-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
UID2-2330 Create .github/workflows/shared-publish-to-pypi-versioned.y…
…aml (#81) * Create .github/workflows/shared-publish-to-pypi-versioned.yaml * Make changes for testing simple version * Update changelog * Revert testing changes
- Loading branch information
1 parent
2f7990e
commit df3e8d6
Showing
1 changed file
with
107 additions
and
0 deletions.
There are no files selected for viewing
107 changes: 107 additions & 0 deletions
107
.github/workflows/shared-publish-to-pypi-versioned.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,107 @@ | ||
| name: Shared Pipeline to build and publish Python packages to Pypi | ||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| release_type: | ||
| description: The type of version number to return. Must be one of [Patch, Minor or Major] | ||
| required: true | ||
| type: string | ||
| vulnerability_failure_severity: | ||
| description: The severity to fail the workflow if such vulnerability is detected. DO NOT override it unless a Jira ticket is raised. Must be one of ['CRITICAL', 'CRITICAL,HIGH' or 'CRITICAL,HIGH,MEDIUM'] (without space in between). | ||
| type: string | ||
| default: 'CRITICAL,HIGH' | ||
| working_dir: | ||
| description: The path to the directory for which the version should be determined. | ||
| type: string | ||
| default: '.' | ||
|
|
||
| env: | ||
| REPO: ${{ github.event.repository.name }} | ||
|
|
||
| jobs: | ||
| release: | ||
| name: Create Release | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| pull-requests: write | ||
| contents: write | ||
| security-events: write | ||
| packages: write | ||
| steps: | ||
| - name: Show Context | ||
| run: | | ||
| printenv | ||
| echo "$GITHUB_CONTEXT" | ||
| shell: bash | ||
| env: | ||
| GITHUB_CONTEXT: ${{ toJson(github) }} | ||
|
|
||
| - name: Check branch and release type | ||
| id: checkRelease | ||
| uses: IABTechLab/uid2-shared-actions/actions/check_branch_and_release_type@v2 | ||
| with: | ||
| release_type: ${{ inputs.release_type }} | ||
|
|
||
| - name: Checkout repo | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
|
|
||
| - name: Vulnerability Scan | ||
| uses: IABTechLab/uid2-shared-actions/actions/vulnerability_scan_filesystem@v2 | ||
| with: | ||
| scan_severity: HIGH,CRITICAL | ||
| failure_severity: ${{ inputs.vulnerability_failure_severity }} | ||
|
|
||
| - name: Set version number | ||
| id: version | ||
| uses: IABTechLab/uid2-shared-actions/actions/version_number@v2 | ||
| with: | ||
| type: ${{ inputs.release_type }} | ||
| branch_name: ${{ github.ref }} | ||
| working_dir: ${{ inputs.working_dir }} | ||
| short_name: Yes | ||
|
|
||
| - name: Update pyproject.toml | ||
| run: | | ||
| OLD_VERSION=`cat ${{ inputs.working_dir }}/pyproject.toml | grep ^version | cut -d '"' -f 2` | ||
| OLD_VERSION="\"$OLD_VERSION\"" | ||
| NEW_VERSION="\"${{ steps.version.outputs.new_version }}\"" | ||
| sed -i "s+version = $OLD_VERSION+version = $NEW_VERSION+g" ${{ inputs.working_dir }}/pyproject.toml | ||
| - name: Build | ||
| run: | | ||
| python3 -m pip install --upgrade build | ||
| python3 -m build | ||
| - name: Publish | ||
| run: | | ||
| python3 -m pip install --upgrade twine | ||
| python3 -m twine upload dist/* -u __token__ -p "${{ secrets.PYPI_API_KEY }}" | ||
| - name: Commit pyproject.toml, version.json and set tag | ||
| uses: IABTechLab/uid2-shared-actions/actions/commit_pr_and_merge@v2 | ||
| with: | ||
| add: '${{ inputs.working_dir }}/pyproject.toml ${{ inputs.working_dir }}/version.json' | ||
| message: 'Released ${{ inputs.release_type }} version: ${{ steps.version.outputs.new_version }}' | ||
| tag: v${{ steps.version.outputs.new_version }} | ||
|
|
||
| - name: Build Changelog | ||
| id: github_release | ||
| uses: mikepenz/release-changelog-builder-action@v4 | ||
| with: | ||
| toTag: v${{ steps.version.outputs.new_version }} | ||
| configurationJson: | | ||
| { | ||
| "template": "#{{CHANGELOG}}\n## Pypi\n```\n<dependency>\n <groupId>com.uid2</groupId>\n <artifactId>${{ env.REPO }}</artifactId>\n <version>${{ steps.version.outputs.new_version }}</version>\n</dependency>\n```\n\n## Pypi Files\n- [uid2_client-${{ steps.version.outputs.new_version }}.tar.gz](https://pypi.org/project/uid2-client/)\n\n## Changelog\n#{{UNCATEGORIZED}}", | ||
| "pr_template": " - #{{TITLE}} - ( PR: ##{{NUMBER}} )" | ||
| } | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: Create Release | ||
| uses: softprops/action-gh-release@v1 | ||
| with: | ||
| name: v${{ steps.version.outputs.new_version }} | ||
| body: ${{ steps.github_release.outputs.changelog }} | ||
| draft: true |