Publish Python Package #16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Python Package | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| repository: | |
| description: "Target repository" | |
| required: true | |
| default: "testpypi" | |
| type: choice | |
| options: | |
| - pypi | |
| - testpypi | |
| dry_run: | |
| description: "Dry run (build but do not publish)" | |
| required: true | |
| default: true | |
| type: boolean | |
| jobs: | |
| build: | |
| name: Build Python distribution | |
| runs-on: ubuntu-latest | |
| permissions: | |
| # Required for checkout only | |
| contents: read | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.9" | |
| - name: Install build dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install build twine | |
| - name: Verify version format | |
| run: | | |
| VERSION=$(python -c "import netconan; print(netconan.__version__)") | |
| echo "Current version: $VERSION" | |
| if [[ "$VERSION" == *".dev"* ]]; then | |
| echo "Error: Version contains '.dev' suffix. Please update the version in netconan/__init__.py before publishing." | |
| exit 1 | |
| fi | |
| - name: Build package | |
| run: python -m build | |
| - name: Check package | |
| run: twine check dist/* | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist/ | |
| retention-days: 7 | |
| publish: | |
| name: Publish to ${{ inputs.repository == 'pypi' && 'PyPI' || 'TestPyPI' }} | |
| needs: build | |
| runs-on: ubuntu-latest | |
| # Only run publish job if not a dry run | |
| if: ${{ !inputs.dry_run }} | |
| permissions: | |
| # Required for trusted publishing only | |
| id-token: write | |
| steps: | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist/ | |
| - name: Publish package | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: ${{ inputs.repository == 'pypi' && 'https://upload.pypi.org/legacy/' || 'https://test.pypi.org/legacy/' }} | |
| # No credentials needed for trusted publishing! |