Revisit GitHub Actions #9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Publishes the package to TestPyPI to smoke-test the publish pipeline. | |
| # | |
| # Triggers: | |
| # • Every push to master (validates the pipeline continuously; existing | |
| # versions are skipped so repeated pushes with the same version are safe). | |
| # • Manual dispatch from the Actions tab (workflow_dispatch). | |
| # | |
| # Authentication: uses TestPyPI Trusted Publisher (OIDC). Configure a | |
| # Trusted Publisher for this repo on test.pypi.org first: | |
| # https://docs.pypi.org/trusted-publishers/adding-a-publisher/ | |
| # | |
| # If you prefer an API token instead, remove the `environment` + `permissions` | |
| # blocks and uncomment: | |
| # password: ${{ secrets.TESTPYPI_API_TOKEN }} | |
| # in the "Publish" step below. | |
| name: Python Client - Publish to TestPyPI | |
| on: | |
| push: | |
| branches: [master] | |
| workflow_dispatch: | |
| jobs: | |
| test: | |
| name: "Test before publish" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.13" | |
| cache: pip | |
| - name: Install dependencies | |
| run: pip install -e ".[dev]" | |
| - name: Test with pytest | |
| run: pytest | |
| publish: | |
| name: "Build and publish to TestPyPI" | |
| runs-on: ubuntu-latest | |
| needs: test | |
| environment: testpypi | |
| permissions: | |
| id-token: write # required for OIDC Trusted Publisher | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.13" | |
| cache: pip | |
| - name: Install build tools | |
| run: pip install build twine | |
| - name: Build distribution | |
| run: python -m build | |
| - name: Check distribution metadata | |
| run: twine check dist/* | |
| - name: Publish to TestPyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ | |
| skip-existing: true # same version from repeated master pushes is harmless | |
| # Uncomment the next line to use an API token instead of Trusted Publisher: | |
| # with: | |
| # repository-url: https://test.pypi.org/legacy/ | |
| # password: ${{ secrets.TESTPYPI_API_TOKEN }} | |
| # skip-existing: true |