Skip to content

Nothing

Nothing #30

Workflow file for this run

name: Publish
on:
push:
branches:
- master
- larose/bullfrog
jobs:
build-and-check:
runs-on: ubuntu-22.04
strategy:
matrix:
python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"]
steps:
- name: Bullfrog Secure Runner
uses: bullfrogsec/bullfrog@v0
with:
egress-policy: block
# allowed-domains: |
# auth.docker.io
# deb.debian.org
# files.pythonhosted.org
# production.cloudflare.docker.com
# pypi.org
# registry-1.docker.io
- run: |
sudo nft list ruleset
- uses: actions/checkout@v4
- name: Setup python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Bootstrap
run: make ci.bootstrap
- name: Update version in pyproject.toml
run: make ci.update-version-in-pyproject
- name: Check
run: make check
- name: Upload dist directory
uses: actions/upload-artifact@v4
with:
name: dist-${{ matrix.python-version }}
path: dist
publish:
runs-on: ubuntu-22.04
needs: build-and-check
steps:
- uses: bullfrogsec/bullfrog@v0
with:
egress-policy: block
allowed-domains: |
files.pythonhosted.org
pypi.org
- uses: actions/checkout@v4
- name: Setup python
uses: actions/setup-python@v5
with:
python-version: 3.8
- name: Bootstrap
run: make ci.bootstrap
- name: Configure poetry
run: make ci.configure-poetry
env:
PYPI_API_TOKEN: ${{ secrets.pypi_api_token }}
TEST_PYPI_API_TOKEN: ${{ secrets.test_pypi_api_token }}
- name: Update version in pyproject.toml
run: make ci.update-version-in-pyproject
- name: Download dist directory
uses: actions/download-artifact@v1
with:
name: dist-3.8
path: dist
- name: Publish (Test PyPI)
run: make ci.publish.test-pypi
# - name: Publish
# run: make ci.publish.pypi