-version: "2.1.3" | |
| poetry-install-options: "--no-root" | |
| - name: "Create release branch from main" | |
| id: "branch" | |
| run: | | |
| git config user.name "${{ github.actor }}" | |
| git config user.email "${{ github.actor }}@users.noreply.github.com" | |
| TAG_NAME="${{ github.event.release.tag_name }}" | |
| VERSION="${TAG_NAME#v}" | |
| BRANCH_NAME="release-${VERSION}-to-develop" | |
| # Ensure release branch doesn't already exist | |
| if git rev-parse --verify origin/$BRANCH_NAME > /dev/null 2>&1; then | |
| echo "Error: Release branch $BRANCH_NAME already exists." | |
| exit 1 | |
| fi | |
| git checkout -b "$BRANCH_NAME" | |
| poetry version prepatch | |
| git add pyproject.toml && git commit -m "Bump version" | |
| git push origin "$BRANCH_NAME" | |
| echo "branch_name=$BRANCH_NAME" >> $GITHUB_OUTPUT | |
| - name: "Create Pull Request to develop" | |
| env: | |
| GH_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
| run: | | |
| gh pr create \ | |
| --title "Post release ${{ github.event.release.tag_name }} to develop" \ | |
| --body "Please do a merge commit." \ | |
| --base "develop" \ | |
| --head "${{ steps.branch.outputs.branch_name }}" |