From 7fa08411add83b0bb6f53d147528c6c01b7504c6 Mon Sep 17 00:00:00 2001 From: Tsuyoshi Hombashi Date: Sat, 18 May 2024 16:01:42 +0900 Subject: [PATCH] Add build and publish jobs to the CI workflow Signed-off-by: Tsuyoshi Hombashi --- .github/workflows/ci.yml | 58 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 37f92f3..b93cbbf 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -42,6 +42,64 @@ jobs: - run: make build + - uses: actions/upload-artifact@v4 + with: + name: dist + path: ./dist/* + + publish-package: + needs: build-package + runs-on: ubuntu-latest + concurrency: + group: ${{ github.event_name }}-${{ github.workflow }}-${{ github.ref_name }}-publish-pkg + cancel-in-progress: true + timeout-minutes: 10 + environment: + name: testpypi + url: https://pypi.org/p/pathvalidate-cli + permissions: + id-token: write # IMPORTANT: this permission is mandatory for trusted publishing + + steps: + - uses: actions/download-artifact@v4 + with: + name: dist + path: ./dist + + - name: Publish package to TestPyPI + uses: pypa/gh-action-pypi-publish@release/v1 + with: + repository-url: https://test.pypi.org/legacy/ + skip-existing: true + + sign-package: + needs: publish-package + runs-on: ubuntu-latest + concurrency: + group: ${{ github.event_name }}-${{ github.workflow }}-${{ github.ref_name }}-sign-pkg + cancel-in-progress: true + timeout-minutes: 10 + permissions: + id-token: write + + steps: + - uses: actions/download-artifact@v4 + with: + name: dist + path: ./dist + + - name: Sign the dists with Sigstore + uses: sigstore/gh-action-sigstore-python@v2.1.1 + with: + inputs: >- + ./dist/*.tar.gz + ./dist/*.whl + + - uses: actions/upload-artifact@v4 + with: + name: sigstore + path: ./dist/* + lint: runs-on: ubuntu-latest concurrency: