Skip to content
Packaging and Publishing

add tag validation to Pypi publishing #393

Sign in to view logs

add tag validation to Pypi publishing

add tag validation to Pypi publishing #393

Workflow file for this run

.github/workflows/pypi_publish.yml at 90b29fc
name: Packaging and Publishing
on:
push:
workflow_dispatch:
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: hynek/build-and-inspect-python-package@v2
publish:
name: Publish CDK to PyPI
runs-on: ubuntu-latest
needs: [build]
permissions:
id-token: write # IMPORTANT: this permission is mandatory for trusted publishing
contents: write # Needed to upload artifacts to the release
environment:
name: PyPI
url: "https://pypi.org/p/airbyte-cdk"
if: startsWith(github.ref, 'refs/tags/v') || github.event_name == 'workflow_dispatch'
steps:
- uses: actions/download-artifact@v4
with:
name: Packages
path: dist
- name: Debug Reference
run: |
echo "Event Name: $GITHUB_EVENT_NAME"
echo "GitHub Ref: $GITHUB_REF"
- name: Validate Tag Reference
run: |
if [[ "$GITHUB_EVENT_NAME" == "workflow_dispatch" ]]; then
echo "Workflow triggered via dispatch."
if [[ ! "$GITHUB_REF" =~ ^refs/tags/v ]]; then
echo "Error: This workflow requires a valid tag (refs/tags/vX.Y.Z) to run."
exit 1
fi
else
echo "Workflow triggered by tag push."
fi
- name: Extract and Validate Version
id: extract_version
run: |
if [[ "$GITHUB_REF" =~ ^refs/tags/v(.+)$ ]]; then
VERSION=${BASH_REMATCH[1]}
echo "VERSION=$VERSION" >> $GITHUB_ENV
echo "Extracted version: $VERSION"
else
echo "Error: GITHUB_REF does not point to a valid tag. Found: $GITHUB_REF"
exit 1
fi
- name: Attach Wheel to GitHub Release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: dist/*.whl
tag: ${{ github.ref#refs/tags/ }}

Check failure on line 70 in .github/workflows/pypi_publish.yml

View workflow run for this annotation

GitHub Actions / Packaging and Publishing

Invalid workflow file 

The workflow is not valid. .github/workflows/pypi_publish.yml (Line: 70, Col: 16): Unexpected symbol: 'ref#refs/tags/'. Located at position 8 within expression: github.ref#refs/tags/
overwrite: true
file_glob: true
- name: Publish to PyPI (${{vars.PYPI_PUBLISH_URL}})
uses: pypa/[email protected]
with:
# Can be toggled at the repository level between `https://upload.pypi.org/legacy/` and `https://test.pypi.org/legacy/`
repository-url: ${{vars.PYPI_PUBLISH_URL}}
publish_sdm:
name: Publish SDM to DockerHub
if: startsWith(github.ref, 'refs/tags/v') || github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
needs: [publish]
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Extract version from tag
id: extract_version
run: |
echo "VERSION=${GITHUB_REF#refs/tags/v}" >> $GITHUB_ENV
echo "Extracted CDK version from tag: $VERSION"
- name: Debug SDM Environment
run: |
echo "Simulating SDM flow for branch: $GITHUB_REF"
echo "Current SHA: $GITHUB_SHA"
echo "Target Version: $VERSION"
- name: Set up QEMU for multi-platform builds
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
- name: Check for existing tag
run: |
tag="airbyte/source-declarative-manifest:${{ env.VERSION }}"
if [ -z "$tag" ]; then
echo "Error: VERSION is not set. Ensure the tag follows the format 'refs/tags/vX.Y.Z'."
exit 1
fi
echo "Checking if tag '$tag' exists on DockerHub..."
if DOCKER_CLI_EXPERIMENTAL=enabled docker manifest inspect "$tag" > /dev/null 2>&1; then
echo "The tag '$tag' already exists on DockerHub. Skipping publish to prevent overwrite."
exit 1
fi
echo "No existing tag '$tag' found. Proceeding with publish."
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: |
airbyte/source-declarative-manifest:latte
airbyte/source-declarative-manifest:${{ env.VERSION }}
airbyte/source-declarative-manifest:${{ github.sha }}