From 6ec66be32cb3892c7d74a6e614952a2770588c88 Mon Sep 17 00:00:00 2001
From: Shreya Singh <32371715+shreyasingh18@users.noreply.github.com>
Date: Tue, 1 Jul 2025 11:51:06 +0530
Subject: [PATCH 1/5] build_package.yml

Added the changes
1. cleanup of the repo dist before buiding the new one, to avoid conflicts
2. added the missing command to build the python app
---
 .github/workflows/build_package.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build_package.yml b/.github/workflows/build_package.yml
index 327d66b..7134bf3 100644
--- a/.github/workflows/build_package.yml
+++ b/.github/workflows/build_package.yml
@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     outputs:
       artifact_name: python-package
-    
+
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -33,7 +33,11 @@ jobs:
           python -m pip install --upgrade pip
           pip install build
 
+      - name: Clean dist directory
+        run: rm -rf dist
+
       - name: Build package
+        run: python -m build
 
       - name: Upload artifact
         uses: actions/upload-artifact@v4

From f6799f2d8626e1c86e27fcb2dbaf83165753b93c Mon Sep 17 00:00:00 2001
From: Shreya Singh <32371715+shreyasingh18@users.noreply.github.com>
Date: Tue, 1 Jul 2025 11:55:56 +0530
Subject: [PATCH 2/5] release_package.yml

1. Added Authentication step for OIDC based connectivity
2. Given write permission
---
 .github/workflows/release_package.yml | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/release_package.yml b/.github/workflows/release_package.yml
index 73ecc57..8da8712 100644
--- a/.github/workflows/release_package.yml
+++ b/.github/workflows/release_package.yml
@@ -16,6 +16,8 @@ env:
 permissions:
   contents: read
   actions: read
+  id-token: write
+  
 
 jobs:
   publish:
@@ -31,8 +33,12 @@ jobs:
           repository: ${{ github.repository }}
           github-token: ${{ github.token }}
           run-id: ${{ github.event.workflow_run.id }}
-
-
+     
+      - name: Authenticate to Cloudsmith
+        uses: cloudsmith-io/cloudsmith-cli-action@v1.0.1
+        with:
+          oidc-namespace: ${{ secrets.CLOUDSMITH_NAMESPACE }}
+          oidc-service-slug: ${{ secrets.CLOUDSMITH_SERVICE_SLUG }} 
 
       - name: List directory contents
         run: ls -la dist/

From 2f52951de1d948c3af02cbd6f85383a229ee4237 Mon Sep 17 00:00:00 2001
From: Shreya Singh <32371715+shreyasingh18@users.noreply.github.com>
Date: Tue, 1 Jul 2025 12:06:43 +0530
Subject: [PATCH 3/5] Update pyproject.toml

Added the version and the package name
---
 pyproject.toml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/pyproject.toml b/pyproject.toml
index 1744938..16b4a15 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -3,9 +3,11 @@ requires = ["hatchling"]
 build-backend = "hatchling.build"
 
 [project]
+version = "0.0.4" 
+name = "example-package"
 
 authors = [
-  { name="Example Author", email="author@example.com" },
+  { name="Shreya Singh", email="shreyasingh_18@yahoo.com" },
 ]
 description = "A small example package"
 readme = "README.md"
@@ -14,4 +16,4 @@ classifiers = [
     "Programming Language :: Python :: 3",
     "License :: OSI Approved :: MIT License",
     "Operating System :: OS Independent",
-] 
\ No newline at end of file
+]

From ad563ca1c6d9289f33dc4b8aa7f84aef49c85b0a Mon Sep 17 00:00:00 2001
From: Shreya Singh <32371715+shreyasingh18@users.noreply.github.com>
Date: Tue, 1 Jul 2025 12:12:04 +0530
Subject: [PATCH 4/5] Update promote_package.yml

