Skip to content

Commit de21183

Browse files
originalphiloriginalphil
authored
New: [AEA-5986] - Publish to PyPI (#76)
## Summary - ✨ New Feature ### Details Publishes to PyPI depending on optional inputs.
1 parent 8404cf6 commit de21183

File tree

5 files changed

+597
-5
lines changed

5 files changed

+597
-5
lines changed

.github/workflows/tag-release.yml

Lines changed: 15 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,11 @@ on:
4646
description: "An repository for the extra artifact"
4747
required: false
4848
type: string
49+
pypi_publish:
50+
description: "Whether to publish to PyPI"
51+
required: false
52+
type: boolean
53+
default: false
4954
outputs:
5055
version_tag:
5156
value: ${{ jobs.tag_release.outputs.version_tag }}
@@ -59,6 +64,9 @@ on:
5964
NPM_TOKEN:
6065
required: false
6166
description: "NPM token to publish packages"
67+
PYPI_TOKEN:
68+
required: false
69+
description: "PyPI token to publish packages"
6270
jobs:
6371
install_semantic_release:
6472
# Install asdf
@@ -231,7 +239,7 @@ jobs:
231239
name: config_artifact
232240

233241
- name: Cache asdf
234-
if: inputs.publish_packages != ''
242+
if: ${{ inputs.publish_packages != '' || inputs.pypi_publish }}
235243
uses: actions/cache@v5
236244
with:
237245
path: |
@@ -241,15 +249,15 @@ jobs:
241249
${{ runner.os }}-asdf-
242250
243251
- name: Install asdf dependencies in .tool-versions
244-
if: inputs.publish_packages != ''
252+
if: ${{ inputs.publish_packages != '' || inputs.pypi_publish }}
245253
uses: asdf-vm/actions/install@b7bcd026f18772e44fe1026d729e1611cc435d47
246254
with:
247255
asdf_version: ${{ inputs.asdfVersion }}
248256
env:
249257
PYTHON_CONFIGURE_OPTS: --enable-shared
250258

251259
- name: Install Dependencies and Build Package
252-
if: inputs.publish_packages != ''
260+
if: ${{ inputs.publish_packages != '' || inputs.pypi_publish }}
253261
run: |
254262
make install
255263
make build
@@ -320,6 +328,8 @@ jobs:
320328
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
321329
MAIN_BRANCH: ${{ inputs.main_branch }}
322330
EXTRA_ASSET: ${{ inputs.extra_artifact_name }}
331+
PYPI_PUBLISH: ${{ inputs.pypi_publish }}
332+
PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }}
323333

324334
- name: Create semantic release tag
325335
if: ${{ !inputs.dry_run }}
@@ -330,6 +340,8 @@ jobs:
330340
TAG_FORMAT: ${{ inputs.tag_format }}
331341
MAIN_BRANCH: ${{ inputs.main_branch }}
332342
EXTRA_ASSET: ${{ inputs.extra_artifact_name }}
343+
PYPI_PUBLISH: ${{ inputs.pypi_publish }}
344+
PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }}
333345
run: |
334346
npx semantic-release --tag-format "${TAG_FORMAT}"
335347

.trivyignore.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,12 @@ vulnerabilities:
1616
- id: CVE-2026-26996
1717
statement: minimatch vulnerability accepted as risk
1818
expired_at: 2026-06-01
19+
- id: CVE-2026-27903
20+
statement: minimatch vulnerability accepted as risk - dependency of npm (multiple)
21+
expired_at: 2026-06-01
22+
- id: CVE-2026-27904
23+
statement: minimatch vulnerability accepted as risk - dependency of npm (multiple)
24+
expired_at: 2026-06-01
1925
- id: CVE-2026-26960
2026
statement: tar vulnerability accepted as risk
2127
expired_at: 2026-06-01

0 commit comments

Comments
 (0)