Skip to content

2023.10.1

2023.10.1 #99

Workflow file for this run

name: Test & Publish PyPi release
on:
release:
types: [created]
jobs:
test-pypi:
name: Test PyPi release
runs-on: ubuntu-latest
steps:
- name: Set up python
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Upgrade pip
run: python -m pip install --upgrade pip build
- name: Checkout repository
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Create tag
# if present, remove leading `v`
run: |
echo "NEBARI_TAG=$(git describe --tags | sed 's/^v//')" >> $GITHUB_ENV
echo ${{ env.NEBARI_TAG }}
- name: Build source and binary
run: python -m build --sdist --wheel .
- name: Publish to test PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.TEST_PYPI_API_TOKEN }}
repository-url: https://test.pypi.org/legacy/
- name: Sleep
run: sleep 120
- name: Test install from Test PyPI
run: |
pip install \
--index-url https://test.pypi.org/simple/ \
--extra-index-url https://pypi.org/simple \
nebari==${{ env.NEBARI_TAG }}
release-pypi:
name: Publish Nebari on PyPi
runs-on: ubuntu-latest
needs: test-pypi
permissions:
id-token: write
contents: read
steps:
- name: Set up python
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Upgrade pip
run: python -m pip install --upgrade pip build
- name: Checkout repository
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Build source and binary
run: python -m build --sdist --wheel .
- name: Retrieve secret from Vault
uses: hashicorp/[email protected]
with:
method: jwt
url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200"
namespace: "admin/quansight"
role: "repository-nebari-dev-nebari-role"
secrets: |
kv/data/repository/nebari-dev/nebari/shared_secrets PYPI_USERNAME | PYPI_USERNAME;
kv/data/repository/nebari-dev/nebari/shared_secrets PYPI_PASSWORD | PYPI_PASSWORD;
- name: Publish package
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: ${{ env.PYPI_USERNAME }}
password: ${{ env.PYPI_PASSWORD }}