Upload Artifacts to PyPI #18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Upload Artifacts to PyPI | |
| on: | |
| workflow_call: | |
| inputs: | |
| environment: | |
| description: CI environment to run in (test.pypi or production.pypi) | |
| type: string | |
| required: true | |
| sha: | |
| description: The SHA of the commit that the packages were built from | |
| type: string | |
| required: true | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| description: CI environment to run in (test.pypi or production.pypi) | |
| type: choice | |
| required: true | |
| default: test.pypi | |
| options: | |
| - test.pypi | |
| - production.pypi | |
| sha: | |
| description: The SHA of the commit that the packages were built from | |
| type: string | |
| required: true | |
| concurrency: | |
| group: ${{ inputs.sha }} | |
| cancel-in-progress: true | |
| jobs: | |
| publish-pypi: | |
| name: Publish Artifacts to PyPI | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: ${{ inputs.environment }} | |
| permissions: | |
| # this is needed for the OIDC flow that is used with trusted publishing on PyPI | |
| id-token: write | |
| steps: | |
| - if: ${{ vars.PYPI_HOST == '' }} | |
| run: | | |
| echo "Error: PYPI_HOST is not set in CI environment '${{ inputs.environment }}'" | |
| exit 1 | |
| - name: Authenticate With AWS | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: 'us-east-2' | |
| aws-access-key-id: ${{ secrets.S3_DUCKDB_STAGING_ID }} | |
| aws-secret-access-key: ${{ secrets.S3_DUCKDB_STAGING_KEY }} | |
| - name: Download Artifacts From S3 | |
| env: | |
| S3_URL: 's3://duckdb-staging/${{ github.repository }}/${{ inputs.sha }}/' | |
| AWS_ACCESS_KEY_ID: ${{ secrets.S3_DUCKDB_STAGING_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.S3_DUCKDB_STAGING_KEY }} | |
| run: | | |
| mkdir packages | |
| aws s3 cp --recursive "${S3_URL}" packages | |
| - name: Upload artifacts to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: 'https://${{ vars.PYPI_HOST }}/legacy/' | |
| packages-dir: packages | |
| - name: PyPI Upload Summary | |
| run : | | |
| version=$(basename packages/*.tar.gz | sed 's/duckdb-\(.*\).tar.gz/\1/g') | |
| echo "## PyPI Upload Summary" >> $GITHUB_STEP_SUMMARY | |
| echo "* Version: ${version}" >> $GITHUB_STEP_SUMMARY | |
| echo "* PyPI Host: ${{ vars.PYPI_HOST }}" >> $GITHUB_STEP_SUMMARY | |
| echo "* CI Environment: ${{ inputs.environment }}" >> $GITHUB_STEP_SUMMARY | |
| cleanup_nightlies: | |
| name: Remove Nightlies from PyPI | |
| needs: publish-pypi | |
| uses: ./.github/workflows/cleanup_pypi.yml | |
| with: | |
| environment: ${{ inputs.environment }} |