Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Improve PyPI Automation #4375

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 15 commits into from
Sep 1, 2024
Merged

Improve PyPI Automation #4375

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
6a8f3cc
Split Workflows for PyPI and Test PyPI Upload
Bibo-Joshi Jul 13, 2024
d87d528
slight changes to the production workflow
Bibo-Joshi Jul 13, 2024
cbee05d
Copy test_pypi to pypi - dummy commit to show that the workflows are …
Bibo-Joshi Jul 13, 2024
6a155d3
revert dummy commit
Bibo-Joshi Jul 13, 2024
a255ee5
Update name
Bibo-Joshi Jul 13, 2024
e26a039
Get tag name from `__version__`
Bibo-Joshi Jul 17, 2024
e620de0
Temporarily run test_pypi_workflow on push for testing
Bibo-Joshi Jul 17, 2024
8f1ce9c
Change the version number to get a working testpypi build
Bibo-Joshi Jul 17, 2024
2a33269
Try again getting the tag
Bibo-Joshi Jul 17, 2024
d4c0bce
Try again
Bibo-Joshi Jul 17, 2024
9aa72ac
try correctly using the tag in the gh release
Bibo-Joshi Jul 17, 2024
f399926
Revert "Temporarily run test_pypi_workflow on push for testing"
Bibo-Joshi Jul 18, 2024
edac119
Remove a debug leftover
Bibo-Joshi Jul 26, 2024
31c9407
update sigstore action
Bibo-Joshi Aug 21, 2024
f674d92
Merge branch 'refs/heads/master' into improve-pypi-automation
Bibo-Joshi Aug 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
107 changes: 16 additions & 91 deletions .github/workflows/release_pypi.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,15 @@
name: Publish to PyPI

on:
# Run on any tag
push:
tags:
- '**'
# manually trigger the workflow - for testing only
# manually trigger the workflow
workflow_dispatch:

jobs:
build:
name: Build Distribution
runs-on: ubuntu-latest
outputs:
TAG: ${{ steps.get_tag.outputs.TAG }}

steps:
- uses: actions/checkout@v4
Expand All @@ -29,11 +27,15 @@ jobs:
with:
name: python-package-distributions
path: dist/
- name: Get Tag Name
id: get_tag
run: |
pip install .
TAG=$(python -c "from telegram import __version__; print(f'v{__version__}')")
echo "TAG=$TAG" >> $GITHUB_OUTPUT

publish-to-pypi:
name: Publish to PyPI
# only publish to PyPI on tag pushes
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
needs:
- build
runs-on: ubuntu-latest
Expand All @@ -52,42 +54,11 @@ jobs:
- name: Publish to PyPI
uses: pypa/gh-action-pypi-publish@release/v1

publish-to-test-pypi:
name: Publish to Test PyPI
needs:
- build
runs-on: ubuntu-latest
environment:
name: release_test_pypi
url: https://test.pypi.org/p/python-telegram-bot
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing

steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Publish to Test PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
repository-url: https://test.pypi.org/legacy/

compute-signatures:
name: Compute SHA1 Sums and Sign with Sigstore
runs-on: ubuntu-latest
needs:
- publish-to-pypi
- publish-to-test-pypi
# run if either of the publishing jobs ran successfully
# see also:
# https://github.com/actions/runner/issues/491#issuecomment-850884422
if: |
always() && (
(needs.publish-to-pypi.result == 'success') ||
(needs.publish-to-test-pypi.result == 'success')
)

permissions:
id-token: write # IMPORTANT: mandatory for sigstore
Expand All @@ -106,7 +77,7 @@ jobs:
sha1sum $file > $file.sha1
done
- name: Sign the dists with Sigstore
uses: sigstore/gh-action-sigstore-python@v2.1.1
uses: sigstore/gh-action-sigstore-python@v3.0.0
with:
inputs: >-
./dist/*.tar.gz
Expand All @@ -120,56 +91,9 @@ jobs:
github-release:
name: Upload to GitHub Release
needs:
- publish-to-pypi
- build
- compute-signatures
if: |
always() && (
(needs.publish-to-pypi.result == 'success') &&
(needs.compute-signatures.result == 'success')
)

