Build aboutcode.api_auth Python distributions and publish on PyPI #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build aboutcode.api_auth Python distributions and publish on PyPI | |
| on: | |
| workflow_dispatch: | |
| push: | |
| tags: | |
| - "aboutcode.api_auth/*" | |
| jobs: | |
| build: | |
| name: Build and publish library to PyPI | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false # do not keep the token around | |
| - name: Set up Python | |
| uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 | |
| with: | |
| python-version: 3.14 | |
| - name: Install flot | |
| run: python -m pip install flot --user | |
| - name: Build a binary wheel and a source tarball | |
| run: python -m flot --pyproject pipeline-pyproject.toml --sdist --wheel --output-dir dist/ | |
| - name: Upload package distributions as GitHub workflow artifacts | |
| uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| # Only set the id-token: write permission in the job that does publishing, not globally. | |
| # Also, separate building from publishing — this makes sure that any scripts | |
| # maliciously injected into the build or test environment won't be able to elevate | |
| # privileges while flying under the radar. | |
| pypi-publish: | |
| name: Upload package distributions to PyPI | |
| if: startsWith(github.ref, 'refs/tags/') # only publish to PyPI on tag pushes | |
| needs: | |
| - build | |
| runs-on: ubuntu-24.04 | |
| environment: | |
| name: pypi | |
| url: https://pypi.org/p/aboutcode.api_auth | |
| permissions: | |
| id-token: write # IMPORTANT: this permission is mandatory for trusted publishing | |
| steps: | |
| - name: Download all the dists | |
| uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 |