Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: npm and pypi publish workflows #8

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat: npm and pypi publish workflows #8

wants to merge 3 commits into from

Conversation

MDzaja
Copy link
Collaborator

@MDzaja MDzaja commented Feb 7, 2025

This PR introduces two GitHub Actions for automated package publishing:

  1. Publish to PyPI: Automates the publishing of Python package to PyPI.
  2. Publish to npm: Automates the publishing of TypeScript package to npm.

Both workflows can be triggered either by pushing a Git tag or manually via the GitHub interface. The version for publishing must adhere to one of the following formats: vX.Y, vX.Y.Z, vX.Y.ZaN, vX.Y.ZbN, vX.Y.ZrcN. When triggered manually, the version input should follow the same format. Packages are published without v prefix.

Additional Things to Discuss:

  • Author Metadata: The author information in packages/python/pyproject.toml currently uses placeholders and should probably be updated to reflect the Daytona organization ({ name = "dummy", email = "[email protected]" }). Let me know what to write there.

Key Updates:

  • Versions in package.json and pyproject.toml are set to 0.0.0 and managed dynamically during the publishing process.
  • NPM tags are assigned based on the version suffix:
    • latest for stable releases (e.g., v1.0.0)
    • alpha, beta, release-candidate for pre-releases (e.g., v1.0.0a1, v1.0.0b1, v1.0.0rc1)

Post-Merge Actions:

  1. Permissions Setup:

    • Restrict who can manually trigger these workflows.
    • Limit Git tag creation permissions to authorized users.

  2. Authentication Setup:

    • PyPI: Register the repository as a Trusted Publisher.
    • npm: Ensure NPM_TOKEN is securely stored in GitHub Secrets.

Tpuljak
Tpuljak requested changes Feb 7, 2025
View reviewed changes
.github/workflows/publish_to_npm.yaml Outdated
echo "PACKAGE_VERSION=$PACKAGE_VERSION" >> $GITHUB_ENV

# Determine npm tag based on version suffix
if [[ "$PACKAGE_VERSION" =~ a[0-9]+$ ]]; then
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We follow this convention for pre-releases

v0.0.0-alpha.1
v0.0.0-beta.2
v0.0.0-rc.3

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@MDzaja this doesn't seem to be addressed

Tpuljak
Tpuljak requested changes Feb 27, 2025
View reviewed changes
packages/python/pyproject.toml
authors = [
{ name = "Vedran Jukic", email = "vedran.jukic@gmail.com" },
{ name = "dummy", email = "dummy@mail.com" }, # TODO: publish-pipeline; change to daytona-org
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change to name = Daytona, email = [email protected]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Tpuljak Tpuljak Tpuljak requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MDzaja @Tpuljak