diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..31cbe33 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,75 @@ +name: Publish to PyPI + +on: + push: + tags: + - 'metamorph-mda-parser-*' + branches: + - main + +permissions: + contents: read + +jobs: + build: + name: Build wheel and source distribution + if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') + runs-on: ubuntu-latest + + environment: release + permissions: + id-token: write # IMPORTANT: this permission is mandatory for trusted publishing + + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: '3.11' + cache: 'pip' + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install hatch + + - name: Build package + run: hatch build + + - name: Test package + run: hatch run test + + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: python-artifacts + path: dist/* + if-no-files-found: error + + publish: + name: Publish to PyPI + if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') + needs: + - build + runs-on: ubuntu-latest + + permissions: + contents: write + id-token: write # IMPORTANT: this permission is mandatory for trusted publishing + + steps: + - name: Download Python artifacts + uses: actions/download-artifact@v4 + with: + name: python-artifacts + path: dist + - name: Add assets to release + uses: softprops/action-gh-release@v2 + with: + files: dist/* + - name: Publish package distributions to PyPI + uses: pypa/gh-action-pypi-publish@v1.9.0