This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Build package and upload to test PyPI and PyPI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - "*" | |
| release: | |
| types: | |
| - published | |
| workflow_dispatch: | |
| jobs: | |
| build-package: | |
| name: Build package | |
| runs-on: ubuntu-latest | |
| permissions: | |
| attestations: write | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - uses: hynek/build-and-inspect-python-package@14c7e53f5d033cfa99f7af916fa59a6f7f356394 | |
| with: | |
| attest-build-provenance-github: 'true' | |
| # Upload to Test PyPI on every commit on main. | |
| release-test-pypi: | |
| name: Upload release to test.pypi.org | |
| runs-on: ubuntu-latest | |
| needs: build-package | |
| environment: | |
| name: release-test-pypi | |
| url: https://test.pypi.org/project/music-playlists | |
| if: github.repository_owner == 'cofiem' && github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| permissions: | |
| # "id-token: write" is needed for PyPI Trusted Publishing | |
| id-token: write | |
| steps: | |
| - name: Download packages built by build-package | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: Packages | |
| path: dist | |
| - name: Upload package to Test PyPI | |
| uses: pypa/gh-action-pypi-publish@67339c736fd9354cd4f8cb0b744f2b82a74b5c70 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ | |
| print-hash: true | |
| verbose: true | |
| # Upload to real PyPI on GitHub Releases. | |
| release-pypi: | |
| name: Upload release to pypi.org | |
| runs-on: ubuntu-latest | |
| needs: build-package | |
| environment: | |
| name: release-pypi | |
| url: https://pypi.org/project/music-playlists | |
| if: github.repository_owner == 'cofiem' && github.event.action == 'published' && startsWith(github.ref, 'refs/tags') | |
| permissions: | |
| # "id-token: write" is needed for PyPI Trusted Publishing | |
| id-token: write | |
| steps: | |
| - name: Download packages built by build-package | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: Packages | |
| path: dist | |
| - name: Upload package to PyPI | |
| uses: pypa/gh-action-pypi-publish@67339c736fd9354cd4f8cb0b744f2b82a74b5c70 | |
| with: | |
| print-hash: true | |
| verbose: true |