Skip to content
Publish Release

Add fetch, delete, and TTL documentation to user guides #15

Sign in to view logs

Add fetch, delete, and TTL documentation to user guides

Add fetch, delete, and TTL documentation to user guides #15

Workflow file for this run

.github/workflows/release-new.yml at 2bbe8b2
name: Publish Release
on:
push:
branches: [main]
workflow_dispatch: {}
permissions:
contents: write
issues: write
pull-requests: write
concurrency:
group: publish-release-${{ github.ref }}
cancel-in-progress: false
env:
PYTHON_VERSION: "3.11"
UV_VERSION: "0.7.13"
AUTO_VERSION: "11.3.6"
RELEASE_BOT_NAME: "applied-ai-releases[bot]"
RELEASE_BOT_EMAIL: "applied-ai-releases[bot]@users.noreply.github.com"
jobs:
gate:
name: Gate on merged PR label
runs-on: ubuntu-latest
# Prevent infinite loops from the bot's "chore(release)" commit.
if: github.actor != 'applied-ai-releases[bot]'
outputs:
should_release: ${{ steps.find_pr.outputs.should_release }}
pr_number: ${{ steps.find_pr.outputs.pr_number }}
steps:
- name: Find merged PR for this commit and check labels
id: find_pr
uses: actions/github-script@v7
with:
script: |
const owner = context.repo.owner;
const repo = context.repo.repo;
const sha = context.sha;
// For workflow_dispatch there may not be an associated PR;
// allow manual runs by setting should_release=true only if you want that behavior.
// Here we keep it strict: only release if we can find a PR with auto:release.
const pulls = await github.rest.repos.listPullRequestsAssociatedWithCommit({
owner, repo, commit_sha: sha
});
if (!pulls.data.length) {
core.setOutput("should_release", "false");
core.setOutput("pr_number", "");
core.notice(`No PR associated with commit ${sha}. Not releasing.`);
return;
}
// Pick the merged PR targeting main (most common).
const pr = pulls.data.find(p => p.merged_at && p.base?.ref === "main") ?? pulls.data[0];
const labels = (pr.labels || []).map(l => l.name);
core.setOutput("pr_number", String(pr.number));
const should = labels.includes("auto:release");
core.setOutput("should_release", should ? "true" : "false");
core.notice(`PR #${pr.number} labels: ${labels.join(", ")}`);
core.notice(`should_release=${should}`);
canary-build:
runs-on: ubuntu-latest
needs: gate
if: needs.gate.outputs.should_release == 'true'
steps:
- name: Check out repository
uses: actions/checkout@v6
with:
ref: main
fetch-depth: 0
- name: Install Python
uses: actions/setup-python@v6
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Install uv
uses: astral-sh/setup-uv@v6
with:
version: ${{ env.UV_VERSION }}
enable-cache: true
python-version: ${{ env.PYTHON_VERSION }}
cache-dependency-glob: |
pyproject.toml
uv.lock
- name: Install dependencies
run: uv sync --frozen
- name: Check that package can be built
run: uv build
release:
runs-on: ubuntu-latest
needs: [gate, canary-build]
if: needs.gate.outputs.should_release == 'true'
steps:
- name: Generate GitHub App token
id: app_token
uses: actions/create-github-app-token@v2
with:
app-id: 2959093
private-key: ${{ secrets.RELEASE_BOT_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- name: Checkout code
uses: actions/checkout@v6
with:
ref: main
fetch-depth: 0
fetch-tags: true
token: ${{ steps.app_token.outputs.token }}
- name: Download and install auto
run: |
curl -L https://github.com/intuit/auto/releases/download/v${{ env.AUTO_VERSION }}/auto-linux.gz -o auto-linux.gz
gunzip auto-linux.gz
chmod +x auto-linux
sudo mv auto-linux /usr/local/bin/auto
auto --version
- name: Sanity check
env:
GH_TOKEN: ${{ steps.app_token.outputs.token }}
run: |
set -euo pipefail
auto shipit --name "${RELEASE_BOT_NAME}" --email "${RELEASE_BOT_EMAIL}" --dry-run -v
- name: Resolve release version
id: latest_release
env:
GH_TOKEN: ${{ steps.app_token.outputs.token }}
run: |
set -euo pipefail
RAW_VERSION="$(auto shipit --name "${RELEASE_BOT_NAME}" --email "${RELEASE_BOT_EMAIL}" --dry-run --quiet | tail -n1 | tr -d '\r')"
VERSION="${RAW_VERSION#v}"
if [ -z "$VERSION" ]; then
echo "Could not resolve release version"
exit 1
fi
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
echo "Resolved version: $VERSION"
- name: Apply release version to pyproject.toml
run: |
set -euo pipefail
VERSION="${{ steps.latest_release.outputs.version }}"
sed -i "s/^version = \".*\"$/version = \"${VERSION}\"/" pyproject.toml
grep '^version = ' pyproject.toml
- name: Commit and push version bump
env:
GH_TOKEN: ${{ steps.app_token.outputs.token }}
run: |
set -euo pipefail
if git diff --quiet -- pyproject.toml; then
echo "No pyproject version change to commit."
else
git config user.name "${RELEASE_BOT_NAME}"
git config user.email "${RELEASE_BOT_EMAIL}"
git add pyproject.toml
# Include [skip ci] to avoid running the workflow again on this bot commit.
git commit -m "chore(release): set pyproject version to ${{ steps.latest_release.outputs.version }} [skip ci]"
git push origin HEAD:main
fi
- name: Create labels
env:
GH_TOKEN: ${{ steps.app_token.outputs.token }}
run: auto create-labels
- name: Create release
env:
GH_TOKEN: ${{ steps.app_token.outputs.token }}
run: auto shipit --name "${RELEASE_BOT_NAME}" --email "${RELEASE_BOT_EMAIL}" --no-changelog
build-and-publish:
runs-on: ubuntu-latest
needs: [gate, release]
if: needs.gate.outputs.should_release == 'true'
steps:
- name: Check out repository
uses: actions/checkout@v6
with:
ref: main
fetch-depth: 0
- name: Install Python
uses: actions/setup-python@v6
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Install uv
uses: astral-sh/setup-uv@v6
with:
version: ${{ env.UV_VERSION }}
enable-cache: true
python-version: ${{ env.PYTHON_VERSION }}
cache-dependency-glob: |
pyproject.toml
uv.lock
- name: Install dependencies
run: uv sync --frozen
- name: Build package
run: uv build
- name: Publish to PyPI
env:
UV_PUBLISH_TOKEN: ${{ secrets.PYPI }}
run: uv publish