Skip to content
Python CI/CD

add new input param #16

Sign in to view logs

add new input param

add new input param #16

Workflow file for this run

.github/workflows/ci.yml at c1e29b4
name: Python CI/CD
on:
push:
branches:
- "**"
tags:
- "v*.*.*"
concurrency:
group: graphite-dev-ci-pipeline
cancel-in-progress: true
permissions:
contents: write
id-token: write
env:
PYTHON_VERSION: "3.12"
jobs:
version:
name: Get Package Version
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
outputs:
package-version: ${{ steps.package-version.outputs.VERSION }}
remote-version: ${{ steps.remote-version.outputs.LATEST_VERSION }}
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0 # Ensure full history for tagging
- name: Set up Python
id: setup-python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHON_VERSION }}
# - name: Install Poetry
# uses: snok/install-poetry@v1
#
- name: Install the latest version of uv
uses: astral-sh/setup-uv@v6
with:
version: "latest"
- name: Get Package Version
id: package-version
run: |
echo "VERSION=$(uv version --short)" >> $GITHUB_OUTPUT
- name: Remote Check PyPI Version
id: remote-version
run: |
echo "LATEST_VERSION=$(pip index versions grafi-dev 2>/dev/null | grep 'LATEST:' | awk '{print $2}')" >> $GITHUB_OUTPUT
publish_pypi:
name: Publish to PyPI
runs-on: ubuntu-latest
needs: version
if: github.ref == 'refs/heads/main' && ( needs.version.outputs.package-version != needs.version.outputs.remote-version )
# Specifying a GitHub environment is optional, but strongly encouraged
environment: production
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python
id: setup-python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Install the latest version of uv
uses: astral-sh/setup-uv@v6
with:
version: "latest"
#- name: Install Poetry
# uses: snok/install-poetry@v1
- name: Check if new version is different than PyPi remote
id: check-version
run: |
remote_latest_version=$(curl -s https://pypi.org/pypi/grafi-dev/json | jq -r .info.version)
current_version=$(uv version --short)
if [ "$remote_latest_version" == "$current_version" ]; then
echo "No new version to publish."
exit 0
else
echo "New version available: $current_version"
fi
- name: Install project
run: |
uv sync
uv build
- name: mint API token
id: mint-token
run: |
# retrieve the ambient OIDC token
resp=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" \
"$ACTIONS_ID_TOKEN_REQUEST_URL&audience=pypi")
oidc_token=$(jq -r '.value' <<< "${resp}")
# exchange the OIDC token for an API token
resp=$(curl -X POST https://pypi.org/_/oidc/mint-token -d "{\"token\": \"${oidc_token}\"}")
api_token=$(jq -r '.token' <<< "${resp}")
# mask the newly minted API token, so that we don't accidentally leak it
echo "::add-mask::${api_token}"
# see the next step in the workflow for an example of using this step output
echo "api-token=${api_token}" >> "${GITHUB_OUTPUT}"
- name: Publish package distributions to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
verbose: true
github_release:
name: Github Release
runs-on: ubuntu-latest
needs:
- publish_pypi
- version
if: github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0 # Ensure full history f
- name: Set up Git user
run: |
git config --global user.name "github-actions[bot]"
git config --global user.email "github-actions@github.com"
- name: Create Release
uses: ncipollo/release-action@v1.12.0
with:
allowUpdates: true
draft: false
makeLatest: true
name: ${{ needs.version.outputs.package-version }}
body: Changelog Contents
token: ${{ github.token }}
tag: ${{ needs.version.outputs.package-version }}
skipIfReleaseExists: true