Skip to content

Commit 38b9667

Browse files
author
Elia Robyn Lake
committed
replace my publish config with the guide
1 parent 8ac691c commit 38b9667

File tree

1 file changed

+102
-19
lines changed

1 file changed

+102
-19
lines changed

.github/workflows/publish.yml

Lines changed: 102 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1,37 +1,120 @@
1-
name: Publish
1+
name: Publish Python 🐍 distribution 📦 to PyPI and TestPyPI
2+
23
on:
34
push:
45
tags:
56
- "v*"
7+
68
jobs:
79
build:
10+
name: Build distribution 📦
811
runs-on: ubuntu-latest
9-
steps:
10-
- uses: actions/checkout@v3
1112

12-
- uses: actions/setup-python@v3
13+
steps:
14+
- uses: actions/checkout@v4
15+
- name: Set up Python
16+
uses: actions/setup-python@v5
17+
with:
18+
python-version: "3.x"
19+
- name: Install pypa/build
20+
run: >-
21+
python3 -m
22+
pip install
23+
build
24+
--user
25+
- name: Build a binary wheel and a source tarball
26+
run: python3 -m build
27+
- name: Store the distribution packages
28+
uses: actions/upload-artifact@v4
1329
with:
14-
python-version: 3.11
30+
name: python-package-distributions
31+
path: dist/
1532

16-
- run: |
17-
pip install hatchling
18-
hatchling build
33+
publish-to-pypi:
34+
name: >-
35+
Publish Python 🐍 distribution 📦 to PyPI
36+
if: startsWith(github.ref, 'refs/tags/') # only publish to PyPI on tag pushes
37+
needs:
38+
- build
39+
runs-on: ubuntu-latest
40+
environment:
41+
name: pypi
42+
url: https://pypi.org/p/ftfy
43+
permissions:
44+
id-token: write # IMPORTANT: mandatory for trusted publishing
1945

20-
- uses: actions/upload-artifact@v3
46+
steps:
47+
- name: Download all the dists
48+
uses: actions/download-artifact@v4
2149
with:
22-
path: ./dist
23-
24-
pypi-publish:
25-
needs: ["build"]
26-
environment: "publish"
50+
name: python-package-distributions
51+
path: dist/
52+
- name: Publish distribution 📦 to PyPI
53+
uses: pypa/gh-action-pypi-publish@release/v1
2754

28-
name: upload release to PyPI
55+
github-release:
56+
name: >-
57+
Sign the Python 🐍 distribution 📦 with Sigstore
58+
and upload them to GitHub Release
59+
needs:
60+
- publish-to-pypi
2961
runs-on: ubuntu-latest
62+
3063
permissions:
31-
# IMPORTANT: this permission is mandatory for trusted publishing
32-
id-token: write
64+
contents: write # IMPORTANT: mandatory for making GitHub Releases
65+
id-token: write # IMPORTANT: mandatory for sigstore
66+
3367
steps:
34-
- uses: actions/[email protected]
68+
- name: Download all the dists
69+
uses: actions/download-artifact@v4
70+
with:
71+
name: python-package-distributions
72+
path: dist/
73+
- name: Sign the dists with Sigstore
74+
uses: sigstore/[email protected]
75+
with:
76+
inputs: >-
77+
./dist/*.tar.gz
78+
./dist/*.whl
79+
- name: Create GitHub Release
80+
env:
81+
GITHUB_TOKEN: ${{ github.token }}
82+
run: >-
83+
gh release create
84+
'${{ github.ref_name }}'
85+
--repo '${{ github.repository }}'
86+
--notes ""
87+
- name: Upload artifact signatures to GitHub Release
88+
env:
89+
GITHUB_TOKEN: ${{ github.token }}
90+
# Upload to GitHub Release using the `gh` CLI.
91+
# `dist/` contains the built packages, and the
92+
# sigstore-produced signatures and certificates.
93+
run: >-
94+
gh release upload
95+
'${{ github.ref_name }}' dist/**
96+
--repo '${{ github.repository }}'
97+
98+
publish-to-testpypi:
99+
name: Publish Python 🐍 distribution 📦 to TestPyPI
100+
needs:
101+
- build
102+
runs-on: ubuntu-latest
103+
104+
environment:
105+
name: testpypi
106+
url: https://test.pypi.org/p/ftfy
35107

36-
- name: Publish package distributions to PyPI
108+
permissions:
109+
id-token: write # IMPORTANT: mandatory for trusted publishing
110+
111+
steps:
112+
- name: Download all the dists
113+
uses: actions/download-artifact@v4
114+
with:
115+
name: python-package-distributions
116+
path: dist/
117+
- name: Publish distribution 📦 to TestPyPI
37118
uses: pypa/gh-action-pypi-publish@release/v1
119+
with:
120+
repository-url: https://test.pypi.org/legacy/

0 commit comments

Comments
 (0)