Delete statline/.keys.json #35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish (PyPI / TestPyPI / GitHub Packages) | |
| on: | |
| push: {} | |
| workflow_dispatch: | |
| inputs: | |
| target: | |
| description: "Manual publish target (PyPI/TestPyPI)" | |
| required: true | |
| default: "pypi" | |
| type: choice | |
| options: [pypi, testpypi] | |
| permissions: | |
| contents: read | |
| packages: write | |
| jobs: | |
| build: | |
| name: Build sdist & wheel | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: astral-sh/setup-uv@v4 | |
| with: | |
| python-version: "3.13" | |
| - run: uv venv --python 3.13 | |
| - run: uv pip install build twine | |
| - name: Build | |
| run: uv run python -m build | |
| - name: Twine check | |
| run: uv run python -m twine check dist/* | |
| - name: Verify tag matches project.version | |
| if: startsWith(github.ref, 'refs/tags/') | |
| run: | | |
| uv run python - <<'PY' | |
| import os, sys, pathlib | |
| try: | |
| import tomllib | |
| except Exception: | |
| print("Python >=3.11 required for tomllib in this step.", file=sys.stderr) | |
| sys.exit(2) | |
| tag = os.environ["GITHUB_REF_NAME"] | |
| want = tag[1:] if tag.startswith("v") else tag | |
| data = tomllib.loads(pathlib.Path("pyproject.toml").read_text(encoding="utf-8")) | |
| have = data["project"]["version"] | |
| if have != want: | |
| print(f"Tag {tag} != pyproject version {have}", file=sys.stderr) | |
| sys.exit(1) | |
| print(f"Version OK: {have}") | |
| PY | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist/* | |
| publish-pypi: | |
| name: Publish to PyPI (token) | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist | |
| - name: Load PyPI token | |
| shell: bash | |
| run: echo "PYPI_TOKEN=${{ secrets.PYPI_API_TOKEN }}" >> "$GITHUB_ENV" | |
| - id: gate | |
| name: "Gate: require token" | |
| shell: bash | |
| run: | | |
| if [ -n "${PYPI_TOKEN:-}" ]; then | |
| echo "ok=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "ok=false" >> "$GITHUB_OUTPUT" | |
| echo "PYPI token not configured; skipping publish." | |
| fi | |
| - name: Publish (PyPI via token) | |
| if: steps.gate.outputs.ok == 'true' | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| packages-dir: dist | |
| password: ${{ env.PYPI_TOKEN }} | |
| skip-existing: true | |
| verbose: true | |
| publish-testpypi: | |
| name: Publish to TestPyPI (token) | |
| needs: build | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name == 'workflow_dispatch' && inputs.target == 'testpypi' }} | |
| steps: | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist | |
| - name: Load TestPyPI token | |
| shell: bash | |
| run: echo "TEST_PYPI_TOKEN=${{ secrets.TEST_PYPI_API_TOKEN }}" >> "$GITHUB_ENV" | |
| - id: gate | |
| name: "Gate: require token" | |
| shell: bash | |
| run: | | |
| if [ -n "${TEST_PYPI_TOKEN:-}" ]; then | |
| echo "ok=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "ok=false" >> "$GITHUB_OUTPUT" | |
| echo "TestPyPI token not configured; skipping publish." | |
| fi | |
| - name: Publish (TestPyPI via token) | |
| if: steps.gate.outputs.ok == 'true' | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ | |
| packages-dir: dist | |
| password: ${{ env.TEST_PYPI_TOKEN }} | |
| skip-existing: true | |
| verbose: true |