Skip to content

Add TestPyPI workflow for safe release testing #367

Closed
Closed
Add TestPyPI workflow for safe release testing#367
Assignees
itdove
Labels
ci-cdenhancementNew feature or request
@itdove

Description

@itdove
itdove
opened on Apr 8, 2026

Overview

Create a separate GitHub Actions workflow for publishing to TestPyPI to enable safe testing of the release process before publishing to production PyPI.

Why TestPyPI?

Benefits:

  • ✅ Test the entire release process without touching production
  • ✅ Verify PyPI Trusted Publishing configuration works
  • ✅ Catch packaging/metadata issues early
  • ✅ Safe experimentation with workflow changes
  • ✅ Standard best practice for Python projects

Implementation Checklist

1. TestPyPI Account Setup

2. Configure Trusted Publishing on TestPyPI

  • Go to https://test.pypi.org/manage/account/publishing/
  • Click "Add a new pending publisher"
  • Configure publisher settings:
    • PyPI Project Name: devaiflow
    • Owner: itdove
    • Repository name: devaiflow
    • Workflow name: publish-test.yml
    • Environment name: testpypi
  • Save configuration

3. Create GitHub Environment

4. Create Workflow File

  • Create .github/workflows/publish-test.yml with the following content:
# GitHub Actions CI/CD - TestPyPI Publish Workflow
# Publishes package to TestPyPI for testing

name: Publish to TestPyPI

on:
  push:
    tags:
      - 'v*-test*'  # Trigger on test tags (e.g., v2.2.0-test, v2.2.0-test1)
  workflow_dispatch:  # Allow manual trigger

jobs:
  build-and-publish-test:
    name: Build and Publish to TestPyPI
    runs-on: ubuntu-latest
    environment: testpypi  # Use GitHub environment for Trusted Publishing
    permissions:
      id-token: write  # Required for Trusted Publishing
      contents: read

    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set up Python
        uses: actions/setup-python@v5
        with:
          python-version: "3.12"

      - name: Install build dependencies
        run: |
          python -m pip install --upgrade pip
          pip install build twine

      - name: Build distribution packages
        run: |
          python -m build

      - name: Check distribution packages
        run: |
          twine check dist/*
          ls -la dist/

      - name: Publish to TestPyPI
        uses: pypa/gh-action-pypi-publish@release/v1
        with:
          repository-url: https://test.pypi.org/legacy/
          skip-existing: true
          verbose: true
          print-hash: true
  • Commit and push the workflow file

5. Test the Workflow

  • Create test release branch:

    git checkout -b release-2.2-test main

  • Update version to test version in pyproject.toml:

    version = "2.2.0-test1"

  • Update version in devflow/__init__.py:

    __version__ = "2.2.0-test1"

  • Commit changes:

    git add pyproject.toml devflow/__init__.py
git commit -m "chore: bump version to 2.2.0-test1 for TestPyPI"

  • Create and push test tag:

    git tag -a v2.2.0-test1 -m "Test release for TestPyPI"
git push origin v2.2.0-test1

  • Monitor GitHub Actions: https://github.com/itdove/devaiflow/actions

  • Verify publication on TestPyPI: https://test.pypi.org/project/devaiflow/

  • Test installation from TestPyPI:

    pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple/ devaiflow==2.2.0-test1
daf --version

6. Documentation

  • Update RELEASING.md with TestPyPI workflow instructions
  • Add section on testing releases before production
  • Document tag naming convention: v*-test* for TestPyPI, v* for production
  • Update docs/developer/publishing-to-pypi.md with automated workflow reference

Usage Examples

Testing a release:

# 1. Create test release branch
git checkout -b release-2.2-test main

# 2. Update version to test version
# pyproject.toml: version = "2.2.0-test1"
# devflow/__init__.py: __version__ = "2.2.0-test1"

# 3. Tag and push
git add pyproject.toml devflow/__init__.py
git commit -m "chore: bump version to 2.2.0-test1 for TestPyPI"
git tag -a v2.2.0-test1 -m "Test release 2.2.0"
git push origin v2.2.0-test1

# 4. Verify TestPyPI publication
# Check: https://test.pypi.org/project/devaiflow/

# 5. Test installation
pip install --index-url https://test.pypi.org/simple/ \
  --extra-index-url https://pypi.org/simple/ \
  devaiflow==2.2.0-test1

# 6. If successful, proceed with production release using v2.2.0 tag

Manual workflow trigger:

Tag Naming Convention

  • TestPyPI: v2.2.0-test, v2.2.0-test1, v2.2.0-test2
  • Production PyPI: v2.2.0, v2.2.1, v2.3.0

The -test suffix ensures the workflow only triggers for test releases.

Expected Outcomes

After completing this issue:

  • ✅ Safe testing environment for release process
  • ✅ Ability to verify Trusted Publishing works
  • ✅ Catch issues before production release
  • ✅ Confidence in release automation
  • ✅ Best practice Python packaging workflow

References

Acceptance Criteria

  • Workflow file created and committed
  • TestPyPI account created and configured
  • Trusted Publishing configured on TestPyPI
  • GitHub environment testpypi created
  • Test release published successfully to TestPyPI
  • Package installable from TestPyPI
  • Documentation updated (RELEASING.md and publishing-to-pypi.md)

Metadata

Metadata

Assignees

Labels

ci-cdenhancementNew feature or request

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions