|
5 | 5 | branches: [ master ] |
6 | 6 | pull_request: |
7 | 7 | branches: '*' |
| 8 | + release: |
| 9 | + types: [published] |
8 | 10 |
|
9 | 11 | env: |
10 | 12 | PIP_DISABLE_PIP_VERSION_CHECK: 1 |
@@ -53,10 +55,20 @@ jobs: |
53 | 55 | - name: Build Python package |
54 | 56 | run: python -m build |
55 | 57 |
|
| 58 | + - name: Twine check |
| 59 | + run: | |
| 60 | + pip install --upgrade twine |
| 61 | + twine check dist/*.whl dist/*.tar.gz |
| 62 | +
|
| 63 | + - name: Pack JavaScript package |
| 64 | + run: | |
| 65 | + jlpm pack -o bqplot-gl.tgz |
| 66 | + mv bqplot-gl.tgz dist/ |
| 67 | +
|
56 | 68 | - name: Upload builds |
57 | 69 | uses: actions/upload-artifact@v5 |
58 | 70 | with: |
59 | | - name: dist ${{ github.run_number }} |
| 71 | + name: dist-${{ github.run_number }} |
60 | 72 | path: ./dist |
61 | 73 |
|
62 | 74 | visual-regression-tests: |
|
78 | 90 |
|
79 | 91 | - uses: actions/download-artifact@v4 |
80 | 92 | with: |
81 | | - name: dist ${{ github.run_number }} |
| 93 | + name: dist-${{ github.run_number }} |
82 | 94 | path: ./dist |
83 | 95 |
|
84 | 96 | - name: Install the package |
@@ -118,3 +130,105 @@ jobs: |
118 | 130 | path: | |
119 | 131 | ui-tests/test-results |
120 | 132 | ui-tests/playwright-report |
| 133 | +
|
| 134 | + publish-pypi: |
| 135 | + runs-on: ubuntu-latest |
| 136 | + needs: [build, visual-regression-tests] |
| 137 | + permissions: |
| 138 | + id-token: write |
| 139 | + environment: |
| 140 | + name: ${{ github.event_name == 'release' && 'release-pypi' || '' }} |
| 141 | + |
| 142 | + steps: |
| 143 | + - uses: actions/download-artifact@v4 |
| 144 | + with: |
| 145 | + name: dist-${{ github.run_number }} |
| 146 | + path: ./dist |
| 147 | + |
| 148 | + - name: Keep only PyPI artifacts |
| 149 | + run: | |
| 150 | + rm -f dist/*.tgz |
| 151 | + ls -la dist/ |
| 152 | +
|
| 153 | + - name: Verify tag matches wheel version |
| 154 | + if: github.event_name == 'release' |
| 155 | + run: | |
| 156 | + TAG="${{ github.event.release.tag_name }}" |
| 157 | + WHEEL_VERSION=$(ls dist/bqplot_gl-*.whl | sed -E 's|.*/bqplot_gl-([^-]+)-.*\.whl|\1|') |
| 158 | + echo "Release tag: $TAG" |
| 159 | + echo "Wheel version: $WHEEL_VERSION" |
| 160 | + if [ "$TAG" != "$WHEEL_VERSION" ]; then |
| 161 | + echo "::error::Release tag '$TAG' does not match wheel version '$WHEEL_VERSION'" |
| 162 | + exit 1 |
| 163 | + fi |
| 164 | +
|
| 165 | + - uses: actions/setup-python@v5 |
| 166 | + with: |
| 167 | + python-version: '3.11' |
| 168 | + |
| 169 | + - name: Twine check |
| 170 | + run: | |
| 171 | + python -m pip install --upgrade pip twine |
| 172 | + twine check dist/*.whl dist/*.tar.gz |
| 173 | +
|
| 174 | + - name: Publish to PyPI (Trusted Publisher) |
| 175 | + if: github.event_name == 'release' |
| 176 | + uses: pypa/gh-action-pypi-publish@release/v1 |
| 177 | + |
| 178 | + publish-npm: |
| 179 | + runs-on: ubuntu-latest |
| 180 | + needs: [build, visual-regression-tests] |
| 181 | + permissions: |
| 182 | + id-token: write |
| 183 | + contents: read |
| 184 | + environment: |
| 185 | + name: ${{ github.event_name == 'release' && 'release-npm' || '' }} |
| 186 | + |
| 187 | + steps: |
| 188 | + - uses: actions/download-artifact@v4 |
| 189 | + with: |
| 190 | + name: dist-${{ github.run_number }} |
| 191 | + path: ./dist |
| 192 | + |
| 193 | + - uses: actions/setup-node@v4 |
| 194 | + with: |
| 195 | + node-version: '20' |
| 196 | + registry-url: 'https://registry.npmjs.org' |
| 197 | + |
| 198 | + - name: Upgrade npm to a version that supports trusted publishing |
| 199 | + run: npm install -g npm@latest |
| 200 | + |
| 201 | + - name: Show npm package version |
| 202 | + run: | |
| 203 | + NPM_VERSION=$(tar -xOf dist/bqplot-gl.tgz package/package.json | node -p "JSON.parse(require('fs').readFileSync(0, 'utf8')).version") |
| 204 | + echo "Will publish bqplot-gl@$NPM_VERSION" |
| 205 | + echo "NPM_VERSION=$NPM_VERSION" >> "$GITHUB_ENV" |
| 206 | +
|
| 207 | + - name: Check npm version |
| 208 | + id: npm_check |
| 209 | + run: | |
| 210 | + if npm view "bqplot-gl@$NPM_VERSION" version > /dev/null 2>&1; then |
| 211 | + echo "already_published=true" >> "$GITHUB_OUTPUT" |
| 212 | + echo "bqplot-gl@$NPM_VERSION is already on npm" |
| 213 | + else |
| 214 | + echo "already_published=false" >> "$GITHUB_OUTPUT" |
| 215 | + echo "bqplot-gl@$NPM_VERSION not yet on npm" |
| 216 | + fi |
| 217 | +
|
| 218 | + - name: Fail if releasing an already-published version |
| 219 | + if: github.event_name == 'release' && steps.npm_check.outputs.already_published == 'true' |
| 220 | + run: | |
| 221 | + echo "::error::bqplot-gl@$NPM_VERSION is already on npm; bump package.json before releasing" |
| 222 | + exit 1 |
| 223 | +
|
| 224 | + - name: npm publish (dry-run) |
| 225 | + if: github.event_name != 'release' && steps.npm_check.outputs.already_published == 'false' |
| 226 | + run: npm publish ./dist/bqplot-gl.tgz --access public --dry-run |
| 227 | + |
| 228 | + - name: Skip dry-run (version already published) |
| 229 | + if: github.event_name != 'release' && steps.npm_check.outputs.already_published == 'true' |
| 230 | + run: echo "::notice::bqplot-gl@$NPM_VERSION is already on npm; skipping dry-run. Bump package.json on a release-prep PR to exercise the full publish flow." |
| 231 | + |
| 232 | + - name: npm publish (Trusted Publisher) |
| 233 | + if: github.event_name == 'release' |
| 234 | + run: npm publish ./dist/bqplot-gl.tgz --access public --provenance |
0 commit comments