Attempt to fix CI #7
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release | |
| on: | |
| push: | |
| branches: [ main ] | |
| # Allow manual dispatch to choose publishing target (pypi or testpypi) | |
| workflow_dispatch: | |
| inputs: | |
| publish_target: | |
| description: 'Where to publish: pypi or testpypi' | |
| required: false | |
| default: 'pypi' | |
| jobs: | |
| test: | |
| uses: ./.github/workflows/emulator-test.yml | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: test | |
| permissions: | |
| contents: write | |
| id-token: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| cache: 'pip' | |
| - name: Install | |
| run: | | |
| python -m pip install -U pip | |
| # Install package build tooling and publishing helpers | |
| python -m pip install build python-semantic-release pip-audit twine | |
| # Install the package to ensure entry points are available for smoke checks | |
| python -m pip install . | |
| - name: Build and verify | |
| run: | | |
| python -m build | |
| twine check dist/* || true | |
| - name: Security audit | |
| run: | | |
| pip-audit -r requirements.txt || true | |
| - name: Semantic Release (version, tag, GitHub release, PyPI) | |
| # Choose which PYPI token to provide based on the optional dispatch input. | |
| # If manually dispatched with publish_target=testpypi, the workflow will use TEST_PYPI_API_TOKEN. | |
| env: | |
| PYPI_TOKEN: ${{ (github.event_name == 'workflow_dispatch' && github.event.inputs.publish_target == 'testpypi') && secrets.TEST_PYPI_API_TOKEN || secrets.PYPI_API_TOKEN }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: semantic-release publish |