Skip to content

Bump pypa/gh-action-pypi-publish in the github-actions group (#135) #406

Bump pypa/gh-action-pypi-publish in the github-actions group (#135)

Bump pypa/gh-action-pypi-publish in the github-actions group (#135) #406

Workflow file for this run

name: build
on:
push:
branches:
- master
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
pull_request:
jobs:
build:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
python: ["3.10", "3.11", "3.12", "3.13"]
os: [ubuntu-latest, windows-latest]
steps:
- uses: actions/[email protected]
- name: Set up Python
uses: actions/[email protected]
with:
python-version: ${{ matrix.python }}
- name: Install tox
run: |
python -m pip install --upgrade pip
pip install tox
- name: Test
run: |
tox -e py
- name: Upload coverage reports to Codecov
uses: codecov/[email protected]
with:
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: true
deploy:
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/[email protected]
- name: Set up Python
uses: actions/[email protected]
with:
python-version: "3.x"
- name: Install wheel
run: |
python -m pip install --upgrade pip
pip install build
- name: Build package
run: |
python -m build
- name: Publish package to PyPI
uses: pypa/[email protected]
with:
user: __token__
password: ${{ secrets.pypi_token }}
attestations: true
- name: GitHub Release
uses: softprops/[email protected]
with:
files: dist/*
sonarcloud:
runs-on: ubuntu-latest
steps:
- uses: actions/[email protected]
with:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
- name: SonarCloud Scan
uses: sonarsource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}