diff --git a/.github/workflows/PR.yml b/.github/workflows/PR.yml index 88f57fd8..f666c462 100644 --- a/.github/workflows/PR.yml +++ b/.github/workflows/PR.yml @@ -10,6 +10,8 @@ on: - pyproject.toml - docs/Coding-Conventions.md - .github/workflows/PR.yml + workflow_call: + workflow_dispatch: env: POETRY_VERSION: 1.8.1 diff --git a/.github/workflows/Publish-Package.yml b/.github/workflows/Publish-Package.yml index 5fe1f6ed..0e9e68fc 100644 --- a/.github/workflows/Publish-Package.yml +++ b/.github/workflows/Publish-Package.yml @@ -2,73 +2,105 @@ name: Publish Package on: release: - types: [released] + types: [published] + workflow_dispatch: + inputs: + environment: + description: The environment to publish to. + default: 'none' + required: true + type: choice + options: + - none + - pypi + - testpypi env: - # Versions are also listed in PR.yml - POETRY_VERSION: 1.8.1 - PYTHON_VERSION: 3.11 # Use latest + dist-artifact-name: package-distribution-packages + environment: ${{ github.event_name == 'release' && 'pypi' || inputs.environment }} + environment-info: | + { + "pypi": { + "base-url": "https://pypi.org", + "upload-url": "https://upload.pypi.org/legacy/" + }, + "testpypi": { + "base-url": "https://test.pypi.org", + "upload-url": "https://test.pypi.org/legacy/" + } + } jobs: - publish_package: - name: Publish Package + check_package: + name: Check package + uses: ./.github/workflows/PR.yml + build_package: + name: Build package runs-on: ubuntu-latest + needs: [check_package] steps: - - uses: actions/checkout@v2 - with: - ref: ${{ github.event.release.target_commitish }} # This is the branch the release was created from. Normally main, but can be a dev branch - persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token - fetch-depth: 0 # otherwise, you will failed to push refs to dest repo - - - uses: actions/setup-python@v2 - with: - python-version: ${{ env.PYTHON_VERSION }} - - uses: Gr1N/setup-poetry@v8 - with: - poetry-version: ${{ env.POETRY_VERSION }} - # @TODO: This is a workaround for there not being a way to check the lock file - # See: https://github.com/python-poetry/poetry/issues/453 - - name: Check for lock changes - run: | - poetry lock --check - - uses: actions/cache@v4 + - name: Check out repo + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: Set up Python + uses: ni/python-actions/setup-python@5286c12d65d90b2ea738bd57d452dc4366497581 # v0.4.1 + - name: Set up Poetry + uses: ni/python-actions/setup-poetry@5286c12d65d90b2ea738bd57d452dc4366497581 # v0.4.1 + # If the version is 0.1.0-alpha.0, this will set the version to 0.1.0 + - name: Promote package version to release + run: poetry version patch + - name: Check project version + if: github.event_name == 'release' + uses: ni/python-actions/check-project-version@5286c12d65d90b2ea738bd57d452dc4366497581 # v0.4.1 + - name: Build distribution packages + run: poetry build + - name: Upload build artifacts + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: - path: ~/.cache/pypoetry/virtualenvs - key: ${{ runner.os }}-poetry-${{ hashFiles('poetry.lock') }} - - name: Install the Package - run: poetry install - - name: Lint the Code - run: poetry run ni-python-styleguide lint - - - name: Run tests - run: poetry run pytest -v - + name: ${{ env.dist-artifact-name }} + path: dist/* + publish_to_pypi: + name: Publish package to PyPI + if: github.event_name == 'release' || inputs.environment != 'none' + runs-on: ubuntu-latest + needs: [build_package] + environment: + # This logic is duplicated because `name` doesn't support the `env` context. + name: ${{ github.event_name == 'release' && 'pypi' || inputs.environment }} + url: ${{ fromJson(env.environment-info)[env.environment].base-url }}/p/ni-python-styleguide + permissions: + id-token: write + steps: + - name: Download build artifacts + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + with: + name: ${{ env.dist-artifact-name }} + path: dist/ + - run: ls -lR + - name: Upload to ${{ env.environment }} + uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 + with: + repository-url: ${{ fromJson(env.environment-info)[env.environment].upload-url }} + update_version: + name: Update package version to next alpha version + runs-on: ubuntu-latest + needs: [build_package] + permissions: + contents: write + pull-requests: write + steps: + - name: Check out repo + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: Set up Python + uses: ni/python-actions/setup-python@5286c12d65d90b2ea738bd57d452dc4366497581 # v0.4.1 + - name: Set up Poetry + uses: ni/python-actions/setup-poetry@5286c12d65d90b2ea738bd57d452dc4366497581 # v0.4.1 # If the version is 0.1.0-alpha.0, this will set the version to 0.1.0 - name: Promote package version to release - run: | - poetry version patch - - - name: Build Python package and publish to PyPI - if: ${{ github.event.release.target_commitish == 'main' }} - run: | - poetry publish --build --username __token__ --password ${{ secrets.PYPI_TOKEN}} - - - name: Bump poetry version to next alpha version - run: | - poetry version prepatch - - - name: Commit files - if: ${{ github.event.release.target_commitish == 'main' }} - run: | - git config --local user.email "action@github.com" - git config --local user.name "GitHub Action" - git pull --tags -f - git commit -m "Bump package version" -a - - - name: Push changes - if: ${{ github.event.release.target_commitish == 'main' }} - uses: CasperWA/push-protected@v2 + run: poetry version patch + - name: Update project version + uses: ni/python-actions/update-project-version@5286c12d65d90b2ea738bd57d452dc4366497581 # v0.4.1 with: + # The default GITHUB_TOKEN cannot trigger PR workflows. token: ${{ secrets.ADMIN_PAT }} - branch: ${{ github.event.release.target_commitish }} - unprotect_reviews: true + version-rule: "prepatch" + use-dev-suffix: false