Skip to content

Workflow file for this run

name: Publish Python 🐍 distribution πŸ“¦ to PyPI and Docker 🐳 Image
on:
workflow_dispatch:
push:
tags:
- v*
env:
IMAGE_NAME: gnzsnz/jupyter-quant
GH_IMAGE_NAME: ghcr.io/quantbelt/jupyter-quant
PLATFORMS: linux/amd64,linux/arm64
PYPI_PACKAGE: jupyter-quant
PYPI_BASE_URL: https://pypi.org/p
jobs:
publish_docker:
name: Build and publish Jupyter Quant docker 🐳 image
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Get enviroment variables
run: |
grep -v '#' .env-dist | grep '=' > .env
while IFS= read -r line; do
echo $line >> $GITHUB_ENV ;
done < .env
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: ${{ env.PLATFORMS }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.IMAGE_NAME }}
${{ env.GH_IMAGE_NAME }}
flavor: |
type=semver,pattern={{version}},value=${{ env.IMG_PYTHON_VERSION}}
latest=true
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v6
with:
context: .
push: true
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
USER=${{ env.USER }}
USER_ID=${{ env.USER_ID }}
USER_GID=${{ env.USER_GID }}
IMG_PYTHON_VERSION=${{ env.IMG_PYTHON_VERSION}}
platforms: ${{ env.PLATFORMS }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build_py:
name: Build 🐍 distribution πŸ“¦
runs-on: ubuntu-latest
needs:
- publish_docker
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: 3.x
cache: pip
- name: Install pypa/build
run: >-
python3 -m pip install --user -U pip build wheel setuptools
- name: Build a binary wheel and a source tarball
run: python3 -m build
- name: Store the distribution packages
uses: actions/upload-artifact@v4
with:
name: python-package-distributions
path: dist/
publish-to-pypi:
name: Publish Python 🐍 distribution πŸ“¦ to PyPI
if: startsWith(github.ref, 'refs/tags/') # only publish on tag pushes
needs:
- build_py
runs-on: ubuntu-latest
environment:
name: pypi
url: ${{ env.PYPI_BASE_URL }}/${{ env.PYPI_PACKAGE }}
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Publish distribution πŸ“¦ to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
github-release:
name: >-
Sign the πŸ“¦ with Sigstore and upload them to GitHub Release
needs:
- publish-to-pypi
runs-on: ubuntu-latest
permissions:
contents: write # IMPORTANT: mandatory for making GitHub Releases
id-token: write # IMPORTANT: mandatory for sigstore
steps:
- name: Download all the dists
uses: actions/download-artifact@v4
with:
name: python-package-distributions
path: dist/
- name: Sign the dists with Sigstore
uses: sigstore/[email protected]
with:
inputs: >-
./dist/*.tar.gz ./dist/*.whl
- name: Create GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
run: >-
gh release create '${{ github.ref_name }}' \
--repo '${{ github.repository }}' --notes ""
- name: Upload artifact signatures to GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
# Upload to GitHub Release using the `gh` CLI.
# `dist/` contains the built packages, and the
# sigstore-produced signatures and certificates.
run: >-
gh release upload '${{ github.ref_name }}' dist/** --repo '${{ github.repository }}'