Publish to PyPI #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish to PyPI | |
| permissions: | |
| id-token: write | |
| contents: write | |
| on: | |
| workflow_dispatch: | |
| # push: | |
| # branches: | |
| # - main | |
| jobs: | |
| setup: | |
| runs-on: ubuntu-latest | |
| env: | |
| GUARDRAILS_TOKEN: ${{ secrets.PRIV_PYPI_PUBLISH_TOKEN }} | |
| PYPI_REPOSITORY_URL: 'https://pypi.guardrailsai.com' | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-tags: true | |
| fetch-depth: 0 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| - name: Check for version bump | |
| id: version | |
| continue-on-error: false | |
| shell: bash {0} | |
| run: | | |
| PYPROJECT_TOML="pyproject.toml" | |
| # Extract the version using grep and sed | |
| version=$(grep -m 1 "version" "$PYPROJECT_TOML" | sed -E 's/.*version[[:space:]]*=[[:space:]]*"([^"]*)".*/\1/') | |
| echo "Project version: $version" | |
| if [ -z "$version" ] | |
| then | |
| echo "Version is missing from pyproject.toml!" | |
| exit 1 | |
| fi | |
| echo "Checking if $version already exists..." | |
| version_commit="$(git rev-parse "$version" 2>/dev/null)" | |
| if [ ! -z "$version_commit" ] && [ "$version_commit" != "$version" ]; | |
| then | |
| echo "Version $version already exist on commit $version_commit!" | |
| echo "Abandoning build..." | |
| echo "To complete this release update the version field in the pyproject.toml with an appropriate semantic version." | |
| exit 1 | |
| else | |
| echo "version=$version" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| - name: Install Twine & Build | |
| shell: bash | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install twine build toml | |
| - name: Create .pypirc | |
| shell: bash | |
| run: | | |
| touch ~/.pypirc | |
| echo "[distutils]" >> ~/.pypirc | |
| echo "index-servers =" >> ~/.pypirc | |
| echo " private-repository" >> ~/.pypirc | |
| echo "" >> ~/.pypirc | |
| echo "[private-repository]" >> ~/.pypirc | |
| echo "repository = $PYPI_REPOSITORY_URL" >> ~/.pypirc | |
| echo "username = __token__" >> ~/.pypirc | |
| echo "password = $GUARDRAILS_TOKEN" >> ~/.pypirc | |
| - name: Build & Upload | |
| shell: bash | |
| run: | | |
| python -m build | |
| twine upload dist/* -u __token__ -p $GUARDRAILS_TOKEN -r private-repository | |
| - name: Create .pypirc for PyPI.org | |
| shell: bash | |
| env: | |
| PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }} | |
| run: | | |
| echo "[distutils]" > ~/.pypirc | |
| echo "index-servers =" >> ~/.pypirc | |
| echo " pypi" >> ~/.pypirc | |
| echo "" >> ~/.pypirc | |
| echo "[pypi]" >> ~/.pypirc | |
| echo "repository = https://upload.pypi.org/legacy/" >> ~/.pypirc | |
| echo "username = __token__" >> ~/.pypirc | |
| echo "password = $PYPI_PASSWORD" >> ~/.pypirc | |
| - name: Upload to PyPI.org | |
| shell: bash | |
| env: | |
| PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }} | |
| run: | | |
| twine upload dist/* -u __token__ -p $PYPI_PASSWORD -r pypi | |
| - name: Tag | |
| id: tag | |
| continue-on-error: false | |
| run: | | |
| version="${{ steps.version.outputs.version }}" | |
| echo "Configuring github bot" | |
| git config user.name "github-actions[bot]" | |
| # Comes from https://api.github.com/users/github-actions%5Bbot%5D | |
| git config user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| echo "Creating github tag: $version" | |
| git tag "$version" | |
| echo "Pushing tags" | |
| git push --tags |