|
1 | 1 | name: publish-pypi |
2 | | - |
3 | 2 | on: |
4 | 3 | workflow_dispatch: |
5 | 4 | inputs: |
6 | 5 | tag: |
7 | | - description: "Tag a publicar (por defecto: último v*)" |
| 6 | + description: "Release tag (vX.Y.Z). Dejar vacío para detectar último." |
8 | 7 | required: false |
| 8 | + type: string |
9 | 9 | workflow_run: |
10 | | - workflows: ["semantic-release"] |
| 10 | + workflows: [semantic-release] |
11 | 11 | types: [completed] |
| 12 | + branches: [main] |
12 | 13 |
|
13 | 14 | permissions: |
14 | | - id-token: write |
15 | 15 | contents: read |
| 16 | + id-token: write |
16 | 17 | packages: write |
17 | | - attestations: write |
18 | 18 |
|
19 | 19 | jobs: |
20 | 20 | publish: |
21 | | - if: github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success' |
22 | | - environment: pypi |
| 21 | + if: ${{ github.event_name == 'workflow_dispatch' || (github.event.workflow_run.conclusion == 'success') }} |
23 | 22 | runs-on: ubuntu-latest |
| 23 | + environment: pypi |
24 | 24 | steps: |
25 | 25 | - name: Checkout con tags |
26 | 26 | uses: actions/checkout@v4 |
27 | | - with: { fetch-depth: 0 } |
| 27 | + with: {fetch-depth: 0} |
28 | 28 |
|
29 | 29 | - name: Resolver TAG |
30 | 30 | id: tag |
31 | 31 | shell: bash |
32 | 32 | run: | |
33 | | - if [[ -n "${{ github.event.inputs.tag }}" ]]; then |
34 | | - TAG="${{ github.event.inputs.tag }}" |
35 | | - elif [[ "${GITHUB_REF}" == refs/tags/* ]]; then |
36 | | - TAG="${GITHUB_REF#refs/tags/}" |
| 33 | + git fetch --tags --force --prune >/dev/null 2>&1 |
| 34 | + if [[ -n "${{ inputs.tag }}" ]]; then |
| 35 | + T="${{ inputs.tag }}" |
| 36 | + elif [[ -n "${{ github.event.workflow_run.head_branch }}" ]]; then |
| 37 | + T="$(git tag -l 'v*' --sort=-v:refname | head -n1)" |
37 | 38 | else |
38 | | - TAG="$(git tag -l 'v*' --sort=-v:refname | head -n1)" |
| 39 | + T="$(git tag -l 'v*' --sort=-v:refname | head -n1)" |
39 | 40 | fi |
40 | | - echo "tag=${TAG}" >> "$GITHUB_OUTPUT" |
41 | | - echo "TAG=${TAG}" |
| 41 | + echo "tag=$T" >> "$GITHUB_OUTPUT" |
| 42 | + echo "TAG=$T" >> "$GITHUB_ENV" |
| 43 | + echo "Using tag: $T" |
| 44 | +
|
| 45 | + - name: Sincronizar versión de pyproject con TAG |
| 46 | + shell: bash |
| 47 | + run: | |
| 48 | + want="${TAG#v}" |
| 49 | + sed -i -E "s/^version *= *\"[^\"]+\"/version = \"$want\"/" pyproject.toml |
| 50 | + echo "pyproject version -> $(grep -E '^version *= *\"' -m1 pyproject.toml)" |
42 | 51 |
|
43 | 52 | - name: Setup Python |
44 | 53 | uses: actions/setup-python@v5 |
45 | | - with: { python-version: '3.x' } |
| 54 | + with: {python-version: '3.x'} |
46 | 55 |
|
47 | 56 | - name: Build sdist & wheel |
48 | 57 | run: | |
49 | 58 | python -m pip install -U pip build |
50 | 59 | python -m build |
51 | 60 |
|
52 | | - - name: Verificar version == tag |
53 | | - shell: bash |
54 | | - run: | |
55 | | - WANT="${{ steps.tag.outputs.tag#v }}" |
56 | | - ACTUAL=$(python - <<'PY' |
57 | | -import re, pathlib |
58 | | -t=pathlib.Path("pyproject.toml").read_text() |
59 | | -print(re.search(r'(?m)^\s*version\s*=\s*"([0-9.]+)"', t).group(1)) |
60 | | -PY |
61 | | -) |
62 | | - echo "want=$WANT actual=$ACTUAL" |
63 | | - test "$WANT" = "$ACTUAL" |
64 | | - |
65 | | - - name: Publicar en PyPI (OIDC) |
| 61 | + - name: Publish to PyPI (OIDC) |
66 | 62 | uses: pypa/gh-action-pypi-publish@release/v1 |
67 | 63 | with: |
68 | 64 | skip-existing: true |
69 | 65 |
|
70 | 66 | - name: Login GHCR |
71 | | - uses: docker/login-action@v3 |
72 | | - with: |
73 | | - registry: ghcr.io |
74 | | - username: ${{ github.actor }} |
75 | | - password: ${{ secrets.GITHUB_TOKEN }} |
76 | | - |
77 | | - - name: Setup Buildx |
78 | | - uses: docker/setup-buildx-action@v3 |
| 67 | + run: echo "${{ github.token }}" | docker login ghcr.io -u $ --password-stdin |
79 | 68 |
|
80 | | - - name: Build & Push image |
| 69 | + - name: Build & Push image (amd64,arm64) |
81 | 70 | shell: bash |
82 | 71 | run: | |
83 | | - REPO="${GITHUB_REPOSITORY,,}" |
84 | | - TAG="${{ steps.tag.outputs.tag }}" |
| 72 | + repo_lower="$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]')" |
| 73 | + docker buildx create --use --name drd-builder || true |
85 | 74 | docker buildx build --platform linux/amd64,linux/arm64 \ |
86 | | - -t ghcr.io/$REPO:$TAG \ |
87 | | - -t ghcr.io/$REPO:latest \ |
| 75 | + -t "ghcr.io/${repo_lower}:${TAG}" \ |
88 | 76 | --push . |
0 commit comments