Automate the release process

[pradyunsg]

I think we all agree that this would be a good idea.

We have a few options here IMO:

• Have a GitHub Action triggered on tag, that runs the release processes
  • 2 stage: bump+tag+bump+push (releaser), build+publish (automation)
  • Needs auth/API token management
  • Consistent build environment
• Add something like https://github.com/pradyunsg/vendoring/blob/master/noxfile.py#L103-L146
  • Runs on the release manager's system
  • Performs exactly the same steps as a manual release process, except automatically.
• A combination of the two above?
  • version bumping + tagging + push is done by automation locally.
  • package building + publishing is done by CI automation.

Personally, I think doing 2, then 3 would be easiest -- partly because I am familiar with the second approach. :)

[brettcannon]

So the package building is already being done as part of the lint action, so that's easy enough to do.😉 And having twine do an upload with a scoped PyPI token should be very easy. I think it would be:

# I'm assuming twine was already installed.
- name: Upload to PyPI
  env:
    TWINE_USERNAME: "__token__"
    TWINE_PASSWORD: "${{ secrets.PYPI_TOKEN }}"
  run: twine upload

I think the question is whether versioning needs to be automatic. And with a GitHub Action you can actually push that back in a git commit if you wanted it to be fully automated based on a tag.

And after that if you want to get fancy you can try and push the built artifacts to the release on GitHub (although I don't think it's worth the hassle).

[pradyunsg]

I'm in favor of anything that lets us type less CLI commands to make the release.

---

reg (2): I don't think it's independent of the CI building you're suggesting.

I really like the vendoring release process (I'm partly biased towards because I wrote it). The release process is a single command:

nox -s release -- 2.1

Since the user/releaser is providing the version number, the version management doesn't even need to be automatic. The version bumping is, but it's pretty straightforward too.

The command does sanity checks of the environment + version bumping + commits + tag + build + twine check + publish + push. If anything fails, nothing gets uploaded. It even makes a backup branch before starting, just in case you need it.

I'd be happy to defer the build + twine check + publish steps to CI (that's suggestion 3, basically) but I still prefer that we start with 2; and then do 3.

[brettcannon]

@pradyunsg all seems fine by me; does that mean we should move off of tox and over to nox as well? Having two tools meant to do the same thing seems redundant and I think make our workflow even more complicated.

[pradyunsg]

We have automated releases now, ALA #265. I'll go ahead and close this issue and file a new one for build-and-upload-on-CI.

[pradyunsg]

#273