Skip to content

Update dependencies in lockfile #334

Update dependencies in lockfile

Update dependencies in lockfile #334

Workflow file for this run

# SPDX-FileCopyrightText: Contributors to the Fedora Project
#
# SPDX-License-Identifier: LGPL-3.0-or-later
---
name: Test & Build
on: [push, pull_request]
jobs:
tests:
runs-on: ubuntu-latest
container: fedorapython/fedora-python-tox:latest
steps:
- uses: actions/checkout@v4
- name: Mark the directory as safe for git
run: git config --global --add safe.directory $PWD
- name: Install RPM dependencies
run: |
dnf install -y gettext
- name: Install base Python dependencies
run: |
python3 -m pip install --upgrade tox poetry
- name: execute tox
run: tox
# https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/
build:
name: Build distribution πŸ“¦
runs-on: ubuntu-latest
needs:
- tests
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Install pypa/build
run: python3 -m pip install build --user
- name: Build a binary wheel and a source tarball
run: python3 -m build
- name: Store the distribution packages
uses: actions/upload-artifact@v4
with:
name: python-package-distributions
path: dist/
publish-to-pypi:
name: Publish to PyPI πŸš€
if: startsWith(github.ref, 'refs/tags/') && !contains(github.ref, 'rc') # only publish to PyPI on final tag pushes
needs:
- build
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/p/mailman3-fedmsg-plugin
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Publish distribution to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
github-release:
name: Create a GitHub Release πŸ“’
needs:
- publish-to-pypi
runs-on: ubuntu-latest
permissions:
contents: write # IMPORTANT: mandatory for making GitHub Releases
id-token: write # IMPORTANT: mandatory for sigstore
steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Sign the dists with Sigstore
uses: sigstore/gh-action-sigstore-python@v3.0.0
with:
inputs: >-
./dist/*.tar.gz
./dist/*.whl
- name: Release
uses: softprops/action-gh-release@v2
with:
files: dist/*
fail_on_unmatched_files: true
generate_release_notes: true