test_ok2/.github/workflows/deploy.yml

name: deploy

on:
  push:
    tags:
      # These tags are protected, see:
      # https://github.com/pytest-dev/pytest/settings/tag_protection
      - "[0-9]+.[0-9]+.[0-9]+"
      - "[0-9]+.[0-9]+.[0-9]+rc[0-9]+"


# Set permissions at the job level.
permissions: {}

jobs:
  build:
    runs-on: ubuntu-latest
    timeout-minutes: 10
    steps:
    - uses: actions/checkout@v3
      with:
        fetch-depth: 0
        persist-credentials: false
    - name: Build and Check Package
      uses: hynek/build-and-inspect-python-package@v1.5

  deploy:
    if: github.repository == 'pytest-dev/pytest'
    needs: [build]
    runs-on: ubuntu-latest
    timeout-minutes: 30
    permissions:
      id-token: write
    steps:
    - name: Download Package
      uses: actions/download-artifact@v3
      with:
        name: Packages
        path: dist
    - name: Publish package to PyPI
      uses: pypa/gh-action-pypi-publish@v1.8.7

  release-notes:

    # todo: generate the content in the build  job
    #       the goal being of using a github action script to push the release data
    #       after success instead of creating a complete python/tox env
    needs: [deploy]
    runs-on: ubuntu-latest
    timeout-minutes: 30
    permissions:
      contents: write
    steps:
    - uses: actions/checkout@v3
      with:
        fetch-depth: 0
        persist-credentials: false
    - name: Set up Python
      uses: actions/setup-python@v4
      with:
        python-version: "3.11"


    - name: Install tox
      run: |
        python -m pip install --upgrade pip
        pip install --upgrade tox

    - name: Publish GitHub release notes
      env:
        GH_RELEASE_NOTES_TOKEN: ${{ github.token }}
      run: |
        sudo apt-get install pandoc
        tox -e publish-gh-release-notes
Split test/deploy workflows This will trigger a deploy directly when a tag is pushed, avoiding having to wait for another lenghty build. This is safe since we only push release tags after the release PR has passed all its tests. See comments in #9793. 2022-03-19 19:56:05 +08:00			`name: deploy`

			`on:`
			`push:`
			`tags:`
			`# These tags are protected, see:`
			`# https://github.com/pytest-dev/pytest/settings/tag_protection`
			`- "[0-9]+.[0-9]+.[0-9]+"`
			`- "[0-9]+.[0-9]+.[0-9]+rc[0-9]+"`


			`# Set permissions at the job level.`
			`permissions: {}`

			`jobs:`
Switch to deploy environment and configure for pypi oidc (#10925) Closes #10871 Closes #10870 2023-07-03 23:52:58 +08:00			`build:`
Split test/deploy workflows This will trigger a deploy directly when a tag is pushed, avoiding having to wait for another lenghty build. This is safe since we only push release tags after the release PR has passed all its tests. See comments in #9793. 2022-03-19 19:56:05 +08:00			`runs-on: ubuntu-latest`
Switch to deploy environment and configure for pypi oidc (#10925) Closes #10871 Closes #10870 2023-07-03 23:52:58 +08:00			`timeout-minutes: 10`
Split test/deploy workflows This will trigger a deploy directly when a tag is pushed, avoiding having to wait for another lenghty build. This is safe since we only push release tags after the release PR has passed all its tests. See comments in #9793. 2022-03-19 19:56:05 +08:00			`steps:`
update actions 2022-10-24 20:58:03 +08:00			`- uses: actions/checkout@v3`
Split test/deploy workflows This will trigger a deploy directly when a tag is pushed, avoiding having to wait for another lenghty build. This is safe since we only push release tags after the release PR has passed all its tests. See comments in #9793. 2022-03-19 19:56:05 +08:00			`with:`
			`fetch-depth: 0`
			`persist-credentials: false`
Use build-and-inspect-python-package action (#10722) This uses https://github.com/hynek/build-and-inspect-python-package to ensure our package is correct, both during testing and deploy, 2023-02-13 08:37:40 +08:00			`- name: Build and Check Package`
			`uses: hynek/build-and-inspect-python-package@v1.5`

