Build a fully automated release pipeline

Hartorn · Hartorn · commit 684f98c3beef · 2023-10-02T18:03:59.000+02:00
diff --git a/.github/workflows/build-python.yml b/.github/workflows/build-python.yml
diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml
@@ -0,0 +1,55 @@
+name: Tag release
+
+on:
+  workflow_dispatch:
+    inputs:
+        version:
+          description: 'Tag to be created, in the form vX.Y.Z'
+          required: true
+          type: string
+
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check if organization member
+        id: is_organization_member
+        uses: JamesSingleton/is-organization-member@1.0.1
+        with:
+          organization: Giskard-AI
+          username: ${{ github.actor }}
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Interrupt job
+        if: ${{ steps.is_organization_member.outputs.result == 'false' }}
+        shell: bash
+        run: |
+          echo "Job failed due to user not being a member of Giskard-AI organization and the 'safe for build' label not being set on the PR"
+          exit 1
+
+      - name: Checkout code
+        uses: actions/checkout@v4.1.0
+        with:
+          fetch-tags: true
+          ref: main
+          token: ${{ secrets.RELEASE_PAT_TOKEN }} # Needed to trigger other actions
+
+      - name: Edit pyproject.toml
+        run:  sed -i "s/\^(version *= *\).*$/\1${{ inputs.version }}/" pyproject.toml
+
+      - name: Configure git
+        run:  |
+          git config --global user.name 'BotReleaser'
+          git config --global user.email 'bot.releaser@users.noreply.github.com'
+
+      - name: Adding file
+        run:  |
+          git add pyproject.toml
+          git commit -m "${{ inputs.version }}"
+          git tag ${{ inputs.version }}
+
+      - name: Push to main and tags
+        run: |
+          git push origin main
+          git push origin ${{ inputs.version }}
diff --git a/.github/workflows/do-release.yml b/.github/workflows/do-release.yml
@@ -0,0 +1,45 @@
+name: Tag release
+
+on:
+  push:
+    tags:
+      - "v*.*.*"
+permissions:
+  contents: write
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4.1.0
+      - name: Setup PDM
+        uses: pdm-project/setup-pdm@v3
+        with:
+          python-version: 3.10
+          cache: false
+      - name: Build dist
+        run: pdm build
+
+      - name: Release
+        id: github-release
+        uses: softprops/action-gh-release@v1
+        with:
+          fail_on_unmatched_files: true
+          generate_release_notes: true
+          files: |
+            dist/giskard-*.tar.gz
+            dist/giskard-*.whl
+
+      - name: Repository Dispatch
+        uses: peter-evans/repository-dispatch@v2
+        with:
+          token: ${{ secrets.RELEASE_PAT_TOKEN }}
+          event-type: trigger-release
+          repository: giskard-ai/giskard-hub
+          client-payload: |
+            {
+              "wheel_url": "${{ steps.github-release.outputs.assets[1].browser_download_url }}",
+              "version": "${{ github.ref_name }}",
+              "ref": "${{ github.ref }}",
+            }
diff --git a/.github/workflows/nightly-test.yml b/.github/workflows/nightly-test.yml
@@ -6,7 +6,7 @@ on:
 
 jobs:
   call-full-ci:
-    uses: ./.github/workflows/build_backend.yml
+    uses: ./.github/workflows/build-python.yml
     with:
       run-integration-tests: true
       use-cache: false
diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml
@@ -0,0 +1,40 @@
+name: Tag release
+
+on:
+  repository_dispatch:
+    types:
+      - post-release
+permissions:
+  contents: write
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check if organization member
+        id: is_organization_member
+        uses: JamesSingleton/is-organization-member@1.0.1
+        with:
+          organization: Giskard-AI
+          username: ${{ github.actor }}
+          token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Interrupt job
+        if: ${{ steps.is_organization_member.outputs.result == 'false' }}
+        shell: bash
+        run: |
+          echo "Job failed due to user not being a member of Giskard-AI organization and the 'safe for build' label not being set on the PR"
+          exit 1
+      - name: Checkout code
+        uses: actions/checkout@v4.1.0
+        with:
+          fetch-tags: true
+          ref: ${{ github.event.client_payload.version  }}
+
+      - name: Setup PDM
+        uses: pdm-project/setup-pdm@v3
+        with:
+          python-version: 3.10
+          cache: false
+
+      - name: Push to Pipy
+        run: pdm publish --username ${{ secrets.PIPY_USERNAME }} --password ${{ secrets.PIPY_PASSWORD }}
