publish release #22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # REF: https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/#the-whole-ci-cd-workflow | |
| name: publish release | |
| on: | |
| # run this workflow when manually triggered | |
| workflow_dispatch: | |
| inputs: | |
| part: | |
| description: "Semver part to bump (major, minor, patch)" | |
| type: choice | |
| required: true | |
| default: "patch" | |
| options: ["major", "minor", "patch"] | |
| dry-run: | |
| description: "Dry run" | |
| type: boolean | |
| required: true | |
| default: false | |
| skip-tests: | |
| description: "Skip tests" | |
| type: boolean | |
| required: true | |
| default: false | |
| jobs: | |
| bump: | |
| name: Bump version | |
| runs-on: ubuntu-latest | |
| outputs: | |
| VERSION: ${{ steps.get-version.outputs.VERSION }} | |
| SHORT_VERSION: ${{ steps.get-version.outputs.SHORT_VERSION }} | |
| MAJOR_VERSION: ${{ steps.get-version.outputs.MAJOR_VERSION }} | |
| MINOR_VERSION: ${{ steps.get-version.outputs.MINOR_VERSION }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Get tags | |
| run: git fetch --tags origin | |
| - name: Configure git for github-actions[bot] | |
| run: | | |
| git config --global user.name "github-actions[bot]" | |
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
| - name: Install Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - name: Install Twine | |
| run: pip install twine | |
| - name: Install bumpversion | |
| run: pip install bumpversion | |
| - name: Bump version with bumpversion | |
| run: | | |
| bumpversion ${{ github.event.inputs.part }} | |
| - name: Commit and push with tags | |
| if: ${{ github.event.inputs.dry-run == 'false' }} | |
| run: git push --follow-tags | |
| - name: Get version | |
| id: get-version | |
| run: | | |
| version="$(git describe --tags)" | |
| # remove the leading v from version | |
| version="${version:1}" | |
| echo "VERSION=$version" >> $GITHUB_OUTPUT | |
| major_version="$(cut -d '.' -f 1 <<< $version)" | |
| echo "MAJOR_VERSION=$major_version" >> $GITHUB_OUTPUT | |
| minor_version="$(cut -d '.' -f 2 <<< $version)" | |
| echo "MINOR_VERSION=$minor_version" >> $GITHUB_OUTPUT | |
| short_version="$major_version.$minor_version" | |
| echo "SHORT_VERSION=$short_version" >> $GITHUB_OUTPUT | |
| - name: Show short version | |
| run: echo ${{ steps.get-version.outputs.SHORT_VERSION }} | |
| build: | |
| name: Build distribution | |
| runs-on: ubuntu-latest | |
| needs: bump | |
| steps: | |
| - name: Show version | |
| run: echo ${{ needs.bump.outputs.VERSION }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| # want this to be the version that was just bumped | |
| ref: master | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - name: build sdist | |
| run: python setup.py sdist | |
| - name: Store the distribution packages | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| publish-to-pypi: | |
| name: Publish to PyPI | |
| needs: build | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: pypi | |
| url: https://pypi.org/p/emannotationschemas | |
| permissions: | |
| id-token: write # IMPORTANT: mandatory for trusted publishing | |
| steps: | |
| - name: Download all the dists | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| - name: Publish distribution to PyPI | |
| if: ${{ github.event.inputs.dry-run == 'false' }} | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| update-chart: | |
| name: Update emannotationschemas Helm chart | |
| runs-on: ubuntu-latest | |
| needs: bump | |
| if: ${{ github.event.inputs.dry-run == 'false' }} | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: Checkout EMAnnotationSchemas repo | |
| uses: actions/checkout@v4 | |
