|
2 | 2 | name: Build CI wheels |
3 | 3 |
|
4 | 4 | env: |
5 | | - # A tag or branch name or a commit hash for the scipy/scipy repo, for which |
| 5 | + # A tag or branch name or a commit hash for the matplotlib/matplotlib repo, for which |
6 | 6 | # to build wheels. This is normally set to `main` in the main branch of this |
7 | 7 | # repo, and to a tag name (e.g., `v2.3.2`) on a release branch. |
8 | 8 | SOURCE_REF_TO_BUILD: v3.10.8 |
@@ -242,36 +242,85 @@ jobs: |
242 | 242 | path: ./wheelhouse/*.whl |
243 | 243 | if-no-files-found: error |
244 | 244 |
|
245 | | - publish: |
246 | | - if: github.repository == 'matplotlib/matplotlib-release' && github.event_name == 'push' && github.ref_type == 'tag' |
247 | | - name: Upload release to PyPI |
248 | | - needs: [build_sdist, build_wheels] |
| 245 | + # ------------------------------------------------------------------------------------- |
| 246 | + testpypi-publish: |
| 247 | + name: Publish release to TestPyPI |
| 248 | + if: github.event_name == 'workflow_dispatch' && github.event.inputs.environment == 'testpypi' |
| 249 | + needs: [build_wheels, build_sdist] |
249 | 250 | runs-on: ubuntu-latest |
250 | | - environment: release |
| 251 | + environment: |
| 252 | + name: testpypi |
| 253 | + url: https://test.pypi.org/p/matplotlib |
251 | 254 | permissions: |
252 | | - id-token: write |
253 | | - attestations: write |
254 | | - contents: read |
| 255 | + id-token: write # mandatory for trusted publishing |
255 | 256 | steps: |
256 | | - - name: Download packages |
257 | | - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 |
| 257 | + - name: Download sdist and wheels |
| 258 | + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 |
258 | 259 | with: |
259 | 260 | pattern: cibw-* |
260 | 261 | path: dist |
261 | 262 | merge-multiple: true |
262 | 263 |
|
263 | | - - name: Print out packages |
264 | | - run: ls dist |
| 264 | + - name: Publish |
| 265 | + uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 |
| 266 | + with: |
| 267 | + repository-url: https://test.pypi.org/legacy/ |
| 268 | + skip-existing: true |
| 269 | + print-hash: true |
| 270 | + attestations: true |
265 | 271 |
|
266 | | - - name: Run twine check |
267 | | - run: | |
268 | | - pip install twine |
269 | | - twine check dist/* |
| 272 | +# ------------------------------------------------------------------------------------- |
| 273 | + check_version: |
| 274 | + name: Ensure commit is tag before upload to PyPi |
270 | 275 |
|
271 | | - - name: Generate artifact attestation for sdist and wheel |
272 | | - uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0 |
| 276 | + if: github.event_name == 'workflow_dispatch' && github.event.inputs.environment == 'pypi' |
| 277 | + needs: [build_wheels, build_sdist] |
| 278 | + runs-on: ubuntu-latest |
| 279 | + steps: |
| 280 | + - name: Checkout matplotlib |
| 281 | + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 |
273 | 282 | with: |
274 | | - subject-path: dist/matplotlib-* |
| 283 | + repository: matplotlib/matplotlib |
| 284 | + ref: ${{ env.SOURCE_REF_TO_BUILD }} |
| 285 | + path: mpl-src |
| 286 | + fetch-depth: 0 |
| 287 | + fetch-tags: true |
| 288 | + submodules: false |
| 289 | + persist-credentials: false |
275 | 290 |
|
276 | | - - name: Publish package distributions to PyPI |
277 | | - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 |
| 291 | + - name: Examine git commit |
| 292 | + run: | |
| 293 | + cd mpl-src |
| 294 | + hash=$(git describe HEAD) |
| 295 | + echo $hash |
| 296 | + if [[ $hash == *"-"*"-"* ]]; then |
| 297 | + echo "SOURCE_REF_TO_BUILD is not a tag" |
| 298 | + exit 1 |
| 299 | + else |
| 300 | + echo "SOURCE_REF_TO_BUILD is a tag" |
| 301 | + fi; |
| 302 | +
|
| 303 | +# ------------------------------------------------------------------------------------- |
| 304 | + pypi-publish: |
| 305 | + name: Publish release to PyPI |
| 306 | + if: github.event_name == 'workflow_dispatch' && github.event.inputs.environment == 'pypi' |
| 307 | + needs: [check_version] |
| 308 | + runs-on: ubuntu-latest |
| 309 | + environment: |
| 310 | + name: pypi |
| 311 | + url: https://pypi.org/p/matplotlib |
| 312 | + permissions: |
| 313 | + id-token: write # mandatory for trusted publishing |
| 314 | + steps: |
| 315 | + - name: Download sdist and wheels |
| 316 | + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 |
| 317 | + with: |
| 318 | + pattern: cibw-* |
| 319 | + path: dist |
| 320 | + merge-multiple: true |
| 321 | + |
| 322 | + - name: Publish |
| 323 | + uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 |
| 324 | + with: |
| 325 | + print-hash: true |
| 326 | + attestations: true |
0 commit comments