1 files changed, 73 insertions, 0 deletions

diff --git a/.github/workflows/release-python.yml b/.github/workflows/release-python.yml
new file mode 100644
index 0000000..3ca68a9
--- /dev/null
+++ b/.github/workflows/release-python.yml
@@ -0,0 +1,73 @@
+---
+name: release python
+
+on:
+  push:
+    branches: [master]
+    tags:
+      - '**'
+  pull_request:
+    branches: [master]
+
+  workflow_dispatch:
+
+jobs:
+  build_sdist:
+    name: Build source distribution
+    runs-on: ubuntu-latest
+    container:
+      image: ghcr.io/igaw/linux-nvme/debian.python:latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Allow workspace
+        run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
+
+      - name: Build sdist
+        run: pipx run build --sdist
+
+      - uses: actions/upload-artifact@v4
+        with:
+          path: dist/*.tar.gz
+          retention-days: 5
+
+  upload_test_pypi:
+    needs: [build_sdist]
+    runs-on: ubuntu-latest
+    if: startsWith(github.ref, 'refs/tags/v')
+    steps:
+      - uses: actions/download-artifact@v4
+        with:
+          name: artifact
+          path: dist
+
+      - name: Publish package to TestPyPI
+        uses: pypa/gh-action-pypi-publish@release/v1.5
+        with:
+          user: __token__
+          password: ${{ secrets.TEST_PYPI_API_TOKEN }}
+          repository_url: https://test.pypi.org/legacy/
+
+  upload_pypi:
+    needs: [build_sdist]
+    runs-on: ubuntu-latest
+    if: startsWith(github.ref, 'refs/tags/v') && github.repository == 'linux-nvme/libnvme'
+    steps:
+      - name: Check if it is a release tag
+        id: check-tag
+        run: |
+           if [[ ${{ github.event.ref }} =~ ^refs/tags/v([0-9]+\.[0-9]+)(\.[0-9]+)?(-rc[0-9]+)?$ ]]; then
+               echo ::set-output name=match::true
+           fi
+      - name: Download artifiact
+        uses: actions/download-artifact@v4
+        if: steps.check-tag.outputs.match == 'true'
+        with:
+          name: artifact
+          path: dist
+      - name: Publish package to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1.5
+        if: steps.check-tag.outputs.match == 'true'
+        with:
+          user: __token__
+          password: ${{ secrets.PYPI_API_TOKEN }}