File tree Expand file tree Collapse file tree 2 files changed +68
-6
lines changed Expand file tree Collapse file tree 2 files changed +68
-6
lines changed Original file line number Diff line number Diff line change @@ -76,14 +76,13 @@ jobs:
76
76
inputs : >-
77
77
./dist/*.tar.gz
78
78
./dist/*.whl
79
- - name : Create GitHub Release
79
+ - name : Ensure GitHub Release exists (no-op if already exists)
80
80
env :
81
81
GITHUB_TOKEN : ${{ github.token }}
82
- run : >-
83
- gh release create
84
- '${{ github.ref_name }}'
85
- --repo '${{ github.repository }}'
86
- --notes ""
82
+ run : |
83
+ # If a release for this tag already exists (e.g., created via GH UI), skip creation.
84
+ gh release view '${{ github.ref_name }}' --repo '${{ github.repository }}' >/dev/null 2>&1 || \
85
+ gh release create '${{ github.ref_name }}' --repo '${{ github.repository }}' --notes ""
87
86
- name : Upload artifact signatures to GitHub Release
88
87
env :
89
88
GITHUB_TOKEN : ${{ github.token }}
Original file line number Diff line number Diff line change
1
+ name : Sign existing release assets 🔐
2
+
3
+ on :
4
+ workflow_dispatch :
5
+ inputs :
6
+ tag :
7
+ description : Git tag of the existing release
8
+ required : true
9
+ type : string
10
+
11
+ permissions :
12
+ contents : write
13
+ id-token : write
14
+
15
+ jobs :
16
+ sign-and-upload :
17
+ name : Sign and upload Sigstore bundles for release assets
18
+ runs-on : ubuntu-latest
19
+ steps :
20
+ - name : Create dist directory
21
+ run : mkdir -p dist
22
+
23
+ - name : Download assets from GitHub Release
24
+ env :
25
+ GITHUB_TOKEN : ${{ github.token }}
26
+ run : >-
27
+ gh release download
28
+ '${{ inputs.tag }}'
29
+ --repo '${{ github.repository }}'
30
+ -D dist/
31
+
32
+ - name : List downloaded files
33
+ run : ls -lah dist || true
34
+
35
+ - name : Collect files to sign
36
+ id : find
37
+ shell : bash
38
+ run : |
39
+ shopt -s nullglob
40
+ files=(dist/*.whl dist/*.tar.gz)
41
+ if [ ${#files[@]} -eq 0 ]; then
42
+ echo "No distribution files found in dist/." >&2
43
+ exit 1
44
+ fi
45
+ printf '%s\n' "${files[@]}"
46
+ {
47
+ echo 'files<<EOF'
48
+ printf '%s\n' "${files[@]}"
49
+ echo 'EOF'
50
+ } >> "$GITHUB_OUTPUT"
51
+
52
+ - name : Sign assets with Sigstore
53
+ uses : sigstore/gh-action-sigstore-python@v3.0.0
54
+ with :
55
+ inputs : ${{ steps.find.outputs.files }}
56
+
57
+ - name : Upload signatures to GitHub Release
58
+ env :
59
+ GITHUB_TOKEN : ${{ github.token }}
60
+ run : >-
61
+ gh release upload
62
+ '${{ inputs.tag }}' dist/**/*.sigstore.json
63
+ --repo '${{ github.repository }}'
You can’t perform that action at this time.
0 commit comments