mirror of
https://github.com/theupdateframework/python-tuf
synced 2026-05-24 10:08:28 +00:00
faef040407
Add workflow with two jobs to build and publish on PyPI. The release job waits for the build job and uses a custom release environment, which can be configured to require review. To share the build artifacts between the jobs and to make them available for intermediate review, they are stored using 'actions/upload-artifact' and 'actions/download-artifact'. https://docs.github.com/en/actions/using-workflows/storing-workflow-data-as-artifacts To upload the build artifacts to PyPI, the PyPA recommended 'pypa/gh-action-pypi-publish' is used. https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/ **Caveat** The URL to grab the artifacts, e.g. for review, requires knowledge of action ID and artifact ID, and a login token (no special permissions). This makes it a bit cumbersome to fetch the artifacts with a script and compare them to a local build. https://docs.github.com/en/actions/managing-workflow-runs/downloading-workflow-artifacts Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu> |
||
|---|---|---|
| .. | ||
| workflows | ||
| dependabot.yml | ||
| ISSUE_TEMPLATE.md | ||
| PULL_REQUEST_TEMPLATE.md | ||