.github/workflows/release.yaml

name: Release
run-name: Release ${{ inputs.project_path }}
on:
  workflow_dispatch:
    inputs:
      project_path:
        description: The path to the Python project
        required: true
        type: string
jobs:
  build:
    name: Build distribution 📦
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
    - name: Check if the project path exists
      run: test -d ${{ inputs.project_path }}
    - name: Extract package details
      id: package-details
      run: |
        package_version=$(sed -n "s/.*__version__ = \"\(.*\)\".*/\1/p" "zav/agents_sdk/version.py")
        package_name=$(sed -n "s/.*name=\"\(.*\)\".*/\1/p" "setup.py")
        github_tag="$package_name-$package_version"

        echo "package_name=$package_name" >> $GITHUB_OUTPUT
        echo "package_version=$package_version" >> $GITHUB_OUTPUT
        echo "github_tag=$github_tag" >> $GITHUB_OUTPUT
      working-directory: ${{ inputs.project_path }}
    - name: Verify that the project doesn't have the private classifier
      run: |
        grep -q "Private :: Do Not Upload" setup.py && exit 1 || exit 0
      working-directory: ${{ inputs.project_path }}
    - name: Verify that the tag doesn't exist
      run: |
        git rev-parse ${{ steps.package-details.outputs.github_tag }} && exit 1 || exit 0
      working-directory: ${{ inputs.project_path }}
    - name: Set up Python
      uses: actions/setup-python@v5
      with:
        python-version: "3.x"
    - name: Install pypa/build
      run: >-
        python3 -m
        pip install
        build
        --user
    - name: Build a binary wheel and a source tarball
      run: python3 -m build
      working-directory: ${{ inputs.project_path }}
    - name: Store the distribution packages
      uses: actions/upload-artifact@v3
      with:
        name: python-package-distributions
        path: ${{ inputs.project_path }}/dist/
    outputs:
      package_name: ${{ steps.package-details.outputs.package_name }}
      package_version: ${{ steps.package-details.outputs.package_version }}
      github_tag: ${{ steps.package-details.outputs.github_tag }}
  github-release:
    name: >-
      Sign the ${{ needs.build.outputs.package_name }} distribution 📦 with Sigstore
      and upload them to GitHub Release
    needs:
    - build
    runs-on: ubuntu-latest
    permissions:
      contents: write  # IMPORTANT: mandatory for making GitHub Releases
      id-token: write  # IMPORTANT: mandatory for sigstore
    steps:
    - name: Download all the dists
      uses: actions/download-artifact@v3
      with:
        name: python-package-distributions
        path: dist/
    - name: Sign the dists with Sigstore
      uses: sigstore/gh-action-sigstore-python@v2.1.1
      with:
        inputs: >-
          ./dist/*.tar.gz
          ./dist/*.whl
    - name: Create GitHub Release
      env:
        GITHUB_TOKEN: ${{ github.token }}
      run: >-
        gh release create
        '${{ needs.build.outputs.github_tag }}'
        --repo '${{ github.repository }}'
        --generate-notes
    - name: Upload artifact signatures to GitHub Release
      env:
        GITHUB_TOKEN: ${{ github.token }}
      # Upload to GitHub Release using the `gh` CLI.
      # `dist/` contains the built packages, and the
      # sigstore-produced signatures and certificates.
      run: >-
        gh release upload
        '${{ needs.build.outputs.github_tag }}' dist/**
        --repo '${{ github.repository }}'
  publish-to-testpypi:
    name: Publish the ${{ needs.build.outputs.package_name }} distribution 📦 to TestPyPI
    needs:
    - build
    - github-release
    runs-on: ubuntu-latest
    environment:
      name: testpypi
      url: https://test.pypi.org/p/${{ needs.build.outputs.package_name }}
    permissions:
      id-token: write  # IMPORTANT: mandatory for trusted publishing
    steps:
    - name: Download all the dists
      uses: actions/download-artifact@v3
      with:
        name: python-package-distributions
        path: dist/
    - name: Publish distribution 📦 to TestPyPI
      uses: pypa/gh-action-pypi-publish@release/v1
      with:
        repository-url: https://test.pypi.org/legacy/
  publish-to-pypi:
    name: Publish the ${{ needs.build.outputs.package_name }} distribution 📦 to PyPI
    if: github.ref == 'refs/heads/master'
    needs:
    - build
    - publish-to-testpypi
    runs-on: ubuntu-latest
    environment:
      name: pypi
      url: https://pypi.org/p/${{ needs.build.outputs.package_name }}
    permissions:
      id-token: write  # IMPORTANT: mandatory for trusted publishing
    steps:
    - name: Download all the dists
      uses: actions/download-artifact@v3
      with:
        name: python-package-distributions
        path: dist/
    - name: Publish distribution 📦 to PyPI
      uses: pypa/gh-action-pypi-publish@release/v1