publish-versions #3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Publish python-build-standalone version information to the versions repository. | |
| name: publish-versions | |
| on: | |
| workflow_call: | |
| inputs: | |
| tag: | |
| required: true | |
| type: string | |
| workflow_dispatch: | |
| inputs: | |
| tag: | |
| description: "Release tag to publish (e.g. 20260127)" | |
| required: true | |
| type: string | |
| dry-run: | |
| description: "Only generate metadata, skip PR creation" | |
| required: false | |
| type: boolean | |
| default: true | |
| permissions: {} | |
| jobs: | |
| publish-versions: | |
| runs-on: ubuntu-latest | |
| env: | |
| TAG: ${{ inputs.tag }} | |
| steps: | |
| - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| with: | |
| persist-credentials: false | |
| - name: "Install uv" | |
| uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0 | |
| - name: "Download SHA256SUMS" | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| mkdir -p dist | |
| gh release download "$TAG" --dir dist --pattern "SHA256SUMS" | |
| - name: "Generate versions metadata" | |
| env: | |
| GITHUB_EVENT_INPUTS_TAG: ${{ inputs.tag }} | |
| GITHUB_REPOSITORY: ${{ github.repository }} | |
| run: uv run generate-version-metadata.py > dist/versions.ndjson | |
| - name: "Validate metadata" | |
| run: | | |
| echo "Generated $(wc -l < dist/versions.ndjson) version entries" | |
| head -c 1000 dist/versions.ndjson | |
| - name: "Set branch name" | |
| if: inputs.dry-run != true | |
| run: echo "BRANCH_NAME=update-versions-$TAG-$(date +%s)" >> $GITHUB_ENV | |
| - name: "Clone versions repo" | |
| if: inputs.dry-run != true | |
| run: git clone https://${{ secrets.ASTRAL_VERSIONS_PAT }}@github.com/astral-sh/versions.git astral-versions | |
| - name: "Update versions" | |
| if: inputs.dry-run != true | |
| run: cat dist/versions.ndjson | uv run astral-versions/scripts/insert-versions.py --name python-build-standalone | |
| - name: "Commit versions" | |
| if: inputs.dry-run != true | |
| working-directory: astral-versions | |
| run: | | |
| git config user.name "astral-versions-bot" | |
| git config user.email "176161322+astral-versions-bot@users.noreply.github.com" | |
| git checkout -b "$BRANCH_NAME" | |
| git add -A | |
| git commit -m "Update python-build-standalone to $TAG" | |
| - name: "Create Pull Request" | |
| if: inputs.dry-run != true | |
| working-directory: astral-versions | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.ASTRAL_VERSIONS_PAT }} | |
| run: | | |
| pull_request_title="Update python-build-standalone versions for $TAG" | |
| gh pr list --state open --json title --jq ".[] | select(.title == \"$pull_request_title\") | .number" | \ | |
| xargs -I {} gh pr close {} | |
| git push origin "$BRANCH_NAME" | |
| gh pr create --base main --head "$BRANCH_NAME" \ | |
| --title "$pull_request_title" \ | |
| --body "Automated versions update for $TAG" \ | |
| --label "automation" | |
| - name: "Merge Pull Request" | |
| if: inputs.dry-run != true | |
| working-directory: astral-versions | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.ASTRAL_VERSIONS_PAT }} | |
| run: | | |
| # Wait for PR to be created before merging | |
| sleep 10 | |
| gh pr merge --squash "$BRANCH_NAME" |