.github/workflows/cd.yaml
# Requires GitHub secrets
# - GH_TOKEN
# - PYPI_TOKEN
name: CD
on:
push:
branches: ["main"]
jobs:
release:
name: Release
runs-on: ubuntu-latest
concurrency: release
permissions:
id-token: write
contents: write
env:
GH_TOKEN: ${{ secrets.GH_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
steps:
- name: Checkout repository
id: checkout-repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install Python
id: install-python
uses: actions/setup-python@v5
with:
python-version: 3.11
architecture: x64
- name: Install dependencies
id: install-dependencies
run: |
python -m pip install -U pip setuptools poetry twine
python -m poetry install --only main
- name: Semantic release
id: semantic-release
uses: python-semantic-release/python-semantic-release@master
with:
github_token: ${{ secrets.GH_TOKEN }}
- name: Build package
id: build-package
run: python -m poetry build
- name: Publish package
id: publish-package
run: |
python -m poetry run twine upload dist/* -u __token__ -p ${{ secrets.PYPI_TOKEN }} --skip-existing --verbose