Release Orchestration #49
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Orchestration | |
| permissions: | |
| actions: read | |
| contents: read | |
| # TODO: Tag and branch | |
| # TODO: insure we can only release from privileged branches/tags? | |
| # TODO: watch for releasing the same version more than once | |
| # TODO: figure out when we only publish to test, and when we go live | |
| # TODO: drop permissions here when calling children | |
| on: | |
| # push: # Just for testing FIXME: Remove this. | |
| workflow_dispatch: | |
| inputs: | |
| workflow-build-variant: | |
| description: "Build Variant" | |
| type: choice | |
| default: "dev" | |
| options: | |
| - dev | |
| - alpha | |
| - beta | |
| - rc | |
| - release | |
| env: | |
| PYTHON_VERSION: "3.13" | |
| jobs: | |
| generate-build-number: | |
| name: "Generate build number" | |
| runs-on: ubuntu-latest | |
| # permissions: | |
| # contents: write | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: "Generate version-with-buildnum.txt file" | |
| id: gen-build-num | |
| uses: ./.github/actions/version-dot-buildnum-generate | |
| with: | |
| build-variant: ${{ inputs.workflow-build-variant }} | |
| - name: "Tag repository" | |
| # Tagging is part of the build number generation in part because | |
| # tag uniqueness serves as a synchronization mechanism to prevent | |
| # multiple releases of the same version. | |
| run: | | |
| set -x | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "CICD for github repository ${GITHUB_REPOSITORY}" | |
| git config --list --show-origin | |
| if [ "${{ steps.gen-build-num.outputs.variant-raw }}" = "release" ] | |
| then | |
| git tag -a -m "test tag comment" "${{steps.gen-build-num.outputs.version}}" | |
| git push origin "${{steps.gen-build-num.outputs.version}}" | |
| fi | |
| git tag -a -m "test tag comment" "${{steps.gen-build-num.outputs.version-with-buildnum}}" | |
| git push origin "${{steps.gen-build-num.outputs.version-with-buildnum}}" | |
| test: | |
| name: "Prerelease Tests" | |
| uses: ./.github/workflows/test.yml | |
| needs: generate-build-number # Doesn't really need it, but gates the pipeline | |
| package: | |
| name: "Build Release Artifacts" | |
| uses: ./.github/workflows/release-build.yml | |
| needs: [test, generate-build-number] | |
| publish: | |
| name: "Publish Release Artifacts" | |
| uses: ./.github/workflows/release-publish.yml | |
| needs: package | |
| secrets: | |
| PYPI_API_TOKEN: ${{ secrets.PYPI_API_TOKEN }} | |
| PYPI_API_TOKEN_TEST: ${{ secrets.PYPI_API_TOKEN_TEST }} |