CI tweaks #40
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: deploy | ||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| version: | ||
| description: 'Release version' | ||
| required: true | ||
| default: '1.2.3' | ||
| # Set permissions at the job level. | ||
| permissions: {} | ||
| jobs: | ||
| package: | ||
| runs-on: ubuntu-latest | ||
| env: | ||
| SETUPTOOLS_SCM_PRETEND_VERSION: ${{ github.event.inputs.version }} | ||
| timeout-minutes: 10 | ||
| # Required by attest-build-provenance-github. | ||
| permissions: | ||
| id-token: write | ||
| attestations: write | ||
| steps: | ||
| - uses: actions/checkout@v5 | ||
| with: | ||
| fetch-depth: 0 | ||
| persist-credentials: false | ||
| - name: Build and Check Package | ||
| uses: hynek/build-and-inspect-python-package@efb823f52190ad02594531168b7a2d5790e66516 | ||
| with: | ||
| attest-build-provenance-github: 'true' | ||
| generate-gh-release-notes: | ||
| needs: [package] | ||
| runs-on: ubuntu-latest | ||
| timeout-minutes: 30 | ||
| permissions: | ||
| contents: read | ||
| steps: | ||
| - uses: actions/checkout@v5 | ||
| with: | ||
| fetch-depth: 0 | ||
| persist-credentials: false | ||
| - name: Set up Python | ||
| uses: actions/setup-python@v6 | ||
| with: | ||
| python-version: "3.13" | ||
| - name: Install tox | ||
| run: | | ||
| python -m pip install --upgrade pip | ||
| pip install --upgrade tox | ||
| - name: Generate release notes | ||
| env: | ||
| VERSION: ${{ github.event.inputs.version }} | ||
| run: | | ||
| tox -e generate-gh-release-notes -- "$VERSION" gh-release-notes.md | ||
| - name: Upload release notes | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: release-notes | ||
| path: gh-release-notes.md | ||
| retention-days: 1 | ||
| publish-to-pypi: | ||
| if: github.repository == 'pytest-dev/pytest' | ||
| # Need generate-gh-release-notes only for ordering. | ||
| # Don't want to release to PyPI if generating GitHub release notes fails. | ||
| needs: [package, generate-gh-release-notes] | ||
| needs: [package] | ||
| runs-on: ubuntu-latest | ||
| environment: deploy | ||
| timeout-minutes: 30 | ||
| permissions: | ||
| id-token: write | ||
| steps: | ||
| - name: Download Package | ||
| uses: actions/download-artifact@v6 | ||
| with: | ||
| name: Packages | ||
| path: dist | ||
| - name: Publish package to PyPI | ||
| uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e | ||
| with: | ||
| attestations: true | ||
| push-tag: | ||
| needs: [publish-to-pypi] | ||
| runs-on: ubuntu-latest | ||
| timeout-minutes: 10 | ||
| permissions: | ||
| contents: write | ||
| steps: | ||
| - uses: actions/checkout@v5 | ||
| with: | ||
| fetch-depth: 0 | ||
| persist-credentials: true | ||
| - name: Push tag | ||
| env: | ||
| VERSION: ${{ github.event.inputs.version }} | ||
| run: | | ||
| git config user.name "pytest bot" | ||
| git config user.email "[email protected]" | ||
| git tag --annotate --message=v"$VERSION" "$VERSION" ${{ github.sha }} | ||
| git push origin "$VERSION" | ||
| create-github-release: | ||
| needs: [push-tag, generate-gh-release-notes] | ||
| runs-on: ubuntu-latest | ||
| timeout-minutes: 10 | ||
| permissions: | ||
| contents: write | ||
| steps: | ||
| - name: Download Package | ||
| uses: actions/download-artifact@v6 | ||
| with: | ||
| name: Packages | ||
| path: dist | ||
| - name: Download release notes | ||
| uses: actions/download-artifact@v6 | ||
| with: | ||
| name: release-notes | ||
| path: . | ||
| - name: Publish GitHub Release | ||
| env: | ||
| VERSION: ${{ github.event.inputs.version }} | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: | | ||
| gh release create --notes-file gh-release-notes.md --verify-tag "$VERSION" dist/* | ||
