--- name: Build (and release) on: [ push, pull_request ] jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: fetch-depth: 0 - name: Install dependencies run: | sudo apt update -qq -y sudo apt install -qq -y build-essential fakeroot git python-all python3-cryptography python3-pip python3-stdeb python3-wheel twine dh-python sudo pip3 install --upgrade setuptools wheel - name: Prepare build process id: buildprep run: | # Fetch tags and determine version git fetch --tags -f VER="$(python3 setup.py --version)" echo "Version found: $VER" echo "version=$VER" >> $GITHUB_OUTPUT - name: Build python package using setuptools (source/wheel) run: | python3 setup.py sdist --formats=gztar python3 setup.py bdist_wheel - name: Prepare stdeb build process id: stdebprep run: | # Patch setup.py to allow stdeb proper debian style builds sed "s/=determine_version()/='$(python3 setup.py --version)'/gi" -i setup.py sed "s@('readme'@('share/doc/python3-acertmgr'@" -i setup.py # Determine recommended dependencies for deb package echo "recommends3=$(echo "python3-pkg-resources")" >> $GITHUB_OUTPUT # Find optional dependencies to suggest in deb package echo "suggests3=$(python3 -c "from setup import extra_requirements; print('\n'.join(['\n'.join(x) for x in extra_requirements.values()]))" | grep -v cryptography | sed 's/PyYAML/yaml/gi' | awk '{ printf("python3-%s, ",$1)};' | awk '{$1=$1; print}')" >> $GITHUB_OUTPUT - name: Build debian package using setuptools and stdeb run: | # Create debianized source directory python3 setup.py --command-packages=stdeb.command sdist_dsc --with-python2=False --with-python3=True --recommends3="${{ steps.stdebprep.outputs.recommends3 }}" --suggests3="${{ steps.stdebprep.outputs.suggests3 }}" # Enter debianzied source directory (first sub-directory under deb_dist) cd "$(find deb_dist -maxdepth 1 -type d | grep -v 'deb_dist$\|tmp_sdist_dsc' | head -n1)" # Enforce GZIP compressed debian package info for older OS versions echo -e 'override_dh_builddeb:\n\tdh_builddeb -- -Zgzip\n' >> debian/rules # Build deb package DEB_BUILD_OPTIONS=nocheck dpkg-buildpackage -rfakeroot -uc -us - name: Create a changelog from git log since last non-pre/rc tag run: | # Determine current tag and last non-rc/pre tag CTAG="$(git describe --tags --abbrev=0)" LTAG="$(git tag | grep -B1 ${CTAG} | head -n1)" while echo $LTAG | grep -q 'rc\|pre'; do LTAG="$(git tag | grep -B1 ${LTAG} | head -n1)" done # Write changelog echo "Changes since ${LTAG}:" > changelog.txt git log --format=' * %s' ${LTAG}..${CTAG} >> changelog.txt cat changelog.txt - name: Collect files for artifact upload run: | mkdir -v artifacts cp -v changelog.txt artifacts/ cp -v dist/*.tar.gz artifacts/ cp -v dist/*.whl artifacts/ cp -v deb_dist/*.deb artifacts/ - name: Upload build artifact uses: actions/upload-artifact@v1 with: name: ${{ format('acertmgr_build_{0}', steps.buildprep.outputs.version) }} path: artifacts - name: Create new GitHub release uses: softprops/action-gh-release@v1 if: startsWith(github.ref, 'refs/tags/') env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: name: ${{ steps.buildprep.outputs.version }} draft: true prerelease: ${{ contains(github.ref, 'rc') || contains(github.ref, 'pre') }} body_path: changelog.txt files: | artifacts/*.tar.gz artifacts/*.whl artifacts/*.deb - name: Check PyPI secrets id: checksecrets shell: bash run: | if [ "$USER" == "" -o "$PASSWORD" == "" ]; then echo "secretspresent=NO" >> $GITHUB_OUTPUT else echo "secretspresent=YES" >> $GITHUB_OUTPUT fi env: USER: ${{ secrets.PYPI_USERNAME }} PASSWORD: ${{ secrets.PYPI_PASSWORD }} - name: Create new PyPI release if: steps.checksecrets.outputs.secretspresent == 'YES' && github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') && (!(contains(github.ref, 'rc') || contains(github.ref, 'pre'))) uses: pypa/gh-action-pypi-publish@release/v1 with: user: ${{ secrets.PYPI_USERNAME }} password: ${{ secrets.PYPI_PASSWORD }}