Publish Python distribution to PyPI and TestPyPI #47
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Python distribution to PyPI and TestPyPI | |
| on: | |
| release: | |
| types: [published, prereleased] | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| name: Build distribution | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - name: Install build dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install --upgrade setuptools wheel build twine | |
| - name: Build distribution | |
| run: | | |
| python setup.py sdist bdist_wheel | |
| - name: Check distribution | |
| run: | | |
| twine check dist/* | |
| - name: Store the distribution packages | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| retention-days: 7 | |
| sign-and-publish: | |
| name: Sign and Publish Python | |
| needs: [build] | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: ${{ (github.event.release && github.event.release.prerelease) && 'testpypi' || 'pypi' }} | |
| url: ${{ (github.event.release && github.event.release.prerelease) && 'https://test.pypi.org/p/${{ github.event.repository.name }}' || 'https://pypi.org/p/${{ github.event.repository.name }}' }} | |
| permissions: | |
| contents: write | |
| id-token: write | |
| steps: | |
| - name: Download distributions | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| - name: Sign the distributions with Sigstore | |
| uses: sigstore/gh-action-sigstore-python@v3.0.0 | |
| with: | |
| inputs: | | |
| ./dist/*.tar.gz | |
| ./dist/*.whl | |
| upload-signing-artifacts: true | |
| - name: Clean up signature files | |
| run: | | |
| rm -f dist/*.sigstore.json | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@v1.8.11 | |
| with: | |
| repository-url: ${{ (github.event.release && github.event.release.prerelease) && 'https://test.pypi.org/legacy/' || '' }} |