From 986a581ddb1db5abedce0375af6b56b6e5474f5e Mon Sep 17 00:00:00 2001 From: Jeong YunWon Date: Fri, 28 Mar 2025 16:44:21 +0900 Subject: [PATCH] release action --- .github/workflows/release.yaml | 95 ++++++++++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) create mode 100644 .github/workflows/release.yaml diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..ca8ccaf --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,95 @@ +name: Releases + +on: + push: + branches: + - main + tags: + - '*' + workflow_dispatch: + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +jobs: + build: + name: Build package + runs-on: ubuntu-latest + steps: + - name: Check out code from GitHub + uses: actions/checkout@v4 + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: "3.13" + check-latest: true + - name: Install build dependencies + run: | + python -m pip install --upgrade pip + pip install build + - name: Build package + run: | + python -m build + - name: Upload package artifacts + uses: actions/upload-artifact@v4 + with: + name: dist + path: dist/ + + publish-to-pypi: + name: Publish to PyPI + runs-on: ubuntu-latest + if: ${{ startsWith(github.ref, 'refs/tags/') || github.event_name == 'workflow_dispatch' }} + needs: [build] + permissions: + id-token: write # For signing release artifacts + contents: write # For uploading release artifacts + attestations: write # For artifact attestation + steps: + - name: Download distribution artifacts + uses: actions/download-artifact@v4 + with: + name: dist + path: dist + - name: Publish distribution to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 + with: + password: ${{ secrets.PYPI_API_TOKEN }} + + github-release: + name: Create GitHub Release + needs: + - publish-to-pypi + runs-on: ubuntu-latest + permissions: + contents: write # Required for making GitHub Releases + id-token: write # Required for sigstore + + steps: + - name: Download distribution artifacts + uses: actions/download-artifact@v4 + with: + name: dist + path: dist + - name: Sign the distributions with Sigstore + uses: sigstore/gh-action-sigstore-python@v3.0.0 + with: + inputs: >- + ./dist/*.tar.gz + ./dist/*.whl + - name: Create GitHub Release + env: + GITHUB_TOKEN: ${{ github.token }} + run: >- + gh release create + '${{ github.ref_name }}' + --repo '${{ github.repository }}' + --notes "" + - name: Upload artifacts to GitHub Release + env: + GITHUB_TOKEN: ${{ github.token }} + run: >- + gh release upload + '${{ github.ref_name }}' dist/** + --repo '${{ github.repository }}'