44 workflow_dispatch :
55
66jobs :
7+ build_wheels :
8+ name : Build wheels for Python SDK on ${{ matrix.os }}
9+ runs-on : ${{ matrix.os }}
10+ if : startsWith(github.ref, 'refs/heads/sdk-core/')
11+ strategy :
12+ fail-fast : false
13+ matrix :
14+ # macOS 13 is an Intel runner and macOS 14 is an Apple Silicon runner
15+ os : [ubuntu-22.04, ubuntu-22.04-arm, windows-latest, macos-13, macos-14]
16+ steps :
17+ - uses : actions/checkout@v4
18+ - name : Upgrade build dependencies
19+ run : python -m pip install --upgrade pip setuptools wheel
20+
21+ # Need to grab the SDK version for the wheel name
22+ - name : Extract SDK Version
23+ run : echo "SDK_VERSION=$(cat .VERSION)" >> "$GITHUB_ENV"
24+ shell : bash
25+
26+ - name : Install cibuildwheel
27+ run : |
28+ python -m pip install cibuildwheel
29+
30+ name : Build wheels
31+ env :
32+ CIBW_SKIP : pp* *-musllinux_*
33+ CIBW_MANYLINUX_X86_64_IMAGE : " quay.io/pypa/manylinux_2_34_x86_64"
34+ CIBW_MANYLINUX_AARCH64_IMAGE : " quay.io/pypa/manylinux_2_34_aarch64"
35+ CIBW_ARCHS : " native" # Equivalent to python's platform.machine()
36+ CIBW_BEFORE_BUILD_WINDOWS : " pip install delvewheel"
37+ CIBW_REPAIR_WHEEL_COMMAND_WINDOWS : " delvewheel repair -w {dest_dir} {wheel}"
38+ CIBW_TEST_REQUIRES : " pydantic pytest pytest-asyncio"
39+ MACOSX_DEPLOYMENT_TARGET : " 12.0"
40+ CIBW_TEST_COMMAND : " python -m pytest {project}/src/onepassword/test_client.py"
41+ OP_SERVICE_ACCOUNT_TOKEN : ${{ secrets.TEST_SERVICE_ACCOUNT_TOKEN }}
42+ CIBW_ENVIRONMENT_PASS_LINUX : OP_SERVICE_ACCOUNT_TOKEN # We have to specify this to pass the token to the test command
43+ run : |
44+ python -m cibuildwheel --output-dir dist
45+
46+ uses : actions/upload-artifact@v4
47+ with :
48+ name : onepassword-sdk-${{ env.SDK_VERSION }}-${{ matrix.os }}
49+ path : ./dist/*.whl
50+
51+ build-sdist :
52+ name : Build source distribution for Python SDK
53+ runs-on : ubuntu-latest
54+ if : startsWith(github.ref, 'refs/heads/sdk-core/')
55+ steps :
56+ - uses : actions/checkout@v4
57+
58+ - name : Extract SDK Version
59+ run : echo "SDK_VERSION=$(cat .VERSION)" >> "$GITHUB_ENV"
60+ shell : bash
61+
62+ - name : Install dependencies
63+ run : pip3 install build pydantic pytest pytest-asyncio
64+
65+ - name : Build source distribution
66+ run : python3 -m build --sdist
67+
68+ - name : Test Source Distribution
69+ env :
70+ OP_SERVICE_ACCOUNT_TOKEN : ${{ secrets.TEST_SERVICE_ACCOUNT_TOKEN }}
71+ run : |
72+ python3 -m pip install dist/*.tar.gz
73+ python3 -m pytest src/onepassword/test_client.py
74+
75+ uses : actions/upload-artifact@v4
76+ with :
77+ name : onepassword-sdk-${{ env.SDK_VERSION }}
78+ path : ./dist/*.tar.gz
79+
780 release-sdk :
881 runs-on : ubuntu-latest
982 if : startsWith(github.ref, 'refs/heads/sdk-core/') # Only run on branches that start with sdk-core/
@@ -17,13 +90,28 @@ jobs:
1790 git_user_signingkey : true
1891 git_commit_gpgsign : true
1992 git_tag_gpgsign : true
20- - name : Setup Git User
21- run : |
22- git config user.name "$GITHUB_ACTOR"
23- git config user.email "[email protected] " 2493
2594 - name : Run the Release Script
2695 env :
2796 GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
2897 run : make release
2998 shell : bash
99+
100+ publish-to-pypi :
101+ name : Publish to PyPI
102+ runs-on : ubuntu-latest
103+ if : startsWith(github.ref, 'refs/heads/sdk-core/')
104+ environment :
105+ name : pypi
106+ url : https://pypi.org/project/onepassword-sdk/
107+ permissions :
108+ id-token : write # IMPORTANT: this permission is mandatory for trusted publishing
109+ needs : [build_wheels, build-sdist]
110+ steps :
111+ - uses : actions/download-artifact@v4
112+ with :
113+ pattern : onepassword-sdk-*
114+ path : ./dist
115+ merge-multiple : true
116+ - name : Publish package distributions to PyPi
117+ uses : pypa/gh-action-pypi-publish@release/v1.12
0 commit comments