1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
name: Test + Deploy
on:
push:
branches: [main]
tags: ["v*.*.*"]
pull_request:
branches: [main]
jobs:
lint:
runs-on: ubuntu-latest
# https://github.community/t/github-actions-does-not-respect-skip-ci/17325/8
if: "! contains(toJSON(github.event.commits.*.message), '[skip ci]')"
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Install dependencies
run: pip install tox
- name: Run style and static checks
run: tox -e lint
test:
runs-on: ${{ matrix.platform }}
if: "! contains(toJSON(github.event.commits.*.message), '[skip ci]')"
strategy:
matrix:
python-version: ["3.10", "3.14"]
platform: [ubuntu-latest, windows-latest]
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: pip install tox
- name: Test with tox
run: tox -e py-cov
- name: Produce coverage files
run: tox -e htmlcov
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
with:
file: coverage.xml
flags: unittests
name: codecov-umbrella
fail_ci_if_error: false
# see https://github.com/codecov/codecov-action/issues/557
token: ${{ secrets.CODECOV_TOKEN }}
deploy:
# only run if the commit is tagged...
if: startsWith(github.ref, 'refs/tags/v')
# ... and both the lint and test jobs completed successfully
needs:
- lint
- test
runs-on: ubuntu-latest
# This is required to create a release using Github integration token
# https://github.com/softprops/action-gh-release?tab=readme-ov-file#permissions
environment:
name: publish-to-pypi
url: https://pypi.org/p/ufo2ft
permissions:
contents: write
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- uses: actions/checkout@v4
with:
# setuptools_scm requires the git clone to not be 'shallow'
fetch-depth: 0
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Extract release notes from annotated tag message
id: release_notes
env:
# e.g. v0.1.0a1, v1.2.0b2 or v2.3.0rc3, but not v1.0.0
PRERELEASE_TAG_PATTERN: "v[[:digit:]]+\\.[[:digit:]]+\\.[[:digit:]]+([ab]|rc)[[:digit:]]+"
run: |
# GH checkout action doesn't preserve tag annotations, we must fetch them
# https://github.com/actions/checkout/issues/290
git fetch --tags --force
# strip leading 'refs/tags/' to get the tag name
TAG_NAME="${GITHUB_REF##*/}"
# Dump tag message to temporary .md file (excluding the PGP signature at the bottom)
TAG_MESSAGE=$(git tag -l --format='%(contents)' $TAG_NAME | sed -n '/-----BEGIN PGP SIGNATURE-----/q;p')
echo "$TAG_MESSAGE" > "${{ runner.temp }}/release_notes.md"
# if the tag has a pre-release suffix mark the Github Release accordingly
if egrep -q "$PRERELEASE_TAG_PATTERN" <<< "$TAG_NAME"; then
echo "Tag contains a pre-release suffix"
echo "IS_PRERELEASE=true" >> "$GITHUB_ENV"
else
echo "Tag does not contain pre-release suffix"
echo "IS_PRERELEASE=false" >> "$GITHUB_ENV"
fi
- name: Create GitHub release
id: create_release
uses: softprops/action-gh-release@v2
with:
body_path: "${{ runner.temp }}/release_notes.md"
draft: false
prerelease: ${{ env.IS_PRERELEASE }}
- name: Build
run: |
if [ "$IS_PRERELEASE" == true ]; then
echo "DEBUG: This is a pre-release"
else
echo "DEBUG: This is a final release"
fi
pipx run build
- name: Publish package distributions to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
|
