ci(publish): add automatic git tagging on successful release (#319) #660
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Publishes your package to PyPI using Astral/uv for builds. | |
| # Set PYPI_API_TOKEN in repo secrets. | |
| permissions: | |
| contents: write # Allows writing to the repository | |
| name: Build and Publish to PyPI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| test: | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [macos-latest] | |
| python-version: ['3.13'] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install uv | |
| run: pip install uv | |
| - name: Setup uv virtual environment | |
| run: uv venv | |
| - name: Install dependencies | |
| # [durable] extras pulls in dbos, required by integration test | |
| # tests/integration/test_dbos_enabled.py | |
| run: uv pip install -e ".[durable]" | |
| - name: Install pexpect for integration tests | |
| run: uv pip install pexpect>=4.9.0 | |
| - name: Debug environment variables | |
| env: | |
| CEREBRAS_API_KEY: ${{ secrets.CEREBRAS_API_KEY || 'fake-key-for-ci-testing' }} | |
| CONTEXT7_API_KEY: ${{ secrets.CONTEXT7_API_KEY || 'fake-key-for-ci-testing' }} | |
| OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY || 'fake-key-for-ci-testing' }} | |
| ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY || 'fake-key-for-ci-testing' }} | |
| SYN_API_KEY: ${{ secrets.SYN_API_KEY || 'fake-key-for-ci-testing' }} | |
| run: | | |
| echo "=== DEBUG: Environment Variables ===" | |
| echo "CEREBRAS_API_KEY is set: ${{ secrets.CEREBRAS_API_KEY != '' }}" | |
| echo "CONTEXT7_API_KEY is set: ${{ secrets.CONTEXT7_API_KEY != '' }}" | |
| echo "OPENAI_API_KEY is set: ${{ secrets.OPENAI_API_KEY != '' }}" | |
| echo "ANTHROPIC_API_KEY is set: ${{ secrets.ANTHROPIC_API_KEY != '' }}" | |
| echo "SYN_API_KEY is set: ${{ secrets.SYN_API_KEY != '' }}" | |
| echo "CEREBRAS_API_KEY length: ${#CEREBRAS_API_KEY}" | |
| echo "CONTEXT7_API_KEY length: ${#CONTEXT7_API_KEY}" | |
| echo "OPENAI_API_KEY length: ${#OPENAI_API_KEY}" | |
| echo "ANTHROPIC_API_KEY length: ${#ANTHROPIC_API_KEY}" | |
| echo "SYN_API_KEY length: ${#SYN_API_KEY}" | |
| echo "=== END DEBUG ===" | |
| - name: Run tests | |
| env: | |
| CI: '1' | |
| CODE_PUPPY_TEST_FAST: '1' | |
| CEREBRAS_API_KEY: ${{ secrets.CEREBRAS_API_KEY || 'fake-key-for-ci-testing' }} | |
| CONTEXT7_API_KEY: ${{ secrets.CONTEXT7_API_KEY || 'fake-key-for-ci-testing' }} | |
| OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY || 'fake-key-for-ci-testing' }} | |
| ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY || 'fake-key-for-ci-testing' }} | |
| SYN_API_KEY: ${{ secrets.SYN_API_KEY || 'fake-key-for-ci-testing' }} | |
| run: | | |
| echo "Running tests (including integration tests) on ${{ runner.os }} with Python ${{ matrix.python-version }}..." | |
| echo "Required environment variables are set (using CI fallbacks if secrets not available)" | |
| uv run pytest tests/ -v --cov=code_puppy --cov-report=term-missing | |
| build-publish: | |
| runs-on: ubuntu-latest | |
| needs: test | |
| permissions: | |
| contents: write # Allows writing to the repository | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Python 3.13 | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.13' | |
| - name: Install uv, build, and twine | |
| run: pip install uv build twine | |
| - name: Setup uv virtual environment | |
| run: uv venv | |
| - name: Bump version | |
| run: uv version --bump patch | |
| - name: Capture new version | |
| id: version | |
| run: | | |
| NEW_VERSION=$(grep '^version = ' pyproject.toml | sed 's/version = "\(.*\)"/\1/') | |
| echo "version=$NEW_VERSION" >> "$GITHUB_OUTPUT" | |
| echo "New version: $NEW_VERSION" | |
| - name: Build package | |
| run: | | |
| uv build | |
| - name: Publish to PyPI | |
| env: | |
| TWINE_USERNAME: __token__ | |
| TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} | |
| run: uv run twine upload --verbose dist/* | |
| - name: Push version bump and tag to GitHub | |
| if: ${{ success() }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| git config --global user.name 'github-actions[bot]' | |
| git config --global user.email 'github-actions[bot]@users.noreply.github.com' | |
| git add . | |
| git commit -m "chore: bump version [ci skip]" || echo "No changes to commit" | |
| TAG="v${{ steps.version.outputs.version }}" | |
| git tag -a "$TAG" -m "Release $TAG" | |
| git push | |
| git push origin "$TAG" |