-
-
Notifications
You must be signed in to change notification settings - Fork 20
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add a deploy.yml that supports trusted publishing.
- Loading branch information
1 parent
529a4eb
commit 946ac53
Showing
1 changed file
with
73 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,73 @@ | ||
| name: Deploy | ||
|
|
||
| on: | ||
| push: | ||
| branches: [main] | ||
| pull_request: | ||
| release: | ||
| types: | ||
| - published | ||
| workflow_dispatch: | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| jobs: | ||
| # Always build & lint package. | ||
| build-package: | ||
| name: Build & verify package | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
|
|
||
| - uses: hynek/build-and-inspect-python-package@v1 | ||
|
|
||
| # Upload to Test PyPI on every commit on main. | ||
| release-test-pypi: | ||
| name: Publish in-dev package to test.pypi.org | ||
| if: | | ||
| github.repository_owner == 'sphinx-contrib' | ||
| && github.event_name == 'push' | ||
| && github.ref == 'refs/heads/main' | ||
| runs-on: ubuntu-latest | ||
| needs: build-package | ||
|
|
||
| permissions: | ||
| id-token: write | ||
|
|
||
| steps: | ||
| - name: Download packages built by build-and-inspect-python-package | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: Packages | ||
| path: dist | ||
|
|
||
| - name: Upload package to Test PyPI | ||
| uses: pypa/gh-action-pypi-publish@release/v1 | ||
| with: | ||
| repository-url: https://test.pypi.org/legacy/ | ||
|
|
||
| # Upload to real PyPI on GitHub Releases. | ||
| release-pypi: | ||
| name: Publish released package to pypi.org | ||
| if: | | ||
| github.repository_owner == 'sphinx-contrib' | ||
| && github.event.action == 'published' | ||
| runs-on: ubuntu-latest | ||
| needs: build-package | ||
|
|
||
| permissions: | ||
| id-token: write | ||
|
|
||
| steps: | ||
| - name: Download packages built by build-and-inspect-python-package | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: Packages | ||
| path: dist | ||
|
|
||
| - name: Upload package to PyPI | ||
| uses: pypa/gh-action-pypi-publish@release/v1 |