python_release.yml

# This file is autogenerated by maturin v1.4.0
# To update, run
#
#    maturin generate-ci github
#
name: python-release

# adapted from https://github.com/astral-sh/ruff/blob/main/.github/workflows/release.yaml
on:
  workflow_dispatch:
    inputs:
      tag:
        description: "The version to tag, without the leading 'v'. If omitted, will initiate a dry run (no uploads)."
        type: string
      sha:
        description: "The full sha of the commit to be released. If omitted, the latest commit on the default branch will be used."
        default: ""
        type: string
  pull_request:
    paths:
      # When we change pyproject.toml, we want to ensure that the maturin builds still work
      - pyproject.toml
      # And when we change this workflow itself...
      - .github/workflows/python_release.yaml


permissions:
  contents: read

jobs:
  linux:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12"]
        target: [x86_64]
    steps:
      - uses: actions/checkout@v3
        with:
          ref: ${{ inputs.sha }}
      - name: Set up Python ${{ matrix.python-version }}
        uses: actions/setup-python@v4
        with:
          python-version: ${{ matrix.python-version }}
      - name: Build wheels
        uses: PyO3/maturin-action@v1
        with:
          target: ${{ matrix.target }}
          args: --release --out dist --interpreter python${{ matrix.python-version }} --manifest-path crates/python/Cargo.toml
          sccache: 'true'
          manylinux: auto
      - name: Upload wheels
        uses: actions/upload-artifact@v3
        with:
          name: wheels
          path: dist

  windows:
    runs-on: windows-latest
    strategy:
      matrix:
        python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12"]
        target: [x64]
    steps:
      - uses: actions/checkout@v3
        with:
          ref: ${{ inputs.sha }}
      - name: Set up Python ${{ matrix.python-version }}
        uses: actions/setup-python@v4
        with:
          python-version: ${{ matrix.python-version }}
          architecture: ${{ matrix.target }}
      - name: Build wheels
        uses: PyO3/maturin-action@v1
        with:
          target: ${{ matrix.target }}
          args: --release --out dist --interpreter python${{ matrix.python-version }} --manifest-path crates/python/Cargo.toml
          sccache: 'true'
      - name: Upload wheels
        uses: actions/upload-artifact@v3
        with:
          name: wheels
          path: dist

  macos:
    runs-on: macos-latest
    strategy:
      matrix:
        python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12"]
        target: [x86_64, aarch64]
    steps:
      - uses: actions/checkout@v3
        with:
          ref: ${{ inputs.sha }}
      - name: Set up Python ${{ matrix.python-version }}
        uses: actions/setup-python@v4
        with:
          python-version: ${{ matrix.python-version }}
      - name: Build wheels
        uses: PyO3/maturin-action@v1
        with:
          target: ${{ matrix.target }}
          args: --release --out dist --interpreter python${{ matrix.python-version }} --manifest-path crates/python/Cargo.toml
          sccache: 'true'
      - name: Upload wheels
        uses: actions/upload-artifact@v3
        with:
          name: wheels
          path: dist

  sdist:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
        with:
          ref: ${{ inputs.sha }}
      - name: Build sdist
        uses: PyO3/maturin-action@v1
        with:
          command: sdist
          args: --out dist --manifest-path crates/python/Cargo.toml
      - name: Upload sdist
        uses: actions/upload-artifact@v3
        with:
          name: wheels
          path: dist

  # adapted from https://github.com/astral-sh/ruff/blob/main/.github/workflows/release.yaml
  validate-tag:
    name: Validate tag
    runs-on: ubuntu-latest
    # If you don't set an input tag, it's a dry run (no uploads).
    if: ${{ inputs.tag }}
    steps:
      - uses: actions/checkout@v4
        with:
          ref: main # We checkout the main branch to check for the commit
      - name: Check main branch
        if: ${{ inputs.sha }}
        run: |
          # Fetch the main branch since a shallow checkout is used by default
          git fetch origin main --unshallow
          if ! git branch --contains ${{ inputs.sha }} | grep -E '(^|\s)main$'; then
            echo "The specified sha is not on the main branch" >&2
            exit 1
          fi
      - name: Check tag consistency
        run: |
          # Switch to the commit we want to release
          git checkout ${{ inputs.sha }}
          version=$(grep "version = " pyproject.toml | sed -e 's/version = "\(.*\)"/\1/g')
          if [ "${{ inputs.tag }}" != "${version}" ]; then
            echo "The input tag does not match the version from pyproject.toml:" >&2
            echo "${{ inputs.tag }}" >&2
            echo "${version}" >&2
            exit 1
          else
            echo "Releasing ${version}"
          fi

  release:
    name: Release
    runs-on: ubuntu-latest
    if: "startsWith(github.ref, 'refs/tags/')"
    needs:
      - linux
      - windows
      - macos
      - sdist
      - validate-tag
    environment:
      name: pypi
      url: https://pypi.org/p/cryo-python
    permissions:
      id-token: write
    steps:
      - uses: actions/download-artifact@v3
        with:
          name: wheels
      - name: Publish package distributions to PyPI
        uses: pypa/gh-action-pypi-publish@release/v1
        with:
          skip-existing: true
          packages-dir: ./