-
Notifications
You must be signed in to change notification settings - Fork 4
162 lines (138 loc) · 5.84 KB
/
Copy pathrelease.yml
File metadata and controls
162 lines (138 loc) · 5.84 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
name: Semantic Release
on:
push:
branches: [main]
jobs:
run_backend_tests:
uses: ./.github/workflows/backend-ci.yml
release:
needs: run_backend_tests
runs-on: ubuntu-latest
if: github.ref_name == 'main'
concurrency:
group: ${{ github.workflow }}-release-${{ github.ref_name }}
cancel-in-progress: false
permissions:
contents: write
steps:
# Note: We checkout the repository at the branch that triggered the workflow.
# Python Semantic Release will automatically convert shallow clones to full clones
# if needed to ensure proper history evaluation. However, we forcefully reset the
# branch to the workflow sha because it is possible that the branch was updated
# while the workflow was running, which prevents accidentally releasing un-evaluated
# changes.
- name: Setup | Checkout Repository on Release Branch
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
ref: ${{ github.ref_name }}
- name: Setup | Force release branch to be at workflow sha
run: |
git reset --hard ${{ github.sha }}
- name: Action | Semantic Version Release
id: release
# Adjust tag with desired version if applicable.
uses: python-semantic-release/python-semantic-release@350c48fcb3ffcdfd2e0a235206bc2ecea6b69df0 # v10.5.3
with:
github_token: ${{ secrets.OPENEDX_SEMANTIC_RELEASE_GITHUB_TOKEN }}
git_committer_name: "github-actions"
git_committer_email: "actions@users.noreply.github.com"
changelog: "false"
directory: './backend-plugin-sample'
- name: Publish | Upload to GitHub Release Assets
uses: python-semantic-release/publish-action@310a9983a0ae878b29f3aac778d7c77c1db27378 # v10.5.3
if: steps.release.outputs.released == 'true'
with:
github_token: ${{ secrets.OPENEDX_SEMANTIC_RELEASE_GITHUB_TOKEN }}
tag: ${{ steps.release.outputs.tag }}
directory: './backend-plugin-sample'
- name: Upload | Backend Distribution Artifacts
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
if: steps.release.outputs.released == 'true'
with:
name: backend-distribution-artifacts
path: backend-plugin-sample/dist
if-no-files-found: error
- name: Build | Tutor Plugin
# The tutor plugin does not use python-semantic-release directly.
# Instead it shares the version determined by the backend's semantic
# release above, passed in via SETUPTOOLS_SCM_PRETEND_VERSION so that
# setuptools-scm picks it up at build time.
if: steps.release.outputs.released == 'true'
run: pip install build && SETUPTOOLS_SCM_PRETEND_VERSION=${{ steps.release.outputs.version }} python -m build
working-directory: './tutor-contrib-sample'
- name: Upload | Tutor Plugin Distribution Artifacts
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
if: steps.release.outputs.released == 'true'
with:
name: tutor-distribution-artifacts
path: tutor-contrib-sample/dist
if-no-files-found: error
outputs:
released: ${{ steps.release.outputs.released || 'false' }}
version: ${{ steps.release.outputs.version }}
publish_to_pypi:
# 1. Separate out the publish step from the github release step to run each step at
# the least amount of token privilege
# 2. Also, publishing can fail, and its better to have a separate job if you need to retry
# and it won't require reversing the release.
runs-on: ubuntu-latest
needs: release
if: github.ref_name == 'main' && needs.release.outputs.released == 'true'
permissions:
contents: read
id-token: write
steps:
- name: Setup | Download Build Artifacts
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
id: artifact-download
with:
name: backend-distribution-artifacts
path: backend-plugin-sample/dist
- name: Publish to PyPi
uses: pypa/gh-action-pypi-publish@release/v1
with:
packages-dir: backend-plugin-sample/dist
user: __token__
password: ${{ secrets.PYPI_UPLOAD_TOKEN }}
publish_tutor_plugin_to_pypi:
runs-on: ubuntu-latest
needs: release
if: github.ref_name == 'main' && needs.release.outputs.released == 'true'
permissions:
contents: read
id-token: write
steps:
- name: Setup | Download Build Artifacts
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
with:
name: tutor-distribution-artifacts
path: tutor-contrib-sample/dist
- name: Publish to PyPi
uses: pypa/gh-action-pypi-publish@release/v1
with:
packages-dir: tutor-contrib-sample/dist
user: __token__
password: ${{ secrets.PYPI_UPLOAD_TOKEN }}
publish_to_npm:
runs-on: ubuntu-latest
needs: release
if: github.ref_name == 'main' && needs.release.outputs.released == 'true'
permissions:
contents: read
id-token: write
steps:
- name: Setup | Checkout Repository on Release Ref
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
ref: ${{ github.sha }}
- name: Setup Node.js
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version-file: './frontend-plugin-sample/.nvmrc'
- name: Update the package version and publish
run: |
npm install --include=dev
npm version ${{ needs.release.outputs.version }}
npm run build
npm publish
working-directory: './frontend-plugin-sample'