aiobmsble/.github/workflows/python-publish.yml at main · TechBlueprints/aiobmsble · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
# This workflow will upload a Python Package to PyPI when a release is created
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python#publishing-to-package-registries

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.

name: Publish to PyPi

on:
  release:
    types: [published]
  # workflow_dispatch:
  #   inputs:
  #     release_tag:
  #       description: 'Name of the release (e.g., 1.2.3)'
  #       required: true

permissions:
  contents: read

jobs:
  validate-tag:
    runs-on: ubuntu-latest
    steps:
      - name: Verify release tag starts with a number
        run: |
          tag="${{ github.event.release.tag_name }}"
          echo "Checking release tag: $tag"

          # Regex for strict semantic versioning: X.Y.Z with optional pre-release/build metadata
          semver_regex='^[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z.-]+)?(\+[0-9A-Za-z.-]+)?$'

          if [[ ! "$tag" =~ $semver_regex ]]; then
            echo "❌ Invalid tag: must match semantic version, e.g. '3.4.5-beta.2+exp'"
            exit 1
          else
            echo "✅ Tag is valid"
          fi


  release-build:
    name: Build distribution
    runs-on: ubuntu-latest
    needs:
      - validate-tag

    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-python@v5
        with:
          python-version: "3.x"

      - name: Install build dependencies
        run: |
          python -m pip install --upgrade pip
          pip install build

      # - name: Set version from tag
      #   run: |
      #     VERSION="${{ github.event.release.tag_name }}"
      #     toml set --toml-path pyproject.toml project.version "$VERSION"

      - name: Build release package
        run: python -m build

      - name: Upload release package
        uses: actions/upload-artifact@v4
        with:
          name: release-dists
          path: dist/

  pypi-publish:
    runs-on: ubuntu-latest
    needs:
      - release-build
    permissions:
      # IMPORTANT: this permission is mandatory for trusted publishing
      id-token: write

    # Dedicated environments with protections for publishing are strongly recommended.
    # For more information, see: https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules
    environment:
      name: pypi-release
      # OPTIONAL: uncomment and update to include your PyPI project URL in the deployment status:
      # url: https://pypi.org/p/YOURPROJECT
      #
      # ALTERNATIVE: if your GitHub Release name is the PyPI project version string
      # ALTERNATIVE: exactly, uncomment the following line instead:
      # url: https://pypi.org/project/aiobmsble/${{ github.event.inputs.release_name }}
      url: https://pypi.org/project/aiobmsble/${{ github.event.release.tag_name }}

    steps:
      - name: Retrieve release distributions
        uses: actions/download-artifact@v4
        with:
          name: release-dists
          path: dist/

      - name: Publish release distributions to PyPI
        uses: pypa/gh-action-pypi-publish@release/v1
        with:
          packages-dir: dist/