build(version): 🔖 update version from 0.20.0 to 0.20.1 #130
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release package | |
| on: | |
| push: | |
| branches: | |
| - main | |
| # Limit token permissions for security | |
| permissions: read-all | |
| jobs: | |
| release: | |
| # This job outputs env variables `previous_version` and `current_version`. | |
| # Only give permissions for this job. | |
| permissions: | |
| contents: write | |
| uses: seedcase-project/.github/.github/workflows/reusable-release-project.yml@main | |
| with: | |
| app-id: ${{ vars.UPDATE_VERSION_APP_ID }} | |
| secrets: | |
| update-version-gh-token: ${{ secrets.UPDATE_VERSION_TOKEN }} | |
| pypi-publish: | |
| name: Publish to PyPI | |
| runs-on: ubuntu-latest | |
| # Only give permissions for this job. | |
| permissions: | |
| # IMPORTANT: mandatory for trusted publishing. | |
| id-token: write | |
| environment: | |
| name: pypi | |
| needs: | |
| - release | |
| if: ${{ needs.release.outputs.previous_version != needs.release.outputs.current_version }} | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| # Need to explicitly get the current version, otherwise it defaults to current commit | |
| # (which is not the same as the release/version commit). | |
| ref: ${{ needs.release.outputs.current_version }} | |
| # This workflow and the publish workflows are based on: | |
| # - https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/ | |
| # - https://www.andrlik.org/dispatches/til-use-uv-for-build-and-publish-github-actions/ | |
| # - https://github.com/astral-sh/trusted-publishing-examples | |
| - name: Set up uv | |
| uses: astral-sh/setup-uv@85856786d1ce8acfbcc2f13a5f3fbd6b938f9f41 # v7.1.2 | |
| - name: Build distributions | |
| # Builds dists from source and stores them in the dist/ directory. | |
| run: uv build | |
| - name: Publish 📦 to PyPI | |
| # Only publish if the option is explicitly set in the calling workflow. | |
| run: uv publish --trusted-publishing always |