feat: latest empty push attempt #221
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| env: | |
| PYTHON_VERSION: "3.14" | |
| jobs: | |
| release: | |
| name: Test and release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Set up Python 3.14 | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v7 | |
| with: | |
| enable-cache: true | |
| - name: Install dependencies | |
| run: uv sync --group dev | |
| - name: Run tests | |
| run: uv run pytest -v | |
| - name: Check formatting | |
| run: uv run ruff check | |
| - name: Action | Semantic Version Release | |
| id: release | |
| if: github.ref == 'refs/heads/main' | |
| run: | | |
| # 1. Run the versioning logic | |
| uv run semantic-release -vv version | |
| # 2. Extract version info for subsequent steps | |
| echo "tag=$(uv run semantic-release version --print-tag)" >> $GITHUB_OUTPUT | |
| # 3. Check if a release actually happened | |
| if [ -d "dist" ] && [ "$(ls -A dist)" ]; then | |
| echo "released=true" >> $GITHUB_OUTPUT | |
| fi | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Publish | Upload to GitHub Release Assets | |
| uses: python-semantic-release/publish-action@v10.5.3 | |
| if: steps.release.outputs.released == 'true' | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| tag: ${{ steps.release.outputs.tag }} | |
| - name: Upload | Distribution Artifacts | |
| uses: actions/upload-artifact@v4 | |
| if: steps.release.outputs.released == 'true' | |
| with: | |
| name: distribution-artifacts | |
| path: dist | |
| if-no-files-found: error | |
| deploy: | |
| # 1. Separate out the deploy step from the publish step to run each step at | |
| # the least amount of token privilege | |
| # 2. Also, deployments can fail, and its better to have a separate job if you need to retry | |
| # and it won't require reversing the release. | |
| runs-on: ubuntu-latest | |
| needs: release | |
| if: ${{ needs.release.outputs.released == 'true' }} | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: Setup | Download Build Artifacts | |
| uses: actions/download-artifact@v4 | |
| id: artifact-download | |
| with: | |
| name: distribution-artifacts | |
| path: dist | |
| - name: Publish package distributions to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| packages-dir: dist | |
| print-hash: true | |
| verbose: true |