Skip to content

v0.9.0

v0.9.0 #14

Workflow file for this run

name: Release
# Publishes both distributions to PyPI when a GitHub Release is published:
# - vgi-python (sdist + universal wheel) — the public package
# - vgi-fixtures (universal wheel only) — example/test workers
#
# vgi-fixtures is wheel-only on purpose: its source lives at the repo root in
# vgi/_test_fixtures/, which the wheel force-includes but an sdist cannot reach
# (see packages/vgi-fixtures/pyproject.toml). It is a pure-python py3-none-any
# wheel, so the wheel alone installs everywhere.
#
# Auth is PyPI Trusted Publishing (OIDC) — no API tokens. Before the first run,
# configure a Trusted Publisher on PyPI for BOTH projects (vgi-python,
# vgi-fixtures) pointing at:
# owner: Query-farm
# repository: vgi-python
# workflow: release.yml
# environment: pypi
# The `vgi-python` and `vgi-fixtures` versions must match the released tag.
on:
release:
types: [published]
permissions:
contents: read
jobs:
build:
name: Build distributions
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v7
- name: Install uv
uses: astral-sh/setup-uv@v8.2.0
- name: Build vgi (sdist + wheel)
run: uv build --sdist --wheel --out-dir dist-vgi .
- name: Build vgi-fixtures (wheel only)
run: uv build --wheel --out-dir dist-fixtures packages/vgi-fixtures
- name: Validate metadata
run: uvx twine check dist-vgi/* dist-fixtures/*
- name: Upload vgi artifacts
uses: actions/upload-artifact@v7
with:
name: dist-vgi
path: dist-vgi/
- name: Upload vgi-fixtures artifacts
uses: actions/upload-artifact@v7
with:
name: dist-fixtures
path: dist-fixtures/
build-docker-image:
name: Build & push vgi-fixtures image (${{ matrix.short }})
needs: build
runs-on: ubuntu-latest
permissions:
contents: read
packages: write # push to GHCR
# One image per fixture worker, selected via the VGI_FIXTURE_WORKER build arg.
# The VGI extension's container transport uses plain `oci://…` string
# LOCATIONs (no struct env), so the worker must be baked into the tag rather
# than passed at runtime. Tags: ghcr.io/query-farm/vgi-fixtures:<ver>-<short>
# (plus :<ver> and :latest for the base worker). max-parallel: 1 so the heavy
# pip-install layer is built once and reused from the gha cache by the rest.
strategy:
fail-fast: false
max-parallel: 1
matrix:
include:
- { short: worker, worker: vgi-fixture-worker, latest: true }
- { short: versioned, worker: vgi-fixture-versioned-worker }
- { short: versioned-tables, worker: vgi-fixture-versioned-tables-worker }
- { short: attach-options, worker: vgi-fixture-attach-options-worker }
- { short: bad-protocol, worker: vgi-fixture-bad-protocol-worker }
- { short: bad-enum, worker: vgi-fixture-bad-enum-worker }
- { short: simple-writable, worker: vgi-fixture-simple-writable-worker }
steps:
- uses: actions/checkout@v7
# The image installs the exact wheels this release publishes.
- name: Download vgi wheel
uses: actions/download-artifact@v8
with:
name: dist-vgi
path: dist
- name: Download vgi-fixtures wheel
uses: actions/download-artifact@v8
with:
name: dist-fixtures
path: dist
- name: Compute image tags
id: meta
run: |
ver="${{ github.event.release.tag_name }}"
ver="${ver#v}" # normalize a leading v (v0.8.2 -> 0.8.2)
img="ghcr.io/query-farm/vgi-fixtures"
tags="$img:$ver-${{ matrix.short }}"
if [ "${{ matrix.latest }}" = "true" ]; then
tags="$tags,$img:$ver,$img:latest"
fi
echo "tags=$tags" >> "$GITHUB_OUTPUT"
- uses: docker/setup-buildx-action@v3
- name: Log in to GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build & push
uses: docker/build-push-action@v6
with:
context: .
file: packages/vgi-fixtures/docker/Dockerfile
platforms: linux/amd64
build-args: |
VGI_FIXTURE_WORKER=${{ matrix.worker }}
tags: ${{ steps.meta.outputs.tags }}
push: true
cache-from: type=gha
cache-to: type=gha,mode=max
publish-vgi:
name: Publish vgi to PyPI
needs: build
runs-on: ubuntu-latest
environment: pypi
permissions:
id-token: write # required for Trusted Publishing
steps:
- name: Download vgi artifacts
uses: actions/download-artifact@v8
with:
name: dist-vgi
path: dist/
- name: Publish vgi
uses: pypa/gh-action-pypi-publish@release/v1
publish-vgi-fixtures:
name: Publish vgi-fixtures to PyPI
needs: build
runs-on: ubuntu-latest
environment: pypi
# Disabled until a Trusted Publisher exists for the `vgi-fixtures`
# project on PyPI (blocked on a PyPI new-project limit). The wheel is
# still built + metadata-checked above; only the upload is skipped, so
# vgi-python releases cleanly. Re-enable (delete this `if`) once the
# publisher is configured.
if: false
permissions:
id-token: write # required for Trusted Publishing
steps:
- name: Download vgi-fixtures artifacts
uses: actions/download-artifact@v8
with:
name: dist-fixtures
path: dist/
- name: Publish vgi-fixtures
uses: pypa/gh-action-pypi-publish@release/v1