apify-sdk-python/.github/workflows/manual_release_stable.yaml at 3487039b7c7a36090b5e8fc85fa15aebe0cd2bbe · apify/apify-sdk-python · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
name: Stable release

on:
  # Runs when manually triggered from the GitHub UI, with options to specify the type of release.
  workflow_dispatch:
    inputs:
      release_type:
        description: Release type
        required: true
        type: choice
        default: auto
        options:
          - auto
          - custom
          - patch
          - minor
          - major
      custom_version:
        description: The custom version to bump to (only for "custom" type)
        required: false
        type: string
        default: ""

concurrency:
  group: release
  cancel-in-progress: false

permissions:
  contents: read

jobs:
  wait_for_checks:
    # Gate the release on the `Checks` workflow already succeeding on this commit (run by `on_master.yaml`).
    name: Wait for required checks
    runs-on: ubuntu-latest
    permissions:
      checks: read
    steps:
      - name: Wait for checks
        uses: apify/actions/wait-for-checks@v1.2.0
        with:
          ref: ${{ github.sha }}
          check-regexp: '^Checks'

  release_prepare:
    name: Release prepare
    needs: [wait_for_checks]
    runs-on: ubuntu-latest
    outputs:
      version_number: ${{ steps.release_prepare.outputs.version_number }}
      tag_name: ${{ steps.release_prepare.outputs.tag_name }}
      changelog: ${{ steps.release_prepare.outputs.changelog }}
      release_notes: ${{ steps.release_prepare.outputs.release_notes }}
    steps:
      - uses: apify/actions/git-cliff-release@v1.1.2
        name: Release prepare
        id: release_prepare
        with:
          release_type: ${{ inputs.release_type }}
          custom_version: ${{ inputs.custom_version }}
          existing_changelog_path: CHANGELOG.md

  changelog_update:
    name: Changelog update
    needs: [release_prepare]
    permissions:
      contents: write
    uses: apify/workflows/.github/workflows/python_bump_and_update_changelog.yaml@main
    with:
      version_number: ${{ needs.release_prepare.outputs.version_number }}
      changelog: ${{ needs.release_prepare.outputs.changelog }}
    secrets: inherit

  github_release:
    name: GitHub release
    needs: [release_prepare, changelog_update]
    runs-on: ubuntu-latest
    permissions:
      contents: write
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
      - name: GitHub release
        uses: softprops/action-gh-release@v2
        with:
          tag_name: ${{ needs.release_prepare.outputs.tag_name }}
          name: ${{ needs.release_prepare.outputs.version_number }}
          target_commitish: ${{ needs.changelog_update.outputs.changelog_commitish }}
          body: ${{ needs.release_prepare.outputs.release_notes }}

  pypi_publish:
    name: PyPI publish
    needs: [release_prepare, changelog_update]
    runs-on: ubuntu-latest
    permissions:
      contents: write
      id-token: write # Required for OIDC authentication.
    environment:
      name: pypi
      url: https://pypi.org/project/apify
    steps:
      - name: Prepare distribution
        uses: apify/actions/prepare-pypi-distribution@v1.1.2
        with:
          package_name: apify
          is_prerelease: ""
          version_number: ${{ needs.release_prepare.outputs.version_number }}
          ref: ${{ needs.changelog_update.outputs.changelog_commitish }}

      - name: Verify built package
        uses: apify/actions/python-package-check@v1.1.0
        with:
          package_name: apify
          dist_dir: dist
          python_version: "3.14"
          smoke_code: |
            from apify import Actor, Configuration, ProxyConfiguration
            Configuration()
            ProxyConfiguration()

      # Publish the package to PyPI using PyPA official GitHub action with OIDC authentication.
      - name: Publish package to PyPI
        uses: pypa/gh-action-pypi-publish@release/v1

  version_docs:
    name: Version docs
    needs: [release_prepare, changelog_update, pypi_publish]
    permissions:
      contents: write
      checks: read
    uses: ./.github/workflows/manual_version_docs.yaml
    with:
      # Pass the bumped version explicitly — the job's checkout uses the dispatch ref (pre-bump),
      # so `uv version --short` from pyproject.toml would return the old version.
      version_number: ${{ needs.release_prepare.outputs.version_number }}
    secrets: inherit

  doc_release:
    name: Doc release
    needs: [changelog_update, pypi_publish, version_docs]
    permissions:
      contents: write
      pages: write
      id-token: write
      checks: read
    uses: ./.github/workflows/manual_release_docs.yaml
    secrets: inherit

  trigger_docker_build:
    name: Trigger Docker image build
    needs: [release_prepare, changelog_update]
    runs-on: ubuntu-latest
    steps:
      # Trigger building the Python Docker images in apify/apify-actor-docker repo
      - name: Trigger Docker image build
        run: |
          gh api -X POST "/repos/apify/apify-actor-docker/dispatches" \
            -F event_type=build-python-images \
            -F 'client_payload[release_tag]=latest' \
            -F 'client_payload[apify_version]=${{ needs.release_prepare.outputs.version_number }}'
        env:
          GH_TOKEN: ${{ secrets.APIFY_SERVICE_ACCOUNT_GITHUB_TOKEN }}