commitizen/.github/workflows/pythonpublish.yml at c3b753f70e14c2566ab74ca383c1aa89b4b86d11 · commitizen-tools/commitizen · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
name: Upload Python Package

# With the current configuration this workflow will be
# triggered via `workflow_dispatch` in `bumpversion.yml`.
# We leave the `push.tags` trigger to allow for manual releases
# in case we need to bump locally, and we actively push the tag.
# The PERSONAL_ACCESS_TOKEN is no longer needed as we use the OIDC token instead.
# We favor this approach because it requires less steps to set up and is more secure.
on:
  push:
    tags:
      - "v*"
  workflow_dispatch:
    inputs:
      version:
        description: "Version to trigger"
        required: true

jobs:
  deploy:
    if: ${{ github.repository == 'commitizen-tools/commitizen' }}
    runs-on: ubuntu-latest
    permissions:
      id-token: write
      contents: read
    steps:
      - uses: actions/checkout@v6
        with:
          fetch-depth: 0
          ref: ${{ inputs.version || github.ref_name }}
      - name: Set up Python
        uses: astral-sh/setup-uv@v7
      - name: Build
        run: uv build
      - name: Publish package to PyPI
        uses: pypa/gh-action-pypi-publish@release/v1