chore: pip: Bump poethepoet from 0.23.0 to 0.24.1 (#310) #27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will call the build_and_test.yml workflow to install Python dependencies, run tests and lint | |
# with a single version of Python | |
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python | |
# These jobs are specifically designed to test the codebase | |
# and ensure that basic contributing from both mac and windows will work | |
# Once both windows and mac builds are successful, the next steps will | |
# - using semantic-version will version the code, pushing the version back to the repo | |
# - push a package to pypi | |
# - push a formula to the homebrew repo | |
name: Publish | |
on: | |
push: | |
branches: [ main ] | |
jobs: | |
build-test: | |
name: Build & Test | |
uses: ./.github/workflows/build_and_test.yml | |
secureli-release: | |
name: GH Release | |
needs: [ build-test ] | |
runs-on: ubuntu-latest | |
environment: publish | |
concurrency: release | |
permissions: | |
id-token: write | |
contents: write | |
outputs: | |
uploaded: ${{ steps.upload.outputs.uploaded }} | |
steps: | |
- name: Get App Token | |
uses: tibdex/github-app-token@v2 | |
id: app_token | |
with: | |
app_id: ${{ secrets.APP_ID }} | |
private_key: ${{ secrets.APP_PRIVATE_KEY }} | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
token: ${{ steps.app_token.outputs.token }} | |
- name: Python Semantic Release | |
id: release | |
uses: python-semantic-release/[email protected] | |
with: | |
github_token: ${{ steps.app_token.outputs.token }} | |
- name: Upload assets to GitHub Releases | |
id: upload | |
env: | |
GH_TOKEN: ${{ steps.app_token.outputs.token }} | |
run: | | |
if [[ -d dist ]]; then | |
if [[ -n "$(find ./dist -name 'secureli*' -print -quit)" ]]; then | |
gh release upload ${{ steps.release.outputs.tag }} ./dist/secureli* | |
echo "uploaded=true" >> "$GITHUB_OUTPUT" | |
else | |
echo "uploaded=false" >> "$GITHUB_OUTPUT" | |
fi | |
else | |
echo "uploaded=false" >> "$GITHUB_OUTPUT" | |
fi | |
- name: Display Output | |
run: echo uploaded=${{ steps.upload.outputs.uploaded }} | |
secureli-publish: | |
name: PyPI Publish | |
if: needs.secureli-release.outputs.uploaded == 'true' | |
runs-on: ubuntu-latest | |
needs: secureli-release | |
permissions: | |
id-token: write # IMPORTANT: this permission is mandatory for trusted publishing | |
steps: | |
- name: Display Inputs | |
run: echo uploaded=${{ needs.secureli-release.outputs.uploaded }} | |
- name: Checkout seCureLI Repo | |
uses: actions/checkout@v4 | |
with: | |
ref: main | |
fetch-depth: 0 | |
- name: Set up Python 3.11 | |
id: setup-python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: "3.11" | |
- run: | | |
pip install poetry | |
poetry install | |
poetry build | |
- name: Publish package distributions to PyPI | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
with: | |
skip-existing: true | |
deploy: | |
name: Upload Homebrew Formula | |
if: needs.secureli-release.outputs.uploaded == 'true' | |
runs-on: ubuntu-latest | |
environment: publish | |
needs: secureli-release | |
steps: | |
- name: Display Inputs | |
run: echo uploaded=${{ needs.secureli-release.outputs.uploaded }} | |
- name: Get App Token | |
uses: tibdex/github-app-token@v2 | |
id: app_token | |
with: | |
app_id: ${{ secrets.APP_ID }} | |
private_key: ${{ secrets.APP_PRIVATE_KEY }} | |
- uses: actions/checkout@v4 | |
with: | |
ref: main | |
fetch-depth: 0 | |
- name: Checkout seCureLI Homebrew Repo | |
uses: actions/checkout@v4 | |
with: | |
repository: slalombuild/homebrew-secureli | |
token: ${{ steps.app_token.outputs.token }} | |
path: homebrew-secureli | |
ref: main | |
fetch-depth: 0 | |
- name: Homebrew Formula Generation | |
env: | |
GH_TOKEN: ${{ steps.app_token.outputs.token }} | |
run: ./scripts/secureli-deployment.sh | |
integration-testing: | |
name: Integration Testing | |
needs: [ build-test, secureli-release, secureli-publish, deploy ] | |
if: | | |
always() && | |
(needs.secureli-publish.result == 'success' || needs.secureli-publish.result == 'skipped') && | |
(needs.deploy.result == 'success' || needs.deploy.result == 'skipped') | |
uses: ./.github/workflows/integration_testing.yml |