feat(ci/releaserc): rollback previous change and trigger minor releas… #27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| workflow_run: # would only fire after file is merged to master | |
| workflows: ["Lint and test"] | |
| types: | |
| - completed | |
| branches: | |
| - master | |
| - 'ci/**' # ci testing, pre-releases | |
| #- develop # can emit -dev releases but we do not want to | |
| workflow_dispatch: | |
| inputs: | |
| dry_run: | |
| description: "Run in dry-run mode (no publish)" | |
| required: false | |
| default: "true" | |
| push: # only temporary, until this file lands on master (see above) | |
| branches: | |
| - 'ci/**' | |
| # MUSTHAVE: Trusted publisher access for both repos. | |
| # NOTE: according to docs, 'test' repo accounts are ephemeral and can be wiped at any time | |
| # NOTE: 'test' accs are not that ephmeperal -- losing access to sandbox account (2FA issue) effectively locked us out of project; good test for workarounds though | |
| # NOTE: as a part of regaining-control scenario we may use distinct project names in pyroject.toml (e.g. appmap-dev, appmap-ng) | |
| env: | |
| DRY_RUN: ${{ github.event.inputs.dry_run || 'false' }} | |
| pypi_project: appmap | |
| testpypi_project: appmap-dev # workaround for lost-access scenario | |
| jobs: | |
| release: | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'workflow_dispatch' || (github.event_name=='push' && startsWith(github.ref_name,'ci/') ) || (github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success' && (github.event.workflow_run.head_branch == 'master' || startsWith(github.event.workflow_run.head_branch, 'ci/') ) ) | |
| permissions: | |
| contents: write | |
| issues: write | |
| pull-requests: write | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: ./.github/actions/setup-semantic-release # node+semantic-release | |
| - uses: ./.github/actions/setup # poetry | |
| - id: semantic-release # branch policies defined in .releaserc | |
| env: | |
| GIT_AUTHOR_NAME: appland-release | |
| GIT_AUTHOR_EMAIL: release@app.land | |
| GIT_COMMITTER_NAME: appland-release | |
| GIT_COMMITTER_EMAIL: release@app.land | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| DISTRIBUTION_NAME: ${{ github.ref_name=='master' && env.pypi_project || env.testpypi_project }} | |
| run: | | |
| if [ "$DRY_RUN" = "true" ]; then | |
| semantic-release --dry-run | |
| else | |
| semantic-release | |
| fi | |
| - name: Upload wheel | |
| if: env.DRY_RUN != 'true' | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: wheel | |
| path: dist/*.whl | |
| - name: Upload sdist | |
| if: env.DRY_RUN != 'true' | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: sdist | |
| path: dist/*.tar.gz | |
| outputs: # not reused in fact | |
| release_tag: ${{ steps.semantic-release.outputs.next_release_tag }} | |
| smoketest: | |
| runs-on: ubuntu-latest | |
| needs: release | |
| if: github.event.inputs.dry_run!='true' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: ./.github/actions/refetch-artifacts | |
| - name: dockerhub login (for seamless docker pulling) | |
| uses: ./.github/actions/dockerhub-login | |
| env: | |
| DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| DOCKERHUB_USERNAME: ${{ vars.DOCKERHUB_USERNAME }} | |
| continue-on-error: true | |
| - run: ci/run_tests.sh | |
| env: | |
| SMOKETEST_DOCKER_IMAGE: python:3.12-slim | |
| DISTRIBUTION_NAME: ${{ github.ref_name=='master' && env.pypi_project || env.testpypi_project }} | |
| # as a workaround to ownership issues (lost access to project) | |
| pypi: | |
| name: upload release to PyPI | |
| needs: ['release','smoketest'] | |
| if: (( github.event.inputs.dry_run != 'true' ) && ((github.ref_name == 'master') || startsWith(github.ref_name,'ci/') )) | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: ( github.ref_name=='master' && 'pypi' || 'testpypi' ) | |
| url: ( github.ref_name=='master' && 'https://pypi.org/project/${{ env.pypi_project }}' || 'https://test.pypi.org/project/${{ env.testpypi_project }}' ) | |
| permissions: | |
| id-token: write | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: ./.github/actions/refetch-artifacts | |
| - name: Publish to PyPI | |
| if: github.ref_name == 'master' | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| - name: Publish to TestPyPI | |
| if: github.ref_name != 'master' | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: https://test.pypi.org/uploads/legacy |