📦 Move PyPI release workflow into the main workflow.

This ensures that any releases are fully tested before publication. The workflow first builds the distribution files (sdist, wheel) before using a deployment environment to publish these to PyPI, using the GitHub actions OpenID support to authenticate with PyPI.
2026-03-25 04:57:54 +00:00 · 2023-05-16 17:54:16 +01:00
parent 4aa8060faa
commit 282fcc7cea
6 changed files with 377 additions and 39 deletions
--- a/.github/workflows/ci-cd.yml
+++ b/.github/workflows/ci-cd.yml
@@ -1,8 +1,10 @@
-name: ci
+name: CI/CD
 on:
  push:
    branches:
      - main
+    tags:
+      - 'v*'
  pull_request:
    branches:
      - main
@@ -70,3 +72,47 @@ jobs:
        uses: re-actors/alls-green@release/v1
        with:
          jobs: ${{ toJSON(needs) }}
+
+  build:
+    name: Build distributions
+    runs-on: ubuntu-latest
+    needs: [test-summary]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Install Poetry
+        run: pipx install poetry
+      - name: Setup Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.x'
+          cache: poetry
+      - name: Build distributions
+        run:
+          make build
+      - name: Upload artifacts
+        uses: actions/upload-artifact@v3
+        with:
+          name: dist
+          path: dist
+
+  publish:
+    name: Build and publish Python 🐍 distributions 📦 to PyPI
+    if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
+    needs: [build]
+    runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      # The URL is used in the 'successfully deployed' message as the link
+      # for the 'View deployment' button.
+      url: https://pypi.org/p/fastapi-cache2
+    permissions:
+      id-token: write
+    steps:
+      - name: Download artifacts
+        uses: actions/download-artifact@v2
+        with:
+          name: dist
+          path: dist
+      - name: Publish distribution 📦 to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
--- a/.github/workflows/pypi.yml
+++ b/.github/workflows/pypi.yml
@@ -1,24 +0,0 @@
-name: pypi
-on:
-  release:
-    types:
-      - created
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-python@v4
-        with:
-          python-version: '3.x'
-      - name: Install and configure Poetry
-        run: |
-          pip install -U pip poetry
-          poetry config virtualenvs.create false
-      - name: Build dists
-        run: make build
-      - name: Pypi Publish
-        uses: pypa/gh-action-pypi-publish@master
-        with:
-          user: __token__
-          password: ${{ secrets.pypi_password }}