--- name: release python on: push: branches: [master] tags: - '**' pull_request: branches: [master] workflow_dispatch: jobs: build_sdist: name: Build source distribution runs-on: ubuntu-latest container: image: ghcr.io/linux-nvme/debian.python:latest steps: - uses: actions/checkout@v4 - name: Allow workspace run: git config --global --add safe.directory "$GITHUB_WORKSPACE" - name: Build sdist run: pipx run build --sdist - uses: actions/upload-artifact@v4 with: path: dist/*.tar.gz retention-days: 5 upload_test_pypi: needs: [build_sdist] runs-on: ubuntu-latest if: startsWith(github.ref, 'refs/tags/v') steps: - uses: actions/download-artifact@v4 with: name: artifact path: dist - name: Publish package to TestPyPI uses: pypa/gh-action-pypi-publish@release/v1.5 with: user: __token__ password: ${{ secrets.TEST_PYPI_API_TOKEN }} repository_url: https://test.pypi.org/legacy/ upload_pypi: needs: [build_sdist] runs-on: ubuntu-latest if: startsWith(github.ref, 'refs/tags/v') && github.repository == 'linux-nvme/libnvme' steps: - name: Check if it is a release tag id: check-tag run: | if [[ ${{ github.event.ref }} =~ ^refs/tags/v([0-9]+\.[0-9]+)(\.[0-9]+)?(-rc[0-9]+)?$ ]]; then echo ::set-output name=match::true fi - name: Download artifiact uses: actions/download-artifact@v4 if: steps.check-tag.outputs.match == 'true' with: name: artifact path: dist - name: Publish package to PyPI uses: pypa/gh-action-pypi-publish@release/v1.5 if: steps.check-tag.outputs.match == 'true' with: user: __token__ password: ${{ secrets.PYPI_API_TOKEN }}