From e4c86a2c4c4f9a3fa9fe779de32880962f52e2c7 Mon Sep 17 00:00:00 2001 From: colyerdeng Date: Tue, 18 Feb 2025 14:32:18 +0800 Subject: [PATCH] fix(template): improve GitHub Actions workflow templates - fix: use {% raw %} to protect GitHub Actions expressions - fix: remove redundant setup.yaml workflow - fix: update version tag pattern to match semantic versioning - fix: use cookiecutter variables for Python version --- .github/workflows/deploy_docs.yaml | 2 +- .github/workflows/release_build.yaml | 2 +- .../.github/workflows/bump_version.yaml | 12 +-- .../.github/workflows/deploy_docs.yaml | 4 +- .../.github/workflows/release_build.yaml | 68 +++++++++-------- .../.github/workflows/setup.yaml | 74 ------------------- uv.lock | 2 +- 7 files changed, 50 insertions(+), 114 deletions(-) delete mode 100644 repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/setup.yaml diff --git a/.github/workflows/deploy_docs.yaml b/.github/workflows/deploy_docs.yaml index 81b4e13..9eb9d10 100644 --- a/.github/workflows/deploy_docs.yaml +++ b/.github/workflows/deploy_docs.yaml @@ -3,7 +3,7 @@ name: Deploy Docs on: push: tags: - - '*' # 匹配所有标签 + - '[0-9]*.[0-9]*.[0-9]*' # 匹配语义化版本号标签 (e.g., 1.0.0, 1.0.0-beta) workflow_dispatch: # 保留手动触发选项 permissions: diff --git a/.github/workflows/release_build.yaml b/.github/workflows/release_build.yaml index faca019..7ef5277 100644 --- a/.github/workflows/release_build.yaml +++ b/.github/workflows/release_build.yaml @@ -3,7 +3,7 @@ name: release-build on: push: tags: - - '*' # 匹配所有标签 + - '[0-9]*.[0-9]*.[0-9]*' # 匹配语义化版本号标签 (e.g., 1.0.0, 1.0.0-beta) workflow_dispatch: inputs: version: diff --git a/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/bump_version.yaml b/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/bump_version.yaml index f241915..dcd7e4f 100644 --- a/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/bump_version.yaml +++ b/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/bump_version.yaml @@ -31,12 +31,12 @@ jobs: uses: actions/checkout@v4 with: fetch-depth: 0 - token: ${{ github.token }} + {% raw %}token: ${{ github.token }}{% endraw %} - name: Setup Python uses: actions/setup-python@v5 with: - python-version: "3.12" + python-version: "{{ cookiecutter.max_python_version[0] }}" - name: Install uv uses: astral-sh/setup-uv@v5 @@ -48,14 +48,14 @@ jobs: name: Create bump and changelog uses: commitizen-tools/commitizen-action@master with: - github_token: ${{ github.token }} + {% raw %}github_token: ${{ github.token }}{% endraw %} changelog_increment_filename: body.md - increment: ${{ github.event.inputs.increment }} + {% raw %}increment: ${{ github.event.inputs.increment }}{% endraw %} - name: Create Release uses: softprops/action-gh-release@v2 with: body_path: body.md - tag_name: ${{ env.REVISION }} + {% raw %}tag_name: ${{ env.REVISION }}{% endraw %} env: - GITHUB_TOKEN: ${{ github.token }} + {% raw %}GITHUB_TOKEN: ${{ github.token }}{% endraw %} diff --git a/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/deploy_docs.yaml b/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/deploy_docs.yaml index fe44119..e391595 100644 --- a/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/deploy_docs.yaml +++ b/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/deploy_docs.yaml @@ -4,7 +4,7 @@ name: Deploy Docs on: push: tags: - - '*' # 匹配所有标签 + - '[0-9]*.[0-9]*.[0-9]*' # 匹配语义化版本号标签 (e.g., 1.0.0, 1.0.0-beta) workflow_dispatch: # 保留手动触发选项 permissions: @@ -24,5 +24,5 @@ jobs: - name: Build and deploy documentation run: uvx mkdocs gh-deploy --force env: - GITHUB_TOKEN: ${{ needs.setup.outputs.PERSONAL_ACCESS_TOKEN || github.token }} + {% raw %}GITHUB_TOKEN: ${{ needs.setup.outputs.PERSONAL_ACCESS_TOKEN || github.token }}{% endraw %} {% endif %} diff --git a/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/release_build.yaml b/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/release_build.yaml index ba25f58..706fa31 100644 --- a/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/release_build.yaml +++ b/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/release_build.yaml @@ -3,7 +3,7 @@ name: release_build on: push: tags: - - '*' # 匹配所有标签 + - '[0-9]*.[0-9]*.