Merge pull request #2117 from musicinmybrain/gitignore

[MISC] In bidsschematools, exclude .gitignore files from sdists

Author: effigies

.github/workflows/schemacode_ci.yml

@@ -23,36 +23,29 @@ defaults:
 
 jobs:
   build:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        os: ["ubuntu-latest"]
-        python-version: ["3.11"]
+    name: Build & verify package
+    runs-on: ubuntu-latest
+    permissions:
+      attestations: write
+      id-token: write
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
         with:
-          python-version: ${{ matrix.python-version }}
-      - name: "Install build dependencies"
-        run: pip install --upgrade build twine
-      - name: "Install test dependencies on tag"
-        run: pip install --upgrade tools/schemacode[all]
+          fetch-depth: 0
+      - name: Install the latest version of uv
+        uses: astral-sh/setup-uv@v6
         if: ${{ startsWith(github.ref, 'refs/tags/schema-') }}
       - name: "Build archive on tag"
         run: |
-          python -m pytest -k make_archive
+          uv run --extra=tests pytest -k make_archive
         working-directory: tools/schemacode
         env:
           BIDSSCHEMATOOLS_RELEASE: 1
         if: ${{ startsWith(github.ref, 'refs/tags/schema-') }}
-      - name: "Build source distribution and wheel"
-        run: python -m build tools/schemacode
-      - name: "Check distribution metadata"
-        run: twine check tools/schemacode/dist/*
-      - uses: actions/upload-artifact@v4
+      - uses: hynek/build-and-inspect-python-package@v2
         with:
-          name: dist
-          path: tools/schemacode/dist/
+          path: tools/schemacode
+          attest-build-provenance-github: ${{ github.event_name != 'pull_request' }}
 
   test:
     runs-on: ${{ matrix.os }}
@@ -83,8 +76,8 @@ jobs:
       - name: "Fetch packages"
         uses: actions/download-artifact@v4
         with:
-          name: dist
-          path: dist/
+          name: Packages
+          path: dist
 
       - name: "Install package"
         run: |
@@ -104,20 +97,20 @@ jobs:
         if: success()
 
   publish:
-    runs-on: ${{ matrix.os }}
     name: Publish Python Package
-    needs: [test]
     if: github.event_name == 'push'
-    strategy:
-      matrix:
-        os: ["ubuntu-latest"]
-        python-version: ["3.11"]
+    runs-on: ubuntu-latest
+    needs: [test]
+    permissions:
+      attestations: write
+      id-token: write
+
     steps:
-      - name: "Fetch packages"
+      - name: Download packages built by build-and-inspect-python-package
         uses: actions/download-artifact@v4
         with:
-          name: dist
-          path: dist/
+          name: Packages
+          path: dist
       - name: "Test PyPI upload"
         uses: pypa/gh-action-pypi-publish@release/v1
         with:
@@ -128,9 +121,6 @@ jobs:
       - name: "Upload to PyPI (on tags)"
         if: startsWith(github.ref, 'refs/tags/schema-')
         uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          user: __token__
-          password: ${{ secrets.PYPI_API_TOKEN }}
 
   validate_schema:
     runs-on: ubuntu-latest

tools/schemacode/pyproject.toml

@@ -63,6 +63,12 @@ bst = "bidsschematools.__main__:cli"
 [project.urls]
 Homepage = "https://github.com/bids-standard/bids-specification"
 
+[tool.pdm.build]
+excludes = [
+  ".gitignore",
+  "**/.gitignore",
+]
+
 [tool.black]
 exclude = "*"