slowapi
slowapi copied to clipboard
laurentS
ci: publish release to testpypi from github actions
This is a draft of what an automatic package publishing workflow could look like.
TODO:
- [ ] Add automatic changelogs
- [ ] Allow publishing only from
masterbranch - [ ] Restrict publishing to allowed contributors
- [ ] switch from testpypi to production pypi once everything else is done
Proposed way forward from a chat with @twcurrie:
We can use github labels to mark PRs as release|patch, release|minor or release|major which in turn can trigger an automatic version bump and a new release when the corresponding PR is merged.
Action plan for this PR:
- [ ] make the testpypi workflow above work
- [ ] ~~trigger the action from a github label (instead of current git tags)~~ in a separate PR
- [x] enforce semantic PR titles (example here). This should work now using the semantic-prs app.
- [ ] ~~auto-update changelog based on PR titles~~ Will leave this for a separate PR
https://intuit.github.io/auto/ might be a useful tool for this task (although python support does not seem like a priority after a quick look)
@twcurrie @thentgesMindee if you have a moment to take a look at this PR, it'd be great. I've tried to put together something simple to reduce friction when publishing releases. There's some enforcement of semantic PR titles, and a workflow that's ready to publish to pypi. It's currently failing because the version already exists on testpypi, but nothing major. Ideally, I'd love to add a tool to generate automatic changelogs, and bump versions. If you have any recommendations for python, please let me know.
https://github.com/marketplace/actions/pypi-publish#trusted-publishing would recommend setting this up.
The way i like to do things in terms of publishing is have it so it pushes to pypi whenever a new version in the pyproject.toml is committed to main.
Could be a good first step and then use something like https://github.com/mikepenz/release-changelog-builder-action to generate change logs and releases later?
name: Tag and publish client library versions
on:
push:
branches:
- main
jobs:
autotag:
permissions:
contents: 'write'
id-token: 'write'
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/p/slowapi
outputs:
tag-exists: ${{ steps.check-tag-exists.outcome }}
steps:
- name: Checkout
uses: actions/[email protected]
with:
fetch-depth: 0
- name: Setup python
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Setup poetry
run: |
curl -sSL https://install.python-poetry.org | python3 - --version 1.5.0
export PATH=$PATH:$HOME/.local/bin
- name: Get version
run: echo "VERSION=$(poetry version | cut -d ' ' -f2)" >> $GITHUB_ENV
- name: Check tag exists for client library version
id: check-tag-exists
continue-on-error: true
run: >
git tag -l | grep v${{ env.VERSION }} || exit 1
- name: Push tag if none exists
if: ${{ steps.check-tag-exists.outcome == 'failure' }}
uses: actions/github-script@v4
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
const fs = require('fs')
github.git.createRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: `refs/tags/v${{ env.VERSION }}`,
sha: context.sha
})
- name: Build artefact
run: >
poetry build
- name: Publish package distributions to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
