3232 - name : Set up Python
3333 uses : actions/setup-python@v5
3434 with :
35- python-version-file : . python-version
35+ python-version-file : " .github/workflows/. python-version"
3636
3737 - name : Upload built package artifacts
3838 uses : actions/upload-artifact@v4
@@ -65,16 +65,11 @@ jobs:
6565 description : " Release notes body extracted from CHANGELOG.md"
6666 value : ${{ steps.changelog.outputs.changes }} # Output the extracted changelog body
6767
68- # Job 2: Publish to Production PyPI
69- # This job runs only if Job 1 completes successfully (implicit dependency)
70- # and only on tag push events (NOT manual dispatch for production).
7168 publish_pypi :
7269 name : Publish to Production PyPI
7370 runs-on : ubuntu-latest
74- # This job explicitly depends on build_and_testpypi completing successfully
7571 needs : build_and_testpypi
7672
77- # Only run on tag push events, NOT on manual dispatch for the final PyPI publish
7873 if : " github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')"
7974 steps :
8075 - name : Download package artifacts
@@ -86,31 +81,22 @@ jobs:
8681 - name : Set up Python
8782 uses : actions/setup-python@v5
8883 with :
89- python-version-file : . python-version
84+ python-version-file : " .github/workflows/. python-version"
9085
9186 - name : Set up uv
9287 uses : astral-sh/setup-uv@v6
9388
94- # --- Publish to Production PyPI Step ---
9589 - name : Publish to PyPI
96- # Execute the Task Automation publish session for Production PyPI.
97- # Calls uv publish dist/* which defaults to pypi.org (Topic 10).
98- # Configure Production PyPI credentials securely.
9990 env :
100- # Production PyPI credentials stored as secrets in GitHub Settings -> Secrets
10191 TWINE_USERNAME : __token__
102- TWINE_PASSWORD : ${{ secrets.PYPI_API_TOKEN }} # Use GitHub Encrypted Secret
103- # Optional: TWINE_REPOSITORY if publishing to a custom production index
104- run : uvx nox -s publish-package # Call the publish-package session (defaults to pypi.org)
92+ TWINE_PASSWORD : ${{ secrets.PYPI_API_TOKEN }}
93+ run : uvx nox -s publish-python
10594
106- # Job 3: Create GitHub Release (Runs regardless of PyPI publish success, relies on build job for info/artifacts)
10795 create_github_release :
10896 name : Create GitHub Release
10997 runs-on : ubuntu-latest
110- # Needs the build job (which includes getting changelog)
11198 needs : build_and_testpypi
11299
113- # Only run this job if triggered by a tag push
114100 if : " github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')"
115101
116102 steps :
@@ -124,18 +110,10 @@ jobs:
124110 run : echo "tag=${{ github.ref_name }}" >> $GITHUB_OUTPUT
125111
126112 - name : Create GitHub Release
127- # Uses a standard action to create a release in GitHub based on the tag.
128113 uses : softprops/action-gh-release@v2
129114 with :
130- # The Git tag the release is associated with
131115 tag_name : ${{ steps.get_tag.outputs.tag }}
132- # The name of the release (often the same as the tag)
133116 name : Release ${{ steps.get_tag.outputs.tag }}
134- # The body of the release notes - access the output from the 'build_and_testpypi' job
135- body : ${{ needs.build_and_testpypi.outputs.changelog_body }} # Access changelog body from dependent job output
136-
137- files : dist/* # Attach built sdist and wheel files as release assets
138- # Optional: Mark as a draft release for manual review before publishing
139- # draft: true
140- # Optional: Mark as a pre-release for tags containing hyphens (e.g., v1.0.0-rc1)
117+ body : ${{ needs.build_and_testpypi.outputs.changelog_body }}
118+ files : dist/*
141119 prerelease : ${{ contains(steps.get_tag.outputs.tag, '-') }} # Checks if tag contains hyphen (e.g. v1.0.0-rc.1)
0 commit comments