1. corrected the staging and production repo
now it will picked up from vars
2. remove the package name to be picked up from the cloudsmith repo
3. Added the query to fetch the latest package dynamically and then tag it.
---
 .github/workflows/promote_package.yml | 38 ++++++++++++++-------------
 1 file changed, 20 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/promote_package.yml b/.github/workflows/promote_package.yml
index 559788f..941e5ae 100644
--- a/.github/workflows/promote_package.yml
+++ b/.github/workflows/promote_package.yml
@@ -1,19 +1,14 @@
 name: Promote Python Package
 
 on:
-  workflow_dispatch:
-    inputs:
-      package_version:
-        description: 'Package version to promote (e.g., 0.0.1)'
-        required: true
-        type: string
+  repository_dispatch:
+    types: [cloudsmith-package-synced]
 
 env:
   CLOUDSMITH_NAMESPACE: ${{ vars.CLOUDSMITH_NAMESPACE }}
-  CLOUDSMITH_STAGING_REPO: 'production'
-  CLOUDSMITH_PRODUCTION_REPO: 'staging'
+  CLOUDSMITH_STAGING_REPO: ${{ vars.CLOUDSMITH_STAGING_REPO }}
+  CLOUDSMITH_PRODUCTION_REPO: ${{ vars.CLOUDSMITH_PRODUCTION_REPO }}
   CLOUDSMITH_SERVICE_SLUG: ${{ vars.CLOUDSMITH_SERVICE_SLUG }}
-  PACKAGE_NAME: 'example_package'
 
 permissions:
   id-token: write
@@ -29,22 +24,29 @@ jobs:
           oidc-namespace: ${{ env.CLOUDSMITH_NAMESPACE }}
           oidc-service-slug: ${{ env.CLOUDSMITH_SERVICE_SLUG }}
 
-      - name: Get package identifier and promote
+      - name: Query and tag the latest package fetched with 'ready-for-production'
         run: |
-          # Query for the package and get its identifier
-          PACKAGE_QUERY="filename:${PACKAGE_NAME}-${{ github.event.inputs.package_version }}.tar.gz"
-          echo "Searching for package with query: $PACKAGE_QUERY"
-          
+          PACKAGE_NAME="${{ github.event.client_payload.package_name }}"
+          echo "Webhook received package name: $PACKAGE_NAME"
+
+          echo "Fetching latest synced version of $PACKAGE_NAME from Cloudsmith..."
+
+          PACKAGE_QUERY="name:$PACKAGE_NAME"
           PACKAGE_DATA=$(cloudsmith list package ${{ env.CLOUDSMITH_NAMESPACE }}/${{ env.CLOUDSMITH_STAGING_REPO }} -q "$PACKAGE_QUERY" -F json)
-          
+
+          echo "Cloudsmith response for package query : ${PACKAGE_QUERY}"
+
           # Extract the identifier_perm using jq
           IDENTIFIER=$(echo "$PACKAGE_DATA" | jq -r '.data[0].identifier_perm')
-          
+
           if [ -z "$IDENTIFIER" ] || [ "$IDENTIFIER" = "null" ]; then
-            echo "Failed to find package identifier"
+            echo "No synced package found for $PACKAGE_NAME"
             exit 1
           fi
-          
+
+          echo "Tagging $IDENTIFIER with 'ready-for-production'"
+          cloudsmith tag add ${{ env.CLOUDSMITH_NAMESPACE }}/${{ env.CLOUDSMITH_STAGING_REPO }}/$IDENTIFIER ready-for-production
+
           echo "Found package identifier: $IDENTIFIER"
           
           # Promote package using the identifier

From 728c771d7bb685702621c8de5679e82873fcf973 Mon Sep 17 00:00:00 2001
From: Shreya Singh <32371715+shreyasingh18@users.noreply.github.com>
Date: Tue, 1 Jul 2025 12:12:26 +0530
Subject: [PATCH 5/5] Update pyproject.toml

updated version
---
 pyproject.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pyproject.toml b/pyproject.toml
index 16b4a15..563aa65 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -3,7 +3,7 @@ requires = ["hatchling"]
 build-backend = "hatchling.build"
 
 [project]
-version = "0.0.4" 
+version = "0.0.5" 
 name = "example-package"
 
 authors = [