Update workflow and release scripts #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish new release version | |
| on: | |
| push: | |
| branches: [main] | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v6 | |
| with: | |
| enable-cache: true | |
| - name: Set up Python | |
| run: uv python install | |
| - name: Install dependencies | |
| run: | | |
| uv sync --all-groups --locked | |
| - name: Run tests | |
| run: | | |
| uv run pytest -v | |
| publish: | |
| needs: test | |
| runs-on: ubuntu-latest | |
| environment: publish | |
| permissions: | |
| contents: write | |
| id-token: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # Need full history for commit count | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v6 | |
| with: | |
| enable-cache: true | |
| - name: Set up Python | |
| run: uv python install | |
| - name: Install dependencies | |
| run: | | |
| uv sync --all-groups --locked | |
| - name: Import GPG key | |
| uses: crazy-max/ghaction-import-gpg@v6 | |
| with: | |
| gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
| passphrase: ${{ secrets.GPG_PASSPHRASE }} | |
| git_user_signingkey: true | |
| git_commit_gpgsign: true | |
| git_tag_gpgsign: true | |
| - name: Configure Git | |
| run: | | |
| git config user.name "${{ vars.SIGNED_COMMIT_USER }}" | |
| git config user.email "${{ vars.SIGNED_COMMIT_EMAIL }}" | |
| git config commit.gpgsign true | |
| git config tag.gpgsign true | |
| - name: Create publish commit and build | |
| run: | | |
| # This command does everything: | |
| # - Updates version in pyproject.toml | |
| # - Builds the package | |
| # - Creates signed commit with version/hash info | |
| # - Creates signed tag | |
| uv run poe create-publish-commit | |
| # Export values for the release step | |
| echo "VERSION=$(uv version --short)" >> $GITHUB_ENV | |
| # Get changelog since last release | |
| echo "CHANGELOG<<EOF" >> $GITHUB_ENV | |
| git log magg/latest..${{ github.sha }} >> $GITHUB_ENV | |
| echo "EOF" >> $GITHUB_ENV | |
| # Update the latest tag to point to the current commit | |
| git tag -d magg/latest || true | |
| git tag --no-sign magg/latest | |
| - name: Push changes back to main | |
| run: | | |
| git push origin main | |
| git push origin --tags | |
| # Also push the updated latest tag (force in case it exists) | |
| git push origin magg/latest --force | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| tag_name: magg/v${{ env.VERSION }} | |
| name: Magg v${{ env.VERSION }} | |
| body: | | |
| # 🧲 Magg Release v${{ env.VERSION }} | |
| Automatically generated release triggered by commit `${{ github.sha }}`. | |
| ## Changes | |
| ``` | |
| ${{ env.CHANGELOG }} | |
| ``` | |
| ## Installation | |
| ```bash | |
| uv add magg==${{ env.VERSION }} | |
| ``` | |
| files: | | |
| dist/*.tar.gz | |
| dist/*.whl | |
| - name: Publish to PyPI | |
| if: success() | |
| env: | |
| PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }} | |
| run: | | |
| uv run poe pypi-publish |