LSU package support #5
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release | |
| on: | |
| push: | |
| branches: [ main ] | |
| jobs: | |
| test: | |
| uses: ./.github/workflows/emulator-test.yml | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: test | |
| permissions: | |
| contents: write | |
| id-token: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| cache: 'pip' | |
| - name: Install | |
| run: | | |
| python -m pip install -U pip | |
| # Install package build tooling and publishing helpers | |
| python -m pip install build python-semantic-release pip-audit twine | |
| # Install the package to ensure entry points are available for smoke checks | |
| python -m pip install . | |
| - name: Build and verify | |
| run: | | |
| python -m build | |
| twine check dist/* || true | |
| - name: Security audit | |
| run: | | |
| pip-audit -r requirements.txt || true | |
| - name: Semantic Release (version, tag, GitHub release, PyPI) | |
| env: | |
| PYPI_TOKEN: ${{ secrets.PYPI_API_TOKEN }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: semantic-release publish |