Skip to content

fix(ci): pypi publish does not like the sigstore.json files #12

fix(ci): pypi publish does not like the sigstore.json files

fix(ci): pypi publish does not like the sigstore.json files #12

Workflow file for this run

# This workflows will upload a Python Package using Twine when a release is created
# For more information see: https://help.github.com/en/actions/language-and-framework-guides/using-python-with-github-actions#publishing-to-package-registries
name: Upload Python Package
on:
push:
tags:
# Publish only actual releases, not dev/alpha/beta/rc tags
- v[0-9]+.[0-9]+.[0-9]+
jobs:
tests:
uses: ./.github/workflows/tests.yml
secrets: inherit
matrix-tests:
uses: ./.github/workflows/matrix-tests.yml
secrets: inherit
publish:
runs-on: ubuntu-latest
needs:
- tests
- matrix-tests
permissions:
contents: write # allows creating a GitHub Release
id-token: write # allows signing the dists with Sigstore
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Check that VERSION in _version.py and the tag are consistent
env:
VERSION: ${{ github.ref_name }}
shell: bash
run: diff <(echo "VERSION = \"${VERSION#v}\"") <(head -1 readalongs/_version.py)
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install build
- name: Build
run: python -m build --sdist --wheel
- name: Sign the dists with Sigstore
uses: sigstore/[email protected]
with:
inputs: >-
./dist/*.tar.gz
./dist/*.whl
- name: Update CHANGELOG
id: changelog
uses: requarks/changelog-action@v1
with:
token: ${{ github.token }}
tag: ${{ github.ref_name }}
- name: Create a GitHub release
uses: ncipollo/release-action@v1
with:
tag: ${{ github.ref_name }}
name: ${{ github.ref_name }}
body: ${{ steps.changelog.outputs.changes }}
token: ${{ github.token }}
- name: Remove the sigstore files, not supported by pypa publish
run: rm -f ./dist/*.sigstore.json
- name: Publish distribution 📦 to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.PYPI_API_TOKEN }}
verbose: true
attestations: true
deploy-docs:
# Create latest docs
runs-on: ubuntu-latest
needs:
- publish
permissions:
contents: write # to push to the gh-pages branch
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # needed to get the gh-pages branch
- uses: actions/setup-python@v5
with:
python-version: "3.8"
- name: Install dependencies and Studio
run: |
python -m pip install --upgrade pip
pip install wheel
pip install -r docs/requirements.txt -e .
- name: Setup doc deploy
run: |
git config user.name 'github-actions[bot]'
git config user.email 'github-actions[bot]@users.noreply.github.com'
- name: Deploy docs with mike 🚀
run: |
mike deploy --push --update-aliases ${{ github.ref_name }} stable latest