deploy #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: deploy | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: 'Release version' | |
| required: true | |
| default: '1.2.3' | |
| jobs: | |
| package: | |
| runs-on: ubuntu-latest | |
| # Required by attest-build-provenance-github. | |
| permissions: | |
| id-token: write | |
| attestations: write | |
| env: | |
| SETUPTOOLS_SCM_PRETEND_VERSION: ${{ github.event.inputs.version }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Build and Check Package | |
| uses: hynek/[email protected] | |
| with: | |
| attest-build-provenance-github: 'true' | |
| deploy: | |
| needs: package | |
| runs-on: ubuntu-latest | |
| environment: deploy | |
| permissions: | |
| id-token: write # For PyPI trusted publishers. | |
| contents: write # For tag and release notes. | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download Package | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: Packages | |
| path: dist | |
| - name: Publish package to PyPI | |
| uses: pypa/[email protected] | |
| with: | |
| attestations: true | |
| - name: Push tag | |
| run: | | |
| git config user.name "pytest bot" | |
| git config user.email "[email protected]" | |
| git tag --annotate --message=v${{ github.event.inputs.version }} v${{ github.event.inputs.version }} ${{ github.sha }} | |
| git push origin v${{ github.event.inputs.version }} | |
| - name: GitHub Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| body_path: scripts/latest-release-notes.md | |
| files: dist/* | |
| tag_name: v${{ github.event.inputs.version }} |