1+ name : Publish Python package to PyPI
2+ on :
3+ push :
4+ tags :
5+ - ' v*.*.*'
6+
7+ jobs :
8+ build :
9+ name : Build distro
10+ runs-on : ubuntu-latest
11+
12+ steps :
13+ - uses : actions/checkout@v6
14+ with :
15+ persist-credentials : false
16+ - name : Set up Python
17+ uses : actions/setup-python@v6
18+ with :
19+ python-version : " 3.x"
20+ - name : Install pypa/build
21+ run : python3 -m pip install build --user
22+ - name : Build a binary wheel and a source tarball
23+ run : python3 -m build
24+ - name : Store the distribution packages
25+ uses : actions/upload-artifact@v5
26+ with :
27+ name : python-package-distributions
28+ path : dist/
29+
30+ publish-to-pypi :
31+ name : Publish Python distribution to PyPI
32+ if : startsWith(github.ref, 'refs/tags/')
33+ needs :
34+ - build
35+ runs-on : ubuntu-latest
36+ environment :
37+ name : pypi
38+ url : https://pypi.org/p/koi-net-coordinator-node
39+ permissions :
40+ id-token : write
41+
42+ steps :
43+ - name : Download all the dists
44+ uses : actions/download-artifact@v6
45+ with :
46+ name : python-package-distributions
47+ path : dist/
48+ - name : Publish distro to PyPI
49+ uses : pypa/gh-action-pypi-publish@release/v1
50+
51+ github-release :
52+ name : >-
53+ Sign the Python distribution with Sigstore
54+ and upload them to GitHub Release
55+ needs :
56+ - publish-to-pypi
57+ runs-on : ubuntu-latest
58+
59+ permissions :
60+ contents : write
61+ id-token : write
62+
63+ steps :
64+ - name : Download all the dists
65+ uses : actions/download-artifact@v4
66+ with :
67+ name : python-package-distributions
68+ path : dist/
69+ - name : Sign the dists with Sigstore
70+ uses : sigstore/gh-action-sigstore-python@v3.0.0
71+ with :
72+ inputs : >-
73+ ./dist/*.tar.gz
74+ ./dist/*.whl
75+ name : Upload artifact signatures to GitHub Release
76+ env :
77+ GITHUB_TOKEN : ${{ github.token }}
78+ run : >-
79+ gh release upload
80+ "$GITHUB_REF_NAME" dist/**
81+ --repo "$GITHUB_REPOSITORY"
0 commit comments