ci: fix python wheel build issue #7
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Licensed to the Apache Software Foundation (ASF) under one | |
| # or more contributor license agreements. See the NOTICE file | |
| # distributed with this work for additional information | |
| # regarding copyright ownership. The ASF licenses this file | |
| # to you under the Apache License, Version 2.0 (the | |
| # "License"); you may not use this file except in compliance | |
| # with the License. You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, | |
| # software distributed under the License is distributed on an | |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
| # KIND, either express or implied. See the License for the | |
| # specific language governing permissions and limitations | |
| # under the License. | |
| # Publish the fluss Python binding to PyPI. | |
| # Trigger: push tag only (e.g. v0.1.0). | |
| # Pre-release tags (containing '-') publish to TestPyPI; release tags publish to PyPI. | |
| # | |
| # Token auth: set repo variable PYPI_USE_TOKEN_AUTH = 'true' and add secrets PYPI_API_TOKEN / TEST_PYPI_API_TOKEN. | |
| # Trusted Publishing (OIDC): leave PYPI_USE_TOKEN_AUTH unset; do not pass password so the action uses OIDC. | |
| name: Release Python | |
| on: | |
| push: | |
| tags: | |
| - "v*" # Only version-like tags (e.g. v0.1.0, v0.1.0-rc1); avoids running on arbitrary tags | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| version-check: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/verify-tag-version | |
| sdist: | |
| runs-on: ubuntu-latest | |
| needs: [version-check] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Generate Python README | |
| run: python bindings/python/generate_readme.py | |
| - name: Install protoc | |
| run: sudo apt-get update && sudo apt-get install -y protobuf-compiler | |
| - uses: PyO3/maturin-action@v1 | |
| with: | |
| working-directory: bindings/python | |
| command: sdist | |
| args: -o dist | |
| - name: Upload sdist | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: wheels-sdist | |
| path: bindings/python/dist | |
| wheels: | |
| runs-on: ${{ matrix.os }} | |
| needs: [version-check] | |
| strategy: | |
| matrix: | |
| include: | |
| - { os: windows-latest } | |
| - { os: macos-15-intel, target: "x86_64-apple-darwin" } | |
| - { os: macos-15, target: "aarch64-apple-darwin" } | |
| - { os: ubuntu-latest, target: "x86_64" } | |
| - { os: ubuntu-latest, target: "aarch64", manylinux: "manylinux_2_28" } | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Generate Python README | |
| run: python3 bindings/python/generate_readme.py | |
| - name: Install protoc (Linux) | |
| if: runner.os == 'Linux' | |
| run: sudo apt-get update && sudo apt-get install -y protobuf-compiler | |
| - name: Install protoc (macOS) | |
| if: runner.os == 'macOS' | |
| run: brew install protobuf | |
| - name: Install protoc (Windows) | |
| if: runner.os == 'Windows' | |
| run: choco install protoc -y | |
| shell: pwsh | |
| - uses: PyO3/maturin-action@v1 | |
| with: | |
| working-directory: bindings/python | |
| target: ${{ matrix.target }} | |
| command: build | |
| args: --release -o dist -i python3.9 | |
| manylinux: ${{ matrix.manylinux || 'auto' }} | |
| # Build on host for Linux x86_64 so fluss's build.rs can find protoc (manylinux image has no protoc) | |
| container: ${{ matrix.os == 'ubuntu-latest' && matrix.target == 'x86_64' && 'off' || '' }} | |
| # Mount host protoc into aarch64 manylinux container (build runs as x86_64 in cross image) | |
| docker-options: ${{ matrix.os == 'ubuntu-latest' && matrix.target == 'aarch64' && '-v /usr/bin/protoc:/usr/local/bin/protoc -e PROTOC=/usr/local/bin/protoc' || '' }} | |
| - uses: PyO3/maturin-action@v1 | |
| with: | |
| working-directory: bindings/python | |
| target: ${{ matrix.target }} | |
| command: build | |
| args: --release -o dist -i python3.10 | |
| manylinux: ${{ matrix.manylinux || 'auto' }} | |
| container: ${{ matrix.os == 'ubuntu-latest' && matrix.target == 'x86_64' && 'off' || '' }} | |
| docker-options: ${{ matrix.os == 'ubuntu-latest' && matrix.target == 'aarch64' && '-v /usr/bin/protoc:/usr/local/bin/protoc -e PROTOC=/usr/local/bin/protoc' || '' }} | |
| - uses: PyO3/maturin-action@v1 | |
| with: | |
| working-directory: bindings/python | |
| target: ${{ matrix.target }} | |
| command: build | |
| args: --release -o dist -i python3.11 | |
| manylinux: ${{ matrix.manylinux || 'auto' }} | |
| container: ${{ matrix.os == 'ubuntu-latest' && matrix.target == 'x86_64' && 'off' || '' }} | |
| docker-options: ${{ matrix.os == 'ubuntu-latest' && matrix.target == 'aarch64' && '-v /usr/bin/protoc:/usr/local/bin/protoc -e PROTOC=/usr/local/bin/protoc' || '' }} | |
| - uses: PyO3/maturin-action@v1 | |
| with: | |
| working-directory: bindings/python | |
| target: ${{ matrix.target }} | |
| command: build | |
| args: --release -o dist -i python3.12 | |
| manylinux: ${{ matrix.manylinux || 'auto' }} | |
| container: ${{ matrix.os == 'ubuntu-latest' && matrix.target == 'x86_64' && 'off' || '' }} | |
| docker-options: ${{ matrix.os == 'ubuntu-latest' && matrix.target == 'aarch64' && '-v /usr/bin/protoc:/usr/local/bin/protoc -e PROTOC=/usr/local/bin/protoc' || '' }} | |
| - name: Upload wheels | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: wheels-${{ matrix.os }}-${{ matrix.target || 'native' }} | |
| path: bindings/python/dist | |
| release: | |
| name: Publish to PyPI | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| id-token: write | |
| needs: [version-check, sdist, wheels] | |
| if: startsWith(github.ref, 'refs/tags/') | |
| steps: | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| pattern: wheels-* | |
| merge-multiple: true | |
| path: bindings/python/dist | |
| - name: Publish to TestPyPI (token) | |
| if: contains(github.ref, '-') && vars.PYPI_USE_TOKEN_AUTH == 'true' | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ | |
| skip-existing: true | |
| packages-dir: bindings/python/dist | |
| password: ${{ secrets.TEST_PYPI_API_TOKEN }} | |
| - name: Publish to TestPyPI (Trusted Publishing) | |
| if: contains(github.ref, '-') && vars.PYPI_USE_TOKEN_AUTH != 'true' | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ | |
| skip-existing: true | |
| packages-dir: bindings/python/dist | |
| - name: Publish to PyPI (token) | |
| if: ${{ !contains(github.ref, '-') && vars.PYPI_USE_TOKEN_AUTH == 'true' }} | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| skip-existing: true | |
| packages-dir: bindings/python/dist | |
| password: ${{ secrets.PYPI_API_TOKEN }} | |
| - name: Publish to PyPI (Trusted Publishing) | |
| if: ${{ !contains(github.ref, '-') && vars.PYPI_USE_TOKEN_AUTH != 'true' }} | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| skip-existing: true | |
| packages-dir: bindings/python/dist |