mirror of
https://github.com/theupdateframework/python-tuf
synced 2026-05-24 10:08:28 +00:00
68fd8a1cc6
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.0 to 3.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...2541b1294d2704b0964813337f33b291d3f8596b) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
87 lines
3.1 KiB
YAML
87 lines
3.1 KiB
YAML
name: CD
|
|
concurrency: cd
|
|
|
|
# Trigger workflow on any completed CI (see further checks below)
|
|
on:
|
|
workflow_run:
|
|
workflows: [CI]
|
|
types: [completed]
|
|
|
|
jobs:
|
|
build:
|
|
name: Build
|
|
runs-on: ubuntu-latest
|
|
# Skip unless CI was successful and ran on release tag, a ref starting with 'v'.
|
|
# NOTE: We assume CI does not trigger on branches that start with 'v' (see #1961)
|
|
if: >-
|
|
github.event.workflow_run.conclusion == 'success' &&
|
|
startsWith(github.event.workflow_run.head_branch, 'v')
|
|
outputs:
|
|
release_id: ${{ steps.gh-release.outputs.id }}
|
|
steps:
|
|
- name: Checkout release tag
|
|
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
|
|
with:
|
|
ref: ${{ github.event.workflow_run.head_branch }}
|
|
|
|
- name: Set up Python
|
|
uses: actions/setup-python@0ebf233433c08fb9061af664d501c3f3ff0e9e20
|
|
with:
|
|
python-version: '3.x'
|
|
|
|
- name: Install build dependency
|
|
run: python3 -m pip install --upgrade pip build
|
|
|
|
- name: Build binary wheel and source tarball
|
|
run: python3 -m build --sdist --wheel --outdir dist/ .
|
|
|
|
- id: gh-release
|
|
name: Publish GitHub release candiate
|
|
uses: softprops/action-gh-release@1e07f4398721186383de40550babbdf2b84acfc5
|
|
with:
|
|
name: ${{ github.event.workflow_run.head_branch }}-rc
|
|
tag_name: ${{ github.event.workflow_run.head_branch }}
|
|
body: "Release waiting for review..."
|
|
files: dist/*
|
|
|
|
- name: Store build artifacts
|
|
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
|
|
# NOTE: The GitHub release page contains the release artifacts too, but using
|
|
# GitHub upload/download actions seems robuster: there is no need to compute
|
|
# download URLs and tampering with artifacts between jobs is more limited.
|
|
with:
|
|
name: build-artifacts
|
|
path: dist
|
|
|
|
release:
|
|
name: Release
|
|
runs-on: ubuntu-latest
|
|
needs: build
|
|
environment: release
|
|
steps:
|
|
- name: Fetch build artifacts
|
|
uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
|
|
with:
|
|
name: build-artifacts
|
|
path: dist
|
|
|
|
- name: Publish binary wheel and source tarball on PyPI
|
|
uses: pypa/gh-action-pypi-publish@717ba43cfbb0387f6ce311b169a825772f54d295
|
|
with:
|
|
user: __token__
|
|
password: ${{ secrets.PYPI_API_TOKEN }}
|
|
|
|
- name: Finalize GitHub release
|
|
uses: actions/github-script@9ac08808f993958e9de277fe43a64532a609130e
|
|
with:
|
|
script: |
|
|
await github.rest.repos.updateRelease({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
release_id: '${{ needs.build.outputs.release_id }}',
|
|
name: '${{ github.event.workflow_run.head_branch }}',
|
|
body: 'See [CHANGELOG.md](https://github.com/' +
|
|
context.repo.owner + '/' + context.repo.repo + '/blob/' +
|
|
'${{ github.event.workflow_run.head_branch }}'+
|
|
'/docs/CHANGELOG.md) for details.'
|
|
})
|