0.12.11 🌈 #47
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # .github/workflows/publish.yml | |
| name: Publish | |
| on: | |
| release: | |
| types: [published] | |
| workflow_dispatch: | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 | |
| - name: Setup Python | |
| uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 | |
| with: | |
| python-version: '3.7' | |
| - name: Install dependencies | |
| run: | | |
| pip install -r requirements.txt | |
| pip install -r requirements-dev.txt | |
| - run: invoke build.install-package | |
| - run: invoke integration.clean | |
| - run: invoke integration.version | |
| - run: invoke integration.initialize | |
| - run: invoke unit.pytest | |
| - run: invoke test.security | |
| - run: invoke integration.query | |
| - run: invoke integration.write-policy | |
| - run: invoke build.uninstall-package | |
| publish-package: | |
| needs: test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 | |
| - name: Set up Python 3.7 | |
| uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 | |
| with: | |
| python-version: '3.7' | |
| - name: Install dependencies | |
| run: | | |
| pip install -r requirements.txt | |
| pip install -r requirements-dev.txt | |
| - name: create python package | |
| run: | | |
| git config --local user.email "[email protected]" | |
| git config --local user.name "GitHub Action" | |
| git fetch --tags | |
| git pull origin master | |
| pip install setuptools wheel twine | |
| python -m setup sdist bdist_wheel | |
| - name: Publish package | |
| uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14 | |
| with: | |
| password: ${{ secrets.PYPI_PASSWORD }} | |
| update-brew: | |
| needs: publish-package | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 | |
| - name: Set up Python 3.7 | |
| uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 | |
| with: | |
| python-version: '3.7' | |
| - name: publish brew | |
| run: | | |
| sleep 5m | |
| git config --local user.email "[email protected]" | |
| git config --local user.name "GitHub Action" | |
| pip install homebrew-pypi-poet | |
| pip install policy_sentry -U | |
| git fetch origin | |
| git checkout --track origin/master | |
| latest_tag=$(git describe --tags "$(git rev-list --tags --max-count=1)") | |
| echo "latest tag: $latest_tag" | |
| git pull origin "$latest_tag" | |
| poet -f policy_sentry > HomebrewFormula/policy_sentry.rb | |
| git add . | |
| git commit -m "update brew formula" policy_sentry/bin/cli.py HomebrewFormula/policy_sentry.rb || echo "No brew changes to commit" | |
| git push -u origin master | |
| bump-version: | |
| needs: update-brew | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 | |
| with: | |
| ref: master | |
| - name: Bump version | |
| run: | | |
| version_file="policy_sentry/bin/version.py" | |
| git config --local user.email "[email protected]" | |
| git config --local user.name "GitHub Action" | |
| git fetch --tags | |
| git pull origin master | |
| latest_tag=$(git describe --tags "$(git rev-list --tags --max-count=1)") | |
| echo "latest tag: $latest_tag" | |
| new_tag=$(echo "$latest_tag" | awk -F. -v a="$1" -v b="$2" -v c="$3" '{printf("%d.%d.%d", $1+a, $2+b , $3+1)}') | |
| echo "new tag: $new_tag" | |
| printf "# pylint: disable=missing-module-docstring\n__version__ = \"%s\"\n""" "$new_tag" > $version_file | |
| git commit -m "Bump to ${new_tag}" $version_file || echo "No changes to commit" | |
| git push origin |