Skip to content

Merge pull request #17 from BayyinahEnterprise/v0.9.4-cleanup-score-v… #9

Merge pull request #17 from BayyinahEnterprise/v0.9.4-cleanup-score-v…

Merge pull request #17 from BayyinahEnterprise/v0.9.4-cleanup-score-v… #9

Workflow file for this run

name: Release
on:
push:
tags: ['v*']
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
# Need full history (or at least the merge-base) for the
# ancestry check below.
fetch-depth: 0
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install build deps
run: python -m pip install --upgrade pip build
- name: Build sdist + wheel
run: python -m build
- name: Verify build
run: |
ls -lh dist/
# furqan-lint is pure Python; expect exactly one wheel
# (py3-none-any) and one sdist (.tar.gz).
test "$(ls dist/*.whl | wc -l)" -eq 1
test "$(ls dist/*.tar.gz | wc -l)" -eq 1
# Wheel must be py3-none-any (we are pure Python).
ls dist/*.whl | grep -q "py3-none-any.whl"
- name: Verify tag is an ancestor of origin/main
run: |
# Defends against tags pushed at local-only commits that
# never made it to main. Release artifacts must reflect
# what is actually on the published branch.
git fetch origin main --depth=50
if ! git merge-base --is-ancestor "$GITHUB_SHA" origin/main; then
echo "Tag commit $GITHUB_SHA is not an ancestor of origin/main"
exit 1
fi
echo "Tag commit is on origin/main: ok"
- name: Verify version-tag-CHANGELOG sync
run: |
TAG_VERSION="${GITHUB_REF#refs/tags/v}"
# Workflow uses Python 3.12; tomllib is stdlib since 3.11.
# No tomli shim needed.
PYPROJECT_VERSION=$(python -c "
import tomllib
with open('pyproject.toml', 'rb') as f:
print(tomllib.load(f)['project']['version'])
")
if [ "$TAG_VERSION" != "$PYPROJECT_VERSION" ]; then
echo "Tag version $TAG_VERSION != pyproject.toml version $PYPROJECT_VERSION"
exit 1
fi
if ! grep -q "^## \[${TAG_VERSION}\]" CHANGELOG.md; then
echo "CHANGELOG.md has no entry for [${TAG_VERSION}]"
exit 1
fi
echo "Tag/pyproject/CHANGELOG version sync: $TAG_VERSION"
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: dist
path: dist/
publish:
needs: build
runs-on: ubuntu-latest
environment: pypi
permissions:
id-token: write
steps:
- name: Download artifacts
uses: actions/download-artifact@v4
with:
name: dist
path: dist/
- name: Publish to PyPI
uses: pypa/gh-action-pypi-publish@release/v1