mirrors/ruff
1
0
Fork 0
mirror of https://github.com/astral-sh/ruff.git synced 2025-11-12 16:57:44 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Ensure release tagging has access to repo clone (#5240)

Browse source 
## Summary

The [release
failed](9656004063),
but late enough that I was able to do the remaining steps manually. The
issue here is that the tagging step requires that we clone the repo. I
split the upload (to PyPI), tagging (in Git), and publishing (to GitHub
Releases) phases into their own steps, since they need different
resources + permissions anyway.
This commit is contained in:
Charlie Marsh 2023-06-21 10:24:33 -04:00 committed by GitHub
parent 10885d09a1
commit 4634560c80
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 30 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

39
.github/workflows/release.yaml vendored
View file

@ -423,8 +423,8 @@ jobs:
echo "Releasing ${git_sha}" echo "Releasing ${git_sha}"
fi fi
release: upload-release:
name: Release name: Upload to PyPI
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: needs:
- macos-universal - macos-universal
@ -442,8 +442,6 @@ jobs:
permissions: permissions:
# For pypi trusted publishing # For pypi trusted publishing
id-token: write id-token: write
# For GitHub release publishing
contents: write
steps: steps:
- uses: actions/download-artifact@v3 - uses: actions/download-artifact@v3
with: with:
@ -455,10 +453,18 @@ jobs:
skip-existing: true skip-existing: true
packages-dir: wheels packages-dir: wheels
verbose: true verbose: true
- uses: actions/download-artifact@v3
with: tag-release:
name: binaries name: Tag release
path: binaries runs-on: ubuntu-latest
needs: upload-release
# If you don't set an input tag, it's a dry run (no uploads).
if: ${{ inputs.tag }}
permissions:
# For git tag
contents: write
steps:
- uses: actions/checkout@v3
- name: git tag - name: git tag
run: | run: |
git config user.email "hey@astral.sh" git config user.email "hey@astral.sh"
@ -467,10 +473,25 @@ jobs:
# If there is duplicate tag, this will fail. The publish to pypi action will have been a noop (due to skip # If there is duplicate tag, this will fail. The publish to pypi action will have been a noop (due to skip
# existing), so we make a non-destructive exit here # existing), so we make a non-destructive exit here
git push --tags git push --tags
publish-release:
name: Publish to GitHub
runs-on: ubuntu-latest
needs: tag-release
# If you don't set an input tag, it's a dry run (no uploads).
if: ${{ inputs.tag }}
permissions:
# For GitHub release publishing
contents: write
steps:
- uses: actions/download-artifact@v3
with:
name: binaries
path: binaries
- name: "Publish to GitHub" - name: "Publish to GitHub"
uses: softprops/action-gh-release@v1 uses: softprops/action-gh-release@v1
with: with:
draft: true draft: false
files: binaries/* files: binaries/*
tag_name: v${{ inputs.tag }} tag_name: v${{ inputs.tag }}