Skip to content

Use OIDC to publish releases #455

Use OIDC to publish releases

Use OIDC to publish releases #455

Workflow file for this run

name: Python package
on:
push:
pull_request:
types: [ opened, edited ]
workflow_dispatch:
jobs:
build-dists:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest, windows-latest, macos-latest ]
python:
- {version: '3.8'}
- {version: '3.9'}
- {version: '3.10'}
- {version: '3.11'}
- {version: '3.12'}
- {version: '3.13'}
discord-py:
- {NAME: 'pypi', PIP_TARGET: 'discord.py[voice]'}
- {NAME: 'git', PIP_TARGET: 'discord.py[voice] @ git+https://github.com/Rapptz/discord.py@master'}
name: "${{ matrix.os }} CPython ${{ matrix.python.version }} with ${{ matrix.discord-py.NAME }} discord.py"
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Python ${{ matrix.python.version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python.version }}
- name: Install dependencies
shell: bash
run: |
python -m pip install --upgrade pip setuptools wheel
# 3.13 needs audioop-lts
pip install -U "audioop-lts; python_version>='3.13'"
pip install -U "${{ matrix.discord-py.PIP_TARGET }}" --extra-index-url https://scarletcafe.github.io/pip/
pip install -U $(find requirements -name *.txt -print | sed -e 's/^/-r /' | tr '\n' ' ')
- name: Test from local directory
shell: bash
run: |
PYTHONPATH="$(pwd)" pytest -vs --cov=jishaku --cov-report term-missing:skip-covered
- name: Lint repository
shell: bash
run: |
echo "flake8:"
flake8 .
echo "pylint:"
pylint jishaku
echo "isort:"
isort . --check-only
- name: Create distributions and install wheel
shell: bash
run: |
export tag_name="${GITHUB_REF##*/}"
# Substitute README assets with direct GitHub links
sed -i'.original' -e "s/src=\".github\/assets/src=\"https:\/\/raw.githubusercontent.com\/scarletcafe\/jishaku\/$(git rev-parse HEAD)\/.github\/assets/g" README.md
rm -f README.md.original
python ./setup.py sdist bdist_wheel
rm -rf jishaku
find dist -name *.whl -exec pip install '{}' +
- name: Test from installed module
shell: bash
run: |
PYTHONPATH="$(pwd)" pytest -vs
- name: Build documentation
shell: bash
run: |
cd docs && make html
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: distributions-${{ matrix.os }}-${{ matrix.python.version }}-${{ matrix.discord-py.NAME }}
path: dist/*
upload_pypi:
needs: [ build-dists ]
runs-on: ubuntu-latest
environment: publish
permissions:
id-token: write
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/')
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: true
- name: Set up Python 3.13
uses: actions/setup-python@v5
with:
python-version: '3.13' # Watch as I let this get handled as a float again
- name: Install dependencies
shell: bash
run: |
sudo apt-get update && sudo apt-get install -y hub
python -m pip install --upgrade pip setuptools wheel
export tag_name="${GITHUB_REF##*/}"
pip install -U ".[publish]"
- name: Download artifacts
uses: actions/download-artifact@v4
with:
# There is currently a bug where download-artifact downloading multiple files of the same name corrupts the file.
# https://github.com/actions/download-artifact/issues/298
# Very cool.
# We don't have any native code so using the latest Ubuntu artifact should be OK.
#pattern: distributions-*
pattern: distributions-ubuntu-latest-3.13-pypi
merge-multiple: true
path: dist
- name: Publish wheels as release artifacts on GitHub
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
set -x
export tag_name="${GITHUB_REF##*/}"
python create_dist_summary.py
assets=()
for asset in ./dist/*.{whl,tar.gz}; do
assets+=("-a" "$asset")
done
tag_name="${GITHUB_REF##*/}"
hub release create "${assets[@]}" -F ./dist/DIST_SUMMARY.md "$tag_name"
rm ./dist/*.md
- name: Publish packages to PyPI
uses: pypa/[email protected]