Merge pull request #11 from decibeltrade/workflow/github-release-with… #17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish to PyPI | |
| on: | |
| push: | |
| branches: [main] | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| id-token: write # required for PyPI trusted publishing (OIDC) | |
| jobs: | |
| publish: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 # better gh release --generate-notes | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v8.0.0 | |
| - name: Set up Python | |
| run: uv python install | |
| - name: Check PyPI version | |
| id: version | |
| run: | | |
| LOCAL=$(python3 -c " | |
| import tomllib | |
| with open('pyproject.toml', 'rb') as f: | |
| print(tomllib.load(f)['project']['version']) | |
| ") | |
| PKG_NAME=$(python3 -c " | |
| import tomllib | |
| with open('pyproject.toml', 'rb') as f: | |
| print(tomllib.load(f)['project']['name']) | |
| ") | |
| REMOTE=$(curl -s "https://pypi.org/pypi/${PKG_NAME}/json" \ | |
| | python3 -c "import sys,json; print(json.load(sys.stdin)['info']['version'])" \ | |
| 2>/dev/null || echo "0.0.0") | |
| echo "📦 Package: $PKG_NAME" | |
| echo "📄 Local version: $LOCAL" | |
| echo "🌐 Published version: $REMOTE" | |
| SHOULD_PUBLISH=$(python3 -c " | |
| from packaging.version import Version | |
| print('true' if Version('${LOCAL}') > Version('${REMOTE}') else 'false') | |
| ") | |
| echo "publish=${SHOULD_PUBLISH}" >> "$GITHUB_OUTPUT" | |
| echo "version=${LOCAL}" >> "$GITHUB_OUTPUT" | |
| - name: Install, lint, test, build | |
| if: steps.version.outputs.publish == 'true' | |
| run: | | |
| uv sync | |
| uv run ruff check . | |
| uv run ruff format --check . | |
| uv run pyright | |
| uv run pytest | |
| uv build | |
| - name: Publish to PyPI | |
| if: steps.version.outputs.publish == 'true' | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| # Uses OIDC trusted publishing — no API token needed | |
| - name: Tag release | |
| if: steps.version.outputs.publish == 'true' | |
| run: | | |
| git tag "v${{ steps.version.outputs.version }}" | |
| git push origin "v${{ steps.version.outputs.version }}" | |
| - name: Create GitHub Release | |
| if: steps.version.outputs.publish == 'true' | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| VERSION="${{ steps.version.outputs.version }}" | |
| gh release create "v${VERSION}" \ | |
| --title "v${VERSION}" \ | |
| --generate-notes \ | |
| --verify-tag |