Switch to deploy environment and configure for pypi oidc (#10925) Closes #10871 Closes #10870 2023-07-03 23:52:58 +08:00			`deploy:`
			`if: github.repository == 'pytest-dev/pytest'`
			`needs: [build]`
			`runs-on: ubuntu-latest`
			`timeout-minutes: 30`
			`permissions:`
			`id-token: write`
			`steps:`
Use build-and-inspect-python-package action (#10722) This uses https://github.com/hynek/build-and-inspect-python-package to ensure our package is correct, both during testing and deploy, 2023-02-13 08:37:40 +08:00			`- name: Download Package`
			`uses: actions/download-artifact@v3`
			`with:`
			`name: Packages`
			`path: dist`
			`- name: Publish package to PyPI`
build(deps): Bump pypa/gh-action-pypi-publish from 1.8.5 to 1.8.7 (#11189) Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.8.5 to 1.8.7. - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.5...v1.8.7) --- updated-dependencies: - dependency-name: pypa/gh-action-pypi-publish dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 2023-07-10 21:23:12 +08:00			`uses: pypa/gh-action-pypi-publish@v1.8.7`
Switch to deploy environment and configure for pypi oidc (#10925) Closes #10871 Closes #10870 2023-07-03 23:52:58 +08:00
			`release-notes:`
Use build-and-inspect-python-package action (#10722) This uses https://github.com/hynek/build-and-inspect-python-package to ensure our package is correct, both during testing and deploy, 2023-02-13 08:37:40 +08:00
Switch to deploy environment and configure for pypi oidc (#10925) Closes #10871 Closes #10870 2023-07-03 23:52:58 +08:00			`# todo: generate the content in the build job`
			`# the goal being of using a github action script to push the release data`
			`# after success instead of creating a complete python/tox env`
			`needs: [deploy]`
			`runs-on: ubuntu-latest`
			`timeout-minutes: 30`
			`permissions:`
			`contents: write`
			`steps:`
			`- uses: actions/checkout@v3`
			`with:`
			`fetch-depth: 0`
			`persist-credentials: false`
Split test/deploy workflows This will trigger a deploy directly when a tag is pushed, avoiding having to wait for another lenghty build. This is safe since we only push release tags after the release PR has passed all its tests. See comments in #9793. 2022-03-19 19:56:05 +08:00			`- name: Set up Python`
update actions 2022-10-24 20:58:03 +08:00			`uses: actions/setup-python@v4`
Split test/deploy workflows This will trigger a deploy directly when a tag is pushed, avoiding having to wait for another lenghty build. This is safe since we only push release tags after the release PR has passed all its tests. See comments in #9793. 2022-03-19 19:56:05 +08:00			`with:`
Drop py37 from CI 2023-07-01 06:19:19 +08:00			`python-version: "3.11"`
Split test/deploy workflows This will trigger a deploy directly when a tag is pushed, avoiding having to wait for another lenghty build. This is safe since we only push release tags after the release PR has passed all its tests. See comments in #9793. 2022-03-19 19:56:05 +08:00
Switch to deploy environment and configure for pypi oidc (#10925) Closes #10871 Closes #10870 2023-07-03 23:52:58 +08:00
Use build-and-inspect-python-package action (#10722) This uses https://github.com/hynek/build-and-inspect-python-package to ensure our package is correct, both during testing and deploy, 2023-02-13 08:37:40 +08:00			`- name: Install tox`
Split test/deploy workflows This will trigger a deploy directly when a tag is pushed, avoiding having to wait for another lenghty build. This is safe since we only push release tags after the release PR has passed all its tests. See comments in #9793. 2022-03-19 19:56:05 +08:00			`run: \|`
			`python -m pip install --upgrade pip`
Use build-and-inspect-python-package action (#10722) This uses https://github.com/hynek/build-and-inspect-python-package to ensure our package is correct, both during testing and deploy, 2023-02-13 08:37:40 +08:00			`pip install --upgrade tox`
Split test/deploy workflows This will trigger a deploy directly when a tag is pushed, avoiding having to wait for another lenghty build. This is safe since we only push release tags after the release PR has passed all its tests. See comments in #9793. 2022-03-19 19:56:05 +08:00
			`- name: Publish GitHub release notes`
			`env:`
			`GH_RELEASE_NOTES_TOKEN: ${{ github.token }}`
			`run: \|`
			`sudo apt-get install pandoc`
			`tox -e publish-gh-release-notes`