ci: add reusable workflows #10

Workflow file for this run

.github/workflows/release_publish.yml at c3d6079

	name: "Release: Publish"
	run-name: "Release: ${{ github.event.head_commit.message }}"

	on:
	push:
	branches:
	- mainline
	paths:
	- CHANGELOG.md

	concurrency:
	group: release

	jobs:
	Publish:
	name: Publish Release
	permissions:
	id-token: write
	contents: read
	<<<<<<< Updated upstream
Check failure on line 20 in .github/workflows/release_publish.yml View workflow run for this annotation GitHub Actions / .github/workflows/release_publish.yml Invalid workflow file `You have an error in your yaml syntax on line 20`
	env:
	CODEARTIFACT_REGION: "us-west-2"
	CODEARTIFACT_DOMAIN: ${{ secrets.CODEARTIFACT_DOMAIN }}
	CODEARTIFACT_ACCOUNT_ID: ${{ secrets.CODEARTIFACT_ACCOUNT_ID }}
	CODEARTIFACT_REPOSITORY: ${{ secrets.CODEARTIFACT_REPOSITORY }}
	CUSTOMER_DOMAIN: ${{ secrets.CUSTOMER_DOMAIN }}
	CUSTOMER_REPOSITORY: ${{ secrets.CUSTOMER_REPOSITORY }}
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	ref: release
	fetch-depth: 0

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_CODEARTIFACT_ROLE }}
	aws-region: us-west-2
	mask-aws-account-id: true

	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: '3.9'

	- name: Install dependencies
	run: \|
	pip install --upgrade hatch
	pip install --upgrade twine

	- name: Build
	run: hatch build

	- name: Publish to Repository
	run: \|
	export TWINE_USERNAME=aws
	export TWINE_PASSWORD=`aws codeartifact get-authorization-token --domain ${{ secrets.CODEARTIFACT_DOMAIN }} --domain-owner ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} --query authorizationToken --output text`
	export TWINE_REPOSITORY_URL=`aws codeartifact get-repository-endpoint --domain ${{ secrets.CODEARTIFACT_DOMAIN }} --domain-owner ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} --repository ${{ secrets.CODEARTIFACT_REPOSITORY }} --format pypi --query repositoryEndpoint --output text`
	twine upload dist/*

	- name: Publish to Customer Repository
	run: \|
	export TWINE_USERNAME=aws
	export TWINE_PASSWORD=`aws codeartifact get-authorization-token --domain ${{ secrets.CUSTOMER_DOMAIN }} --domain-owner ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} --query authorizationToken --output text`
	export TWINE_REPOSITORY_URL=`aws codeartifact get-repository-endpoint --domain ${{ secrets.CUSTOMER_DOMAIN }} --domain-owner ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} --repository ${{ secrets.CUSTOMER_REPOSITORY }} --format pypi --query repositoryEndpoint --output text`
	twine upload dist/*

	# # See https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-pypi
	- name: Publish to PyPI
	uses: pypa/gh-action-pypi-publish@release/v1

	PublishToInternal:
	needs: Release
	runs-on: ubuntu-latest
	environment: release
	permissions:
	id-token: write
	steps:
	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_CODEBUILD_RELEASE_PUBLISH_ROLE }}
	aws-region: us-west-2
	mask-aws-account-id: true

	- name: Run CodeBuild
	uses: aws-actions/aws-codebuild-run-build@v1
	with:
	project-name: ${{ github.event.repository.name }}-release-Publish
	hide-cloudwatch-logs: true
	=======
	uses: OpenJobDescription/.github/.github/workflows/reusable_publish.yml@mainline
	secrets: inherit
	>>>>>>> Stashed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci: add reusable workflows #10

Workflow file

ci: add reusable workflows #10

Jobs

Run details

Workflow file for this run

GitHub Actions / .github/workflows/release_publish.yml