Skip to content

[Python] Add release workflow #2691

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kanterov merged 4 commits into from
Apr 15, 2025
Merged

[Python] Add release workflow #2691

kanterov merged 4 commits into from
Apr 15, 2025

Conversation

@kanterov
Copy link
Collaborator

@kanterov kanterov commented Apr 9, 2025

Changes

Add release workflow to publish databricks-bundles PyPi package

Should be merged after #2676

Why

It publishes PyPi package that is co-versioned with CLI

@kanterov kanterov temporarily deployed to test-trigger-is April 9, 2025 13:53 — with GitHub Actions Inactive
@kanterov kanterov marked this pull request as ready for review April 9, 2025 15:32
shreyas-goenka
shreyas-goenka reviewed Apr 11, 2025
View reviewed changes
Copy link
Contributor

@shreyas-goenka shreyas-goenka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, just one question

.github/workflows/release.yml

needs: goreleaser

environment: release
Copy link
Contributor

@shreyas-goenka shreyas-goenka Apr 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why does this need access to the release environment token?

Copy link
Collaborator Author

@kanterov kanterov Apr 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's specified in trusted publishing settings in PyPi package deployment settings to avoid cases when package gets accidentially published

Copy link
Contributor

@pietern pietern Apr 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a comment to document this assertion.

Since the workflow doesn't use secrets, someone may remove this if they don't know about the assertion made by PyPI for OIDC purposes.

Copy link
Collaborator Author

@kanterov kanterov Apr 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Clarified in comments

Copy link
Contributor

@pietern pietern Apr 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you include that this is part of the OIDC assertion in PyPI?

Docs: https://docs.pypi.org/trusted-publishers/creating-a-project-through-oidc/

Copy link
Collaborator Author

@kanterov kanterov Apr 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pietern fixed, please take a look

@kanterov kanterov temporarily deployed to test-trigger-is April 15, 2025 13:51 — with GitHub Actions Inactive
@kanterov kanterov requested a review from shreyas-goenka April 15, 2025 13:52
@kanterov kanterov temporarily deployed to test-trigger-is April 15, 2025 14:55 — with GitHub Actions Inactive
@kanterov kanterov temporarily deployed to test-trigger-is April 15, 2025 15:15 — with GitHub Actions Inactive
@kanterov kanterov enabled auto-merge April 15, 2025 15:17
@kanterov kanterov added this pull request to the merge queue Apr 15, 2025
Merged via the queue into main with commit 7cfc682 Apr 15, 2025
9 checks passed
@kanterov kanterov deleted the add-pypi-release-workflow branch April 15, 2025 15:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shreyas-goenka shreyas-goenka shreyas-goenka approved these changes

@pietern pietern Awaiting requested review from pietern pietern is a code owner

@andrewnester andrewnester Awaiting requested review from andrewnester andrewnester is a code owner

@denik denik Awaiting requested review from denik denik is a code owner

@anton-107 anton-107 Awaiting requested review from anton-107 anton-107 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@kanterov @pietern @shreyas-goenka