Release Orchestration #79
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Orchestration | |
| permissions: | |
| actions: read | |
| contents: read | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| build-variant: | |
| description: "Build Variant" | |
| type: choice | |
| default: "dev" | |
| options: | |
| - dev | |
| - alpha | |
| - beta | |
| - rc | |
| - release | |
| publish-to: | |
| description: "Where to publish the package to" | |
| type: choice | |
| default: "none" | |
| options: | |
| - none | |
| - all | |
| - pypi-test | |
| - pypi-prod | |
| env: | |
| PYTHON_VERSION: "3.13" | |
| jobs: | |
| generate-build-number: | |
| name: "Generate build number" | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: write | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| outputs: | |
| version: ${{steps.gen-buildnum.outputs.version}} | |
| version-with-buildnum: ${{steps.gen-buildnum.outputs.version-with-buildnum}} | |
| steps: | |
| - name: "Checkout code" | |
| uses: actions/checkout@v4 | |
| - name: "Generate unique version and build numbers" | |
| id: gen-buildnum | |
| uses: ./.github/actions/version-dot-buildnum-generate | |
| with: | |
| build-variant: ${{ inputs.build-variant }} | |
| - name: "Tag repository" | |
| # Tagging is part of the build number generation at the start of the | |
| # pipeline because tag uniqueness serves as a synchronization | |
| # mechanism to prevent multiple releases of the same version. | |
| run: | | |
| set -x | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "CICD for github repository ${GITHUB_REPOSITORY}" | |
| if [ "${{ steps.gen-buildnum.outputs.variant-raw }}" = "release" ] | |
| then | |
| git tag -a -m "Tagging from release orchestration pipeline" "${{steps.gen-buildnum.outputs.version}}" | |
| git push origin "${{steps.gen-buildnum.outputs.version}}" | |
| fi | |
| git tag -a -m "Tagging from release orchestration pipeline" "${{steps.gen-buildnum.outputs.version-with-buildnum}}" | |
| git push origin "${{steps.gen-buildnum.outputs.version-with-buildnum}}" | |
| test: | |
| name: "Prerelease Tests" | |
| uses: ./.github/workflows/test.yml | |
| # We do not really need the build number, but this gates the job so we do not waste | |
| # time testing a build that is attempting an illegal clobbering of a released version. | |
| needs: generate-build-number | |
| generate-release: | |
| name: "Create Github Release" | |
| runs-on: ubuntu-latest | |
| needs: [test, generate-build-number] | |
| permissions: write-all | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| steps: | |
| - name: "Create Github Release" | |
| uses: actions/create-release@v1 | |
| with: | |
| tag_name: "${{ needs.generate-build-number.outputs.version-with-buildnum }}" | |
| release_name: "${{ needs.generate-build-number.outputs.version-with-buildnum }}" | |
| draft: true # During CICD testing and development | |
| prerelease: ${{ inputs.version-prerelease }} | |
| package: | |
| name: "Build Release Artifacts" | |
| uses: ./.github/workflows/release-build.yml | |
| needs: [test, generate-build-number] | |
| publish: | |
| name: "Publish Release Artifacts" | |
| uses: ./.github/workflows/release-publish.yml | |
| needs: [package, generate-release, generate-build-number] | |
| with: | |
| publish-to: ${{inputs.publish-to}} | |
| secrets: | |
| PYPI_API_TOKEN: ${{ secrets.PYPI_API_TOKEN }} | |
| PYPI_API_TOKEN_TEST: ${{ secrets.PYPI_API_TOKEN_TEST }} |