diff --git a/.github/workflows/pypi-package.yml b/.github/workflows/pypi-package.yml index daae8068..66bf66ba 100644 --- a/.github/workflows/pypi-package.yml +++ b/.github/workflows/pypi-package.yml @@ -7,23 +7,137 @@ on: tags: - "v*" -permissions: - contents: read - jobs: + build: + name: Build distribution 📦 + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: "3.x" + - name: Install pypa/build + run: >- + python3 -m + pip install + build + --user + - name: Build a binary wheel and a source tarball + run: python3 -m build + - name: Store the distribution packages + uses: actions/upload-artifact@v3 + with: + name: python-package-distributions + path: dist/ - # Release to PyPI after a RELEASE gets PUBLISHED in @spacetelescope/astrocut/main publish-to-pypi: - uses: OpenAstronomy/github-actions-workflows/.github/workflows/publish_pure_python.yml@v1 - name: Publish to PyPI + name: >- + Publish Python 🐍 distribution 📦 to PyPI + if: startsWith(github.ref, 'refs/tags/') # only publish to PyPI on tag pushes + needs: + - build + runs-on: ubuntu-latest + environment: + name: pypi + url: https://pypi.org/p/astrocut # Replace with your PyPI project name permissions: - id-token: write + id-token: write # IMPORTANT: mandatory for trusted publishing + + steps: + - name: Download all the dists + uses: actions/download-artifact@v3 + with: + name: python-package-distributions + path: dist/ + - name: Publish distribution 📦 to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 + + # github-release: + # name: >- + # Sign the Python 🐍 distribution 📦 with Sigstore + # and upload them to GitHub Release + # needs: + # - publish-to-pypi + # runs-on: ubuntu-latest + + # permissions: + # contents: write # IMPORTANT: mandatory for making GitHub Releases + # id-token: write # IMPORTANT: mandatory for sigstore + + # steps: + # - name: Download all the dists + # uses: actions/download-artifact@v3 + # with: + # name: python-package-distributions + # path: dist/ + # - name: Sign the dists with Sigstore + # uses: sigstore/gh-action-sigstore-python@v2.1.1 + # with: + # inputs: >- + # ./dist/*.tar.gz + # ./dist/*.whl + # - name: Create GitHub Release + # env: + # GITHUB_TOKEN: ${{ github.token }} + # run: >- + # gh release create + # '${{ github.ref_name }}' + # --repo '${{ github.repository }}' + # --notes "" + # - name: Upload artifact signatures to GitHub Release + # env: + # GITHUB_TOKEN: ${{ github.token }} + # # Upload to GitHub Release using the `gh` CLI. + # # `dist/` contains the built packages, and the + # # sigstore-produced signatures and certificates. + # run: >- + # gh release upload + # '${{ github.ref_name }}' dist/** + # --repo '${{ github.repository }}' + + # publish-to-testpypi: + # name: Publish Python 🐍 distribution 📦 to TestPyPI + # needs: + # - build + # runs-on: ubuntu-latest + + # environment: + # name: testpypi + # url: https://test.pypi.org/p/ + + # permissions: + # id-token: write # IMPORTANT: mandatory for trusted publishing + + # steps: + # - name: Download all the dists + # uses: actions/download-artifact@v3 + # with: + # name: python-package-distributions + # path: dist/ + # - name: Publish distribution 📦 to TestPyPI + # uses: pypa/gh-action-pypi-publish@release/v1 + # with: + # repository-url: https://test.pypi.org/legacy/ + +# jobs: + +# # Release to PyPI after a RELEASE gets PUBLISHED in @spacetelescope/astrocut/main +# publish-to-pypi: +# uses: OpenAstronomy/github-actions-workflows/.github/workflows/publish_pure_python.yml@v1 +# name: Publish to PyPI +# permissions: +# id-token: write +# environment: +# name: pypi + - # We only want to upload to PyPI after a new release has been published on the @spacetelescope/astrocut repo - if: github.repository_owner == 'spacetelescope' && github.event_name == 'push' - with: - test_extras: test - test_command: pytest --pyargs astrocut +# # We only want to upload to PyPI after a new release has been published on the @spacetelescope/astrocut repo +# if: github.repository_owner == 'spacetelescope' && github.event_name == 'push' +# with: +# test_extras: test +# test_command: pytest --pyargs astrocut # jobs: # pypi-publish: