From 6a041c6f67a5621ba6732772783529b7a5302a52 Mon Sep 17 00:00:00 2001 From: MatthieuDartiailh Date: Tue, 26 Nov 2024 18:14:50 +0100 Subject: [PATCH] cis: update workflows --- .github/workflows/ci.yml | 8 +-- .github/workflows/docs.yml | 4 +- .github/workflows/release.yml | 96 ++++++++++++++++++++--------------- 3 files changed, 61 insertions(+), 47 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a8208a9..446248d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,7 +16,7 @@ jobs: name: Lints Python codes runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: pyflakes uses: reviewdog/action-pyflakes@v1 with: @@ -29,16 +29,16 @@ jobs: strategy: matrix: os: [ubuntu-latest, windows-latest, macos-latest] - python-version: ['3.7', '3.8', '3.9', '3.10', '3.11.0-beta - 3.11.0'] + python-version: ['3.10', '3.11', '3.12', '3.13'] fail-fast: false steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Get history and tags for SCM versioning to work run: | git fetch --prune --unshallow git fetch --depth=1 origin +refs/tags/*:refs/tags/* - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v3 + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - name: Install dependencies diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 1d20ba0..e32637a 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -20,13 +20,13 @@ jobs: name: Docs building runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Get history and tags for SCM versioning to work run: | git fetch --prune --unshallow git fetch --depth=1 origin +refs/tags/*:refs/tags/* - name: Set up Python - uses: actions/setup-python@v3 + uses: actions/setup-python@v5 - name: Install dependencies run: | python -m pip install --upgrade pip diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 428ba63..6954d35 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,13 +13,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Get history and tags for SCM versioning to work run: | git fetch --prune --unshallow git fetch --depth=1 origin +refs/tags/*:refs/tags/* - name: Setup Python - uses: actions/setup-python@v3 + uses: actions/setup-python@v5 - name: Build sdist run: | pip install --upgrade pip @@ -32,9 +32,9 @@ jobs: cd .. python -m pytest cppy/tests - name: Store artifacts - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: - name: artifact + name: cibw-sdist path: dist/* build_universal_wheel: @@ -42,13 +42,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Get history and tags for SCM versioning to work run: | git fetch --prune --unshallow git fetch --depth=1 origin +refs/tags/*:refs/tags/* - name: Setup Python - uses: actions/setup-python@v3 + uses: actions/setup-python@v5 - name: Build universal wheel run: | pip install --upgrade pip @@ -61,53 +61,67 @@ jobs: cd .. python -m pytest cppy/tests - name: Store artifacts - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: - name: artifact + name: cibw-wheel path: dist/*.whl - release_upload: - name: Create Release and Upload Release Asset - runs-on: ubuntu-latest - if: github.event_name == 'push' - needs: [build_universal_wheel, build_sdist] - steps: - - name: Create Release - id: create_release - uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ github.ref }} - release_name: Release ${{ github.ref }} - draft: false - prerelease: ${{ contains(github.ref, 'rc') || contains(github.ref, 'a') || contains(github.ref, 'b')}} - - uses: actions/download-artifact@v2 - with: - name: artifact - path: dist - - name: Upload Release Asset - id: upload-release-asset - uses: shogo82148/actions-upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_path: dist/* - - upload_pypi: + publish: if: github.event_name == 'push' needs: [build_universal_wheel, build_sdist] runs-on: ubuntu-latest steps: - - uses: actions/download-artifact@v2 + - uses: actions/download-artifact@v4.1.7 with: - name: artifact + pattern: cibw-* path: dist + merge-multiple: true - - uses: pypa/gh-action-pypi-publish@master + - uses: pypa/gh-action-pypi-publish@release/v1 with: user: __token__ password: ${{ secrets.pypi_password }} # To test: # repository_url: https://test.pypi.org/legacy/ + + github-release: + name: >- + Sign the Python 🐍 distribution 📦 with Sigstore + and create a GitHub Release + runs-on: ubuntu-latest + needs: + - publish + + permissions: + contents: write + id-token: write + + steps: + - name: Download all the dists + uses: actions/download-artifact@v4.1.7 + with: + pattern: cibw-* + path: dist + merge-multiple: true + - name: Sign the dists with Sigstore + uses: sigstore/gh-action-sigstore-python@v2.1.0 + with: + password: ${{ secrets.pypi_password }} + inputs: >- + ./dist/*.tar.gz + ./dist/*.whl + - name: Create GitHub Release + env: + GITHUB_TOKEN: ${{ github.token }} + run: >- + gh release create + '${{ github.ref_name }}' + --repo '${{ github.repository }}' + --generate-notes + - name: Upload artifact signatures to GitHub Release + env: + GITHUB_TOKEN: ${{ github.token }} + run: >- + gh release upload + '${{ github.ref_name }}' dist/** + --repo '${{ github.repository }}'