|
| 1 | +name: Build, validate & Release |
| 2 | + |
| 3 | +# Usage: |
| 4 | +# - For PRs: this workflow runs automatically to validate the package builds and installs correctly on multiple Python versions. No artifacts are published for PRs. |
| 5 | +# - For releases: when you push a tag like v1.2.3, this workflow runs the full matrix validation, then builds the release artifacts, and finally publishes to PyPI if all checks pass. |
| 6 | + |
| 7 | +on: |
| 8 | + # Release pipeline: run only when pushing a version-like tag (e.g. v1.2.3) |
| 9 | + push: |
| 10 | + tags: |
| 11 | + - "v*.*.*" |
| 12 | + |
| 13 | + # Validation pipeline: run on PRs targeting main/master (no publishing) |
| 14 | + pull_request: |
| 15 | + branches: [main, master] |
| 16 | + types: [opened, edited, synchronize, reopened] |
| 17 | + |
| 18 | +# This workflow only needs to read repo contents |
| 19 | +permissions: |
| 20 | + contents: read |
| 21 | + |
| 22 | +jobs: |
| 23 | + test_matrix: |
| 24 | + # PR + tag validation: ensure the project builds and installs on multiple Pythons |
| 25 | + name: Test install & smoke (Py ${{ matrix.python-version }}) |
| 26 | + runs-on: ubuntu-latest |
| 27 | + strategy: |
| 28 | + # Run all versions even if one fails (helps spot version-specific issues) |
| 29 | + fail-fast: false |
| 30 | + matrix: |
| 31 | + python-version: ["3.10", "3.11", "3.12"] |
| 32 | + |
| 33 | + steps: |
| 34 | + # Fetch repository sources so we can build/test |
| 35 | + - name: Checkout sources |
| 36 | + uses: actions/checkout@v6 |
| 37 | + |
| 38 | + - name: Set up Python |
| 39 | + uses: actions/setup-python@v6 |
| 40 | + with: |
| 41 | + python-version: ${{ matrix.python-version }} |
| 42 | + |
| 43 | + - name: Install Qt/OpenGL runtime deps (Ubuntu) |
| 44 | + run: | |
| 45 | + sudo apt-get update |
| 46 | + sudo apt-get install -y \ |
| 47 | + libegl1 \ |
| 48 | + libgl1 \ |
| 49 | + libopengl0 \ |
| 50 | + libxkbcommon-x11-0 \ |
| 51 | + libxcb-cursor0 |
| 52 | +
|
| 53 | + # Install packaging toolchain: |
| 54 | + # - build: creates wheel + sdist |
| 55 | + # - twine: validates metadata and can upload (upload only happens in publish job) |
| 56 | + - name: Install build tools |
| 57 | + run: python -m pip install -U pip build twine |
| 58 | + |
| 59 | + # Build distributions just to verify packaging config works on this Python |
| 60 | + - name: Build (for validation only) |
| 61 | + run: python -m build |
| 62 | + |
| 63 | + # Validate dist metadata (README rendering, required fields, etc.) |
| 64 | + - name: Twine check |
| 65 | + run: python -m twine check dist/* |
| 66 | + |
| 67 | + # Smoke test: install the built wheel and verify the package imports |
| 68 | + - name: Install from wheel & smoke test |
| 69 | + run: | |
| 70 | + WHEEL=$(ls -1 dist/*.whl | head -n 1) |
| 71 | + echo "Using wheel: $WHEEL" |
| 72 | + python -m pip install \ |
| 73 | + --extra-index-url https://download.pytorch.org/whl/cpu \ |
| 74 | + "deeplabcut-live-gui[pytorch] @ file://$(pwd)/${WHEEL}" |
| 75 | + python -c "import dlclivegui; print('Imported dlclivegui OK')" |
| 76 | + QT_QPA_PLATFORM=offscreen dlclivegui --help |
| 77 | +
|
| 78 | + build_release: |
| 79 | + # Tag-only build: produce the "official" release artifacts once matrix passed |
| 80 | + name: Build release artifacts |
| 81 | + runs-on: ubuntu-latest |
| 82 | + needs: test_matrix |
| 83 | + # Safety gate: only run for version tags, never for PRs/branches |
| 84 | + if: startsWith(github.ref, 'refs/tags/v') |
| 85 | + |
| 86 | + steps: |
| 87 | + # Fetch sources for the tagged revision |
| 88 | + - name: Checkout sources |
| 89 | + uses: actions/checkout@v6 |
| 90 | + |
| 91 | + # Use a single, modern Python for the canonical release build |
| 92 | + - name: Set up Python (release build) |
| 93 | + uses: actions/setup-python@v6 |
| 94 | + with: |
| 95 | + python-version: "3.12" |
| 96 | + |
| 97 | + # Install build + validation tooling |
| 98 | + - name: Install build tools |
| 99 | + run: python -m pip install -U pip build twine |
| 100 | + |
| 101 | + # Produce both sdist and wheel in dist/ |
| 102 | + - name: Build distributions |
| 103 | + run: python -m build |
| 104 | + |
| 105 | + # Re-check metadata on the final artifacts we intend to publish |
| 106 | + - name: Twine check |
| 107 | + run: python -m twine check dist/* |
| 108 | + |
| 109 | + # Store dist/ outputs so the publish job uploads exactly what we built here |
| 110 | + - name: Upload dist artifacts |
| 111 | + uses: actions/upload-artifact@v4 |
| 112 | + with: |
| 113 | + name: dist |
| 114 | + path: dist/* |
| 115 | + |
| 116 | + publish: |
| 117 | + # Tag-only publish: download built artifacts and upload them to PyPI |
| 118 | + name: Publish to PyPI (API token) |
| 119 | + runs-on: ubuntu-latest |
| 120 | + needs: build_release |
| 121 | + # Safety gate: only run for version tags |
| 122 | + if: startsWith(github.ref, 'refs/tags/v') |
| 123 | + |
| 124 | + steps: |
| 125 | + # Retrieve the exact distributions produced in build_release |
| 126 | + - name: Download dist artifacts |
| 127 | + uses: actions/download-artifact@v4 |
| 128 | + with: |
| 129 | + name: dist |
| 130 | + path: dist |
| 131 | + |
| 132 | + # Set up Python (only needed to run Twine) |
| 133 | + - name: Set up Python (publish) |
| 134 | + uses: actions/setup-python@v6 |
| 135 | + with: |
| 136 | + python-version: "3.x" |
| 137 | + |
| 138 | + # Install twine for uploading |
| 139 | + - name: Install Twine |
| 140 | + run: python -m pip install -U twine |
| 141 | + |
| 142 | + # Upload to PyPI using an API token stored in repo secrets. |
| 143 | + # --skip-existing avoids failing if you re-run a workflow for the same version. |
| 144 | + - name: Publish to PyPI |
| 145 | + env: |
| 146 | + TWINE_USERNAME: __token__ |
| 147 | + TWINE_PASSWORD: ${{ secrets.TWINE_API_KEY }} |
| 148 | + run: python -m twine upload --non-interactive --verbose --skip-existing dist/* |
0 commit comments