Publish to PyPI and GitHub release #206
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish to PyPI and GitHub release | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| workflow_dispatch: | |
| inputs: | |
| ref: | |
| description: 'Git ref (branch, tag, or SHA) to build from' | |
| required: true | |
| default: 'main' | |
| type: string | |
| # Least-privilege defaults for all jobs (override per-job if needed) | |
| permissions: | |
| contents: write # to create releases and read code | |
| packages: write # to push container images to ghcr.io | |
| id-token: write # for PyPI OIDC publish | |
| jobs: | |
| python-package: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Select ref | |
| id: select-ref | |
| run: | | |
| if [ -n "${{ github.event.inputs.ref }}" ]; then | |
| echo "ref=${{ github.event.inputs.ref }}" >> $GITHUB_OUTPUT | |
| else | |
| # Fallback to the event ref (e.g. refs/tags/v1.2.3 on tag pushes) | |
| echo "ref=${GITHUB_REF#refs/heads/}" >> $GITHUB_OUTPUT | |
| fi | |
| - uses: actions/checkout@v4 | |
| with: | |
| # Checkout the chosen ref for manual runs; for tag-push runs this will be that tag | |
| ref: ${{ steps.select-ref.outputs.ref }} | |
| - name: Derive version | |
| id: version | |
| shell: bash | |
| run: | | |
| # If the ref looks like a release tag (v*), use it as version (strip refs/tags/ if present) | |
| REF="${{ steps.select-ref.outputs.ref }}" | |
| if [[ "$GITHUB_REF" == refs/tags/v* ]]; then | |
| VER="${GITHUB_REF#refs/tags/}" | |
| elif [[ "$REF" == refs/tags/v* ]]; then | |
| VER="${REF#refs/tags/}" | |
| elif [[ "$REF" == v* ]]; then | |
| VER="$REF" | |
| else | |
| # Fallback for non-tag manual runs | |
| VER="manual-${{ github.run_number }}" | |
| fi | |
| echo "version=$VER" >> $GITHUB_OUTPUT | |
| echo "Resolved version: $VER" | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install build flake8 | |
| - name: Check for syntax errors | |
| run: | | |
| flake8 ./deeplc --count --select=E9,F63,F7,F82 --show-source --statistics | |
| - name: Build package | |
| run: | | |
| python -m build . --sdist --wheel | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| skip-existing: true | |
| - name: Upload compiled wheels | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: python-wheels | |
| path: dist/*.whl | |
| windows-installer: | |
| runs-on: windows-latest | |
| needs: python-package | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| # Match the same ref used for building the Python package | |
| ref: ${{ needs.python-package.outputs.ref || github.ref }} | |
| # If you want to avoid recomputing the ref/version here, you can | |
| # alternatively repeat the "Select ref" + "Derive version" steps as above | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install .[gui] pyinstaller | |
| - name: Install Inno Setup | |
| uses: crazy-max/ghaction-chocolatey@v3 | |
| with: | |
| args: install innosetup -y --allow-unofficial --force | |
| - name: Run pyinstaller | |
| run: pyinstaller ./deeplc_pyinstaller.spec --clean --noconfirm | |
| - name: Test built DeepLC exe | |
| run: dist/deeplc/deeplc.exe --ignore-gooey --help | |
| - name: Derive version (Windows) | |
| id: version | |
| shell: bash | |
| run: | | |
| REF="${{ github.event.inputs.ref }}" | |
| if [[ "$GITHUB_REF" == refs/tags/v* ]]; then | |
| VER="${GITHUB_REF#refs/tags/}" | |
| elif [[ "$REF" == refs/tags/v* ]]; then | |
| VER="${REF#refs/tags/}" | |
| elif [[ "$REF" == v* ]]; then | |
| VER="$REF" | |
| else | |
| VER="manual-${{ github.run_number }}" | |
| fi | |
| echo "version=$VER" >> $GITHUB_OUTPUT | |
| echo "Resolved version: $VER" | |
| - name: Run Inno Setup | |
| run: ISCC.exe ./deeplc_innosetup.iss /DAppVersion=${{ steps.version.outputs.version }} | |
| - name: Upload installer | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: windows-installer | |
| path: dist/*.exe | |
| git-release: | |
| runs-on: ubuntu-latest | |
| needs: [python-package, windows-installer] | |
| # Only create a GitHub Release when the ref is a v* tag (either push or manual) | |
| if: startsWith(github.ref, 'refs/tags/v') || startsWith(github.event.inputs.ref, 'v') | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Resolve version/tag | |
| id: version | |
| shell: bash | |
| run: | | |
| if [[ "$GITHUB_REF" == refs/tags/v* ]]; then | |
| VER="${GITHUB_REF#refs/tags/}" | |
| elif [[ "${{ github.event.inputs.ref }}" == v* ]]; then | |
| VER="${{ github.event.inputs.ref }}" | |
| else | |
| echo "This job should only run for v* tags." | |
| exit 1 | |
| fi | |
| echo "version=$VER" >> $GITHUB_OUTPUT | |
| echo "Resolved version: $VER" | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: dist | |
| - name: Create GitHub Release | |
| # The docker action infers the tag from GITHUB_REF; set it explicitly for manual runs. | |
| uses: docker://antonyurchenko/git-release:v6 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| DRAFT_RELEASE: "false" | |
| PRE_RELEASE: "false" | |
| CHANGELOG_FILE: "CHANGELOG.md" | |
| # Provide a synthetic tag ref for manual runs with input v* | |
| GITHUB_REF: refs/tags/${{ steps.version.outputs.version }} | |
| with: | |
| args: | | |
| dist/**/*.exe | |
| dist/**/*.whl | |
| build-streamlit-image: | |
| runs-on: ubuntu-latest | |
| needs: python-package | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - id: latest_release | |
| uses: pozetroninc/github-action-get-latest-release@master | |
| with: | |
| owner: compomics | |
| repo: DeepLC | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push to ghcr.io | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: streamlit | |
| push: true | |
| tags: | | |
| ghcr.io/compomics/deeplc-streamlit:${{ steps.latest_release.outputs.release }} | |
| ghcr.io/compomics/deeplc-streamlit:latest |