11name : Publish Python 🐍 distribution 📦 to PyPI and TestPyPI
22
3- on : push
3+ on : [ push, workflow_dispatch]
44
55jobs :
66 build :
77 name : Build distribution 📦
88 runs-on : ubuntu-latest
99
1010 steps :
11- - uses : actions/checkout@v4
12- with :
13- persist-credentials : false
14- - name : Set up Python
15- uses : actions/setup-python@v5
16- with :
17- python-version : " 3.x"
18- - name : Install pypa/build
19- run : >-
20- python3 -m
21- pip install
22- build
23- --user
24- - name : Build a binary wheel and a source tarball
25- run : python3 -m build
26- - name : Store the distribution packages
27- uses : actions/upload-artifact@v4
28- with :
29- name : python-package-distributions
30- path : dist/
11+ - uses : actions/checkout@v4
12+ with :
13+ persist-credentials : false
14+ - name : Set up Python
15+ uses : actions/setup-python@v5
16+ with :
17+ python-version : " 3.x"
18+ - name : Install pypa/build
19+ run : >-
20+ python3 -m
21+ pip install
22+ build
23+ --user
24+ - name : Build a binary wheel and a source tarball
25+ run : python3 -m build
26+ - name : Store the distribution packages
27+ uses : actions/upload-artifact@v4
28+ with :
29+ name : python-package-distributions
30+ path : dist/
3131
3232 publish-to-pypi :
3333 name : >-
3434 Publish Python 🐍 distribution 📦 to PyPI
35- if : startsWith(github.ref, 'refs/tags/') # only publish to PyPI on tag pushes
35+ if : startsWith(github.ref, 'refs/tags/') # only publish to PyPI on tag pushes
3636 needs :
37- - build
37+ - build
3838 runs-on : ubuntu-latest
3939 environment :
4040 name : pypi
41- url : https://pypi.org/p/roboreg # Replace <package-name> with your PyPI project name
41+ url : https://pypi.org/p/roboreg # Replace <package-name> with your PyPI project name
4242 permissions :
43- id-token : write # IMPORTANT: mandatory for trusted publishing
43+ id-token : write # IMPORTANT: mandatory for trusted publishing
4444
4545 steps :
46- - name : Download all the dists
47- uses : actions/download-artifact@v4
48- with :
49- name : python-package-distributions
50- path : dist/
51- - name : Publish distribution 📦 to PyPI
52- uses : pypa/gh-action-pypi-publish@release/v1
46+ - name : Download all the dists
47+ uses : actions/download-artifact@v4
48+ with :
49+ name : python-package-distributions
50+ path : dist/
51+ - name : Publish distribution 📦 to PyPI
52+ uses : pypa/gh-action-pypi-publish@release/v1
5353
5454 github-release :
5555 name : >-
5656 Sign the Python 🐍 distribution 📦 with Sigstore
5757 and upload them to GitHub Release
5858 needs :
59- - publish-to-pypi
59+ - publish-to-pypi
6060 runs-on : ubuntu-latest
6161
6262 permissions :
63- contents : write # IMPORTANT: mandatory for making GitHub Releases
64- id-token : write # IMPORTANT: mandatory for sigstore
63+ contents : write # IMPORTANT: mandatory for making GitHub Releases
64+ id-token : write # IMPORTANT: mandatory for sigstore
6565
6666 steps :
67- - name : Download all the dists
68- uses : actions/download-artifact@v4
69- with :
70- name : python-package-distributions
71- path : dist/
72- - name : Sign the dists with Sigstore
73- uses : sigstore/gh-action-sigstore-python@v3.0.0
74- with :
75- inputs : >-
76- ./dist/*.tar.gz
77- ./dist/*.whl
78- - name : Create GitHub Release
79- env :
80- GITHUB_TOKEN : ${{ github.token }}
81- run : >-
82- gh release create
83- "$GITHUB_REF_NAME"
84- --repo "$GITHUB_REPOSITORY"
85- --notes ""
86- - name : Upload artifact signatures to GitHub Release
87- env :
88- GITHUB_TOKEN : ${{ github.token }}
89- # Upload to GitHub Release using the `gh` CLI.
90- # `dist/` contains the built packages, and the
91- # sigstore-produced signatures and certificates.
92- run : >-
93- gh release upload
94- "$GITHUB_REF_NAME" dist/**
95- --repo "$GITHUB_REPOSITORY"
67+ - name : Download all the dists
68+ uses : actions/download-artifact@v4
69+ with :
70+ name : python-package-distributions
71+ path : dist/
72+ - name : Sign the dists with Sigstore
73+ uses : sigstore/gh-action-sigstore-python@v3.0.0
74+ with :
75+ inputs : >-
76+ ./dist/*.tar.gz
77+ ./dist/*.whl
78+ - name : Create GitHub Release
79+ env :
80+ GITHUB_TOKEN : ${{ github.token }}
81+ run : >-
82+ gh release create
83+ "$GITHUB_REF_NAME"
84+ --repo "$GITHUB_REPOSITORY"
85+ --notes ""
86+ - name : Upload artifact signatures to GitHub Release
87+ env :
88+ GITHUB_TOKEN : ${{ github.token }}
89+ # Upload to GitHub Release using the `gh` CLI.
90+ # `dist/` contains the built packages, and the
91+ # sigstore-produced signatures and certificates.
92+ run : >-
93+ gh release upload
94+ "$GITHUB_REF_NAME" dist/**
95+ --repo "$GITHUB_REPOSITORY"
9696
9797 publish-to-testpypi :
9898 name : Publish Python 🐍 distribution 📦 to TestPyPI
9999 needs :
100- - build
100+ - build
101101 runs-on : ubuntu-latest
102102
103103 environment :
104104 name : testpypi
105105 url : https://test.pypi.org/p/roboreg
106106
107107 permissions :
108- id-token : write # IMPORTANT: mandatory for trusted publishing
108+ id-token : write # IMPORTANT: mandatory for trusted publishing
109109
110110 steps :
111- - name : Download all the dists
112- uses : actions/download-artifact@v4
113- with :
114- name : python-package-distributions
115- path : dist/
116- - name : Publish distribution 📦 to TestPyPI
117- uses : pypa/gh-action-pypi-publish@release/v1
118- with :
119- repository-url : https://test.pypi.org/legacy/
120- verbose : true
111+ - name : Download all the dists
112+ uses : actions/download-artifact@v4
113+ with :
114+ name : python-package-distributions
115+ path : dist/
116+ - name : Publish distribution 📦 to TestPyPI
117+ uses : pypa/gh-action-pypi-publish@release/v1
118+ with :
119+ repository-url : https://test.pypi.org/legacy/
120+ verbose : true
0 commit comments