From e6e8da8dfe9844aa410460e54f44d0e22310991c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= Date: Mon, 6 Jan 2025 13:57:56 +0100 Subject: [PATCH] feat: modernize release process - use uv to build and publish packages - use trusted publishing instead for stored token - build and lint packages on every commit, not only on release time --- .github/workflows/release.yml | 29 +++++++++++------------------ 1 file changed, 11 insertions(+), 18 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 982bedbd7..3f40f46ab 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,26 +3,20 @@ name: Release on: release: types: [published] + push: + pull_request: jobs: release: runs-on: ubuntu-latest + permissions: + id-token: write steps: - uses: actions/checkout@v4 - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.9' - cache: pip - cache-dependency-path: requirements*.txt - - - name: Install Python dependencies - run: | - python -m pip install --upgrade pip - pip install wheel twine + - uses: astral-sh/setup-uv@v5 - name: Verify tag is documented + if: github.event_name == 'release' run: | CURRENT_TAG=${GITHUB_REF#refs/tags/} CURRENT_VERSION=$(head -n1 social_core/__init__.py | awk '{print $3}' | sed 's/[^0-9\.]//g') @@ -34,9 +28,10 @@ jobs: fi - name: Build dist - run: python setup.py sdist bdist_wheel --python-tag py3 + run: uv build - name: Archive dist + if: github.event_name == 'release' uses: actions/upload-artifact@v4 with: name: dist @@ -45,10 +40,8 @@ jobs: dist/*.whl - name: Verify long description rendering - run: twine check dist/* + run: uvx twine check dist/* - name: Publish - env: - PYPI_API_TOKEN: ${{ secrets.PYPI_API_TOKEN }} - run: | - twine upload --non-interactive -u __token__ -p "${PYPI_API_TOKEN}" dist/* + if: github.event_name == 'release' && github.repository == 'python-social-auth/social-core' + run: uv publish --trusted-publishing always