[0-9]*' # 匹配语义化版本号标签 (e.g., 1.0.0, 1.0.0-beta) workflow_dispatch: inputs: version: @@ -16,40 +16,50 @@ permissions: id-token: write # 用于发布到 PyPI jobs: - setup: - uses: ./.github/workflows/setup.yaml - with: - install-deps: dev - python-version: "{{ cookiecutter.max_python_version }}" - secrets: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} - outputs: - personal-access-token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} - build: - needs: setup runs-on: ubuntu-latest steps: - - name: Run tests - run: uvx nox -s test_all + - uses: actions/checkout@v4 + + - name: Load secret + uses: 1password/load-secrets-action@v2 + with: + export-env: true + env: + {% raw %}OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}{% endraw %} + PERSONAL_ACCESS_TOKEN: op://shawndengdev/github_access_token/credential + PYPI_TOKEN: op://shawndengdev/pypi_token/credential - - name: Build package - run: uvx nox -s build + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: "{{ cookiecutter.max_python_version[0] }}" - - name: Create Release - id: create_release - uses: softprops/action-gh-release@v2 + - name: Install uv + uses: astral-sh/setup-uv@v5 with: - token: ${{ needs.setup.outputs.PERSONAL_ACCESS_TOKEN || github.token }} - tag_name: ${{ github.event.inputs.version || github.ref_name }} - draft: false - prerelease: false - files: | - dist/* + version: ">=0.4.0" + + - name: Install dependencies + run: uv sync --extra dev + + - name: Build and test + run: | + uvx nox -s lint + uvx nox -s test + uvx nox -s build - name: Publish to PyPI - uses: pypa/gh-action-pypi-publish@release/v1 + env: + {% raw %}UV_PUBLISH_TOKEN: ${{ env.PYPI_TOKEN }}{% endraw %} + run: uv publish + + - name: Release + uses: softprops/action-gh-release@v2 with: - packages-dir: dist/ - repository-url: https://upload.pypi.org/legacy/ + files: | + dist/*.tar.gz + dist/*.whl + generate_release_notes: true + env: + {% raw %}GITHUB_TOKEN: ${{ env.PERSONAL_ACCESS_TOKEN }}{% endraw %} diff --git a/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/setup.yaml b/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/setup.yaml deleted file mode 100644 index 26cf8d1..0000000 --- a/repo_scaffold/templates/template-python/{{cookiecutter.project_slug}}/.github/workflows/setup.yaml +++ /dev/null @@ -1,74 +0,0 @@ -name: Reusable Setup - -on: - workflow_call: - inputs: - python-version: - required: false - type: string - default: "{{cookiecutter.max_python_version}}" # 使用用户选择的最高 Python 版本 - install-deps: - required: false - type: string - default: "dev" # dev, docs, or none - secrets: - OP_SERVICE_ACCOUNT_TOKEN: - required: false - PERSONAL_ACCESS_TOKEN: - required: false - outputs: - python-version: - description: "The Python version that was set up" - value: ${{ jobs.setup.outputs.python-version }} - PERSONAL_ACCESS_TOKEN: - description: "The personal access token" - value: ${{ jobs.setup.outputs.PERSONAL_ACCESS_TOKEN }} - -jobs: - setup: - runs-on: ubuntu-latest - outputs: - python-version: ${{ steps.setup-python.outputs.python-version }} - PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} - steps: - - name: Load secret - if: ${{ inputs.install-deps != 'none' }} - uses: 1password/load-secrets-action@v2 - with: - export-env: true - env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - PERSONAL_ACCESS_TOKEN: op://shawndengdev/github_access_token/credential - - - name: Check out - uses: actions/checkout@v4 - with: - fetch-depth: 0 - token: ${{ env.PERSONAL_ACCESS_TOKEN || github.token }} - - - name: Setup Python - id: setup-python - uses: actions/setup-python@v5 - with: - python-version: ${{ inputs.python-version }} - - - name: Install uv - uses: astral-sh/setup-uv@v5 - with: - version: ">=0.4.0" - - - name: Get uv cache dir - id: get-uv-cache - run: echo "UV_CACHE_DIR=$(uv cache dir)" >> $GITHUB_OUTPUT - - - name: Install dependencies - if: ${{ inputs.install-deps != 'none' }} - run: uv sync --extra ${{ inputs.install-deps }} - - - name: Cache uv packages - uses: actions/cache@v4 - with: - path: ${{ steps.get-uv-cache.outputs.UV_CACHE_DIR }} - key: ${{ runner.os }}-uv-${{ hashFiles('**/pyproject.toml', '**/requirements*.txt') }} - restore-keys: | - ${{ runner.os }}-uv- diff --git a/uv.lock b/uv.lock index bf9242b..ba6a27a 100644 --- a/uv.lock +++ b/uv.lock @@ -778,7 +778,7 @@ wheels = [ [[package]] name = "repo-scaffold" -version = "0.5.0" +version = "0.5.1" source = { editable = "." } dependencies = [ { name = "click" },