| - name: Checkout cave-helm-charts repo | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: CAVEconnectome/cave-helm-charts | |
| token: ${{ secrets.DEPENDENCY_UPDATE_TOKEN }} | |
| path: helm-charts | |
| - name: Update Chart.yaml appVersion | |
| id: update-chart | |
| run: | | |
| cd helm-charts | |
| chart_file="charts/emannotationschemas/Chart.yaml" | |
| # Update both appVersion and chart version to match application version | |
| sed -i "s/^appVersion: .*/appVersion: \"${{ needs.bump.outputs.VERSION }}\"/" $chart_file | |
| sed -i "s/^version: .*/version: ${{ needs.bump.outputs.VERSION }}/" $chart_file | |
| echo "Updated chart version to: ${{ needs.bump.outputs.VERSION }}" | |
| echo "Updated app version to: ${{ needs.bump.outputs.VERSION }}" | |
| echo "CHART_VERSION=${{ needs.bump.outputs.VERSION }}" >> $GITHUB_OUTPUT | |
| - name: Commit and push changes | |
| run: | | |
| cd helm-charts | |
| git config --local user.email "github-actions[bot]@users.noreply.github.com" | |
| git config --local user.name "github-actions[bot]" | |
| git add charts/emannotationschemas/Chart.yaml | |
| git commit -m "Update emannotationschemas to v${{ needs.bump.outputs.VERSION }} | |
| - Update appVersion to ${{ needs.bump.outputs.VERSION }} | |
| - Update chart version to ${{ needs.bump.outputs.VERSION }} | |
| Auto-generated by EMAnnotationSchemas release workflow" | |
| git push | |
| update-dependencies: | |
| name: Update EMAnnotationSchemas dependency in downstream services | |
| runs-on: ubuntu-latest | |
| needs: [bump, publish-to-pypi] | |
| if: ${{ github.event.inputs.dry-run == 'false' }} | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: Wait and verify PyPI availability | |
| run: | | |
| echo "Checking if emannotationschemas==${{ needs.bump.outputs.VERSION }} is available on PyPI..." | |
| # Retry for up to 10 minutes (20 attempts * 30 seconds) | |
| for i in {1..20}; do | |
| echo "Attempt $i/20: Checking PyPI availability..." | |
| if pip index versions emannotationschemas | grep -q "${{ needs.bump.outputs.VERSION }}"; then | |
| echo "✅ Package version found on PyPI on attempt $i" | |
| echo "emannotationschemas==${{ needs.bump.outputs.VERSION }} is now available" | |
| break | |
| else | |
| echo "❌ Package version not found on PyPI on attempt $i" | |
| if [ $i -lt 20 ]; then | |
| echo "Waiting 30 seconds before retry..." | |
| sleep 30 | |
| else | |
| echo "❌ Package still not available after 10 minutes of retries" | |
| echo "This indicates a serious issue with PyPI publishing - failing workflow" | |
| exit 1 | |
| fi | |
| fi | |
| done | |
| - name: Update AnnotationEngine dependency | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.DEPENDENCY_UPDATE_TOKEN }} | |
| script: | | |
| await github.rest.actions.createWorkflowDispatch({ | |
| owner: 'CAVEconnectome', | |
| repo: 'AnnotationEngine', | |
| workflow_id: 'update-dependency.yml', | |
| ref: 'master', | |
| inputs: { | |
| dependency: 'emannotationschemas', | |
| version: '${{ needs.bump.outputs.VERSION }}', | |
| bump_type: 'minor' | |
| } | |
| }); | |
| console.log('Triggered AnnotationEngine dependency update'); | |
| - name: Update MaterializationEngine dependency | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.DEPENDENCY_UPDATE_TOKEN }} | |
| script: | | |
| await github.rest.actions.createWorkflowDispatch({ | |
| owner: 'CAVEconnectome', | |
| repo: 'MaterializationEngine', | |
| workflow_id: 'update-dependency.yml', | |
| ref: 'master', | |
| inputs: { | |
| dependency: 'emannotationschemas', | |
| version: '${{ needs.bump.outputs.VERSION }}', | |
| bump_type: 'minor' | |
| } | |
| }); | |
| console.log('Triggered MaterializationEngine dependency update'); |