runs-on: ubuntu-latest

permissions:
contents: write # IMPORTANT: mandatory for making GitHub Releases

steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions-and-signatures
path: dist/
- name: Create GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
# Create a GitHub Release for this tag. The description can be changed later, as for now
# we don't define it through this workflow.
run: >-
gh release create
'${{ github.ref_name }}'
--repo '${{ github.repository }}'
--generate-notes
- name: Upload artifact signatures to GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
# Upload to GitHub Release using the `gh` CLI.
# `dist/` contains the built packages, and the
# sigstore-produced signatures and certificates.
run: >-
gh release upload
'${{ github.ref_name }}' dist/**
--repo '${{ github.repository }}'

github-test-release:
name: Upload to GitHub Release Draft
needs:
- publish-to-test-pypi
- compute-signatures
if: |
always() && (
(needs.publish-to-test-pypi.result == 'success') &&
(needs.compute-signatures.result == 'success')
)
runs-on: ubuntu-latest

permissions:
Expand All @@ -184,21 +108,22 @@ jobs:
- name: Create GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
# Create a GitHub Release *draft*. The description can be changed later, as for now
TAG: ${{ needs.build.outputs.TAG }}
# Create a tag and a GitHub Release. The description can be changed later, as for now
# we don't define it through this workflow.
run: >-
gh release create
'${{ github.ref_name }}'
'${{ env.TAG }}'
--repo '${{ github.repository }}'
--generate-notes
--draft
- name: Upload artifact signatures to GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
TAG: ${{ needs.build.outputs.TAG }}
# Upload to GitHub Release using the `gh` CLI.
# `dist/` contains the built packages, and the
# sigstore-produced signatures and certificates.
run: >-
gh release upload
'${{ github.ref_name }}' dist/**
'${{ env.TAG }}' dist/**
--repo '${{ github.repository }}'
132 changes: 132 additions & 0 deletions .github/workflows/release_test_pypi.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,132 @@
name: Publish to Test PyPI

on:
# manually trigger the workflow
workflow_dispatch:

jobs:
build:
name: Build Distribution
runs-on: ubuntu-latest
outputs:
TAG: ${{ steps.get_tag.outputs.TAG }}

steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Install pypa/build
run: >-
python3 -m pip install build --user
- name: Build a binary wheel and a source tarball
run: python3 -m build
- name: Store the distribution packages
uses: actions/upload-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Get Tag Name
id: get_tag
run: |
pip install .
TAG=$(python -c "from telegram import __version__; print(f'v{__version__}')")
echo "TAG=$TAG" >> $GITHUB_OUTPUT

publish-to-test-pypi:
name: Publish to Test PyPI
needs:
- build
runs-on: ubuntu-latest
environment:
name: release_test_pypi
url: https://test.pypi.org/p/python-telegram-bot
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing

steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Publish to Test PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
repository-url: https://test.pypi.org/legacy/

compute-signatures:
name: Compute SHA1 Sums and Sign with Sigstore
runs-on: ubuntu-latest
needs:
- publish-to-test-pypi

permissions:
id-token: write # IMPORTANT: mandatory for sigstore

steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Compute SHA1 Sums
run: |
# Compute SHA1 sum of the distribution packages and save it to a file with the same name,
# but with .sha1 extension
for file in dist/*; do
sha1sum $file > $file.sha1
done
- name: Sign the dists with Sigstore
uses: sigstore/[email protected]
with:
inputs: >-
./dist/*.tar.gz
./dist/*.whl
- name: Store the distribution packages and signatures
uses: actions/upload-artifact@v4
with:
name: python-package-distributions-and-signatures
path: dist/

github-test-release:
name: Upload to GitHub Release Draft
needs:
- build
- compute-signatures

runs-on: ubuntu-latest

permissions:
contents: write # IMPORTANT: mandatory for making GitHub Releases

steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions-and-signatures
path: dist/
- name: Create GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
TAG: ${{ needs.build.outputs.TAG }}
# Create a GitHub Release *draft*. The description can be changed later, as for now
# we don't define it through this workflow.
run: >-
gh release create
'${{ env.TAG }}'
--repo '${{ github.repository }}'
--generate-notes
--draft
- name: Upload artifact signatures to GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
TAG: ${{ needs.build.outputs.TAG }}
# Upload to GitHub Release using the `gh` CLI.
# `dist/` contains the built packages, and the
# sigstore-produced signatures and certificates.
run: >-
gh release upload
'${{ env.TAG }}' dist/**
--repo '${{ github.repository }}'