4646 needs : test
4747 runs-on : ubuntu-latest
4848 if : github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch'
49+
50+ environment :
51+ name : pypi
52+ url : https://pypi.org/p/libcrypto
53+
54+ permissions :
55+ id-token : write # برای Trusted Publishers
56+ contents : write # برای push و release
57+
4958 outputs :
5059 new_version : ${{ steps.get_version.outputs.version }}
5160
5564 with :
5665 fetch-depth : 0
5766 token : ${{ secrets.GITHUB_TOKEN }}
67+ ref : main
5868
5969 - name : Set up Python 3.12
6070 uses : actions/setup-python@v5
@@ -71,54 +81,45 @@ jobs:
7181 NEW_VERSION=$(python bump_version.py libcrypto)
7282 echo "version=$NEW_VERSION" >> $GITHUB_OUTPUT
7383 echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_ENV
84+ echo "New version: $NEW_VERSION"
7485
7586name : Remove Bump Script
7687 run : rm -f bump_version.py
7788
78- - name : Bump version (commit and push)
89+ - name : Commit and push version bump
7990 run : |
80- git config --global user.name 'github-actions[bot]'
81- git config --global user.email 'github-actions[bot]@users.noreply.github.com'
82-
83- # First add and commit changes
84- git add setup.py pyproject.toml src/libcrypto/__init__.py
85-
86- # Check if there are changes to commit
87- if git diff --staged --quiet; then
88- echo "No changes to commit"
89- else
90- git commit -m "bump version to ${{ env.NEW_VERSION }}"
91-
92- # Pull with rebase strategy, auto-stash if needed
93- git pull origin main --rebase --autostash || true
94-
95- # Push changes
96- git push origin main
97- fi
91+ git config --global user.name 'github-actions[bot]'
92+ git config --global user.email 'github-actions[bot]@users.noreply.github.com'
93+
94+ git add setup.py pyproject.toml src/libcrypto/__init__.py
95+
96+ if ! git diff --staged --quiet; then
97+ git commit -m "chore: bump version to ${{ env.NEW_VERSION }}"
98+ git push origin main
99+ echo "Version bumped and pushed successfully"
100+ else
101+ echo "No version changes detected"
102+ fi
98103
99104name : Install build tools
100105 run : |
101106 python -m pip install --upgrade pip
102- pip install build twine
107+ pip install build
103108
104109name : Build libcrypto Package
105110 run : |
106111 python -m build
107112
108- name : Check distribution
109- run : |
110- twine check dist/*
111-
112113name : List distribution files
113114 run : |
115+ echo "Distribution files:"
114116 ls -lh dist/
115117
116- name : Publish package to PyPI
117- env :
118- TWINE_USERNAME : __token__
119- TWINE_PASSWORD : ${{ secrets.PYPI_TOKEN }}
120- run : |
121- twine upload dist/*
118+ name : Publish to PyPI using Trusted Publisher
119+ uses : pypa/gh-action-pypi-publish@release/v1
120+ with :
121+ verbose : true
122+ print-hash : true
122123
123124 - name : Create GitHub Release
124125 if : success()
@@ -169,12 +170,10 @@ jobs:
169170 dist/*
170171draft : false
171172 prerelease : false
172- env :
173- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
174173
175174 test-pypi-installation :
176175 needs : build-and-publish
177- name : Test PyPI Installation
176+ name : Test PyPI Installation on ${{ matrix.os }} - Python ${{ matrix.python-version }}
178177 runs-on : ${{ matrix.os }}
179178 strategy :
180179 matrix :
@@ -200,4 +199,4 @@ jobs:
200199
201200name : Test basic functionality
202201 run : |
203- python -c "from libcrypto import PrivateKey, Wallet, generate_mnemonic; pk = PrivateKey(1); print('All tests passed')"
202+ python -c "from libcrypto import PrivateKey, Wallet, generate_mnemonic; pk = PrivateKey(1); print('All tests passed successfully ')"
0 commit comments