pybind11/.github/workflows/pip.yml
dependabot[bot] 3ebdc503d2
chore(deps): bump actions/attest-build-provenance in the actions group (#5461)
Bumps the actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance).


Updates `actions/attest-build-provenance` from 1.4.4 to 2.0.1
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](ef244123eb...c4fbc64884)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-09 10:24:06 -08:00

121 lines
2.7 KiB
YAML

name: Pip
on:
workflow_dispatch:
pull_request:
push:
branches:
- master
- stable
- v*
release:
types:
- published
permissions:
contents: read
env:
PIP_BREAK_SYSTEM_PACKAGES: 1
PIP_ONLY_BINARY: numpy
jobs:
# This builds the sdists and wheels and makes sure the files are exactly as
# expected.
test-packaging:
name: 🐍 3.8 • 📦 tests • windows-latest
runs-on: windows-latest
steps:
- uses: actions/checkout@v4
- name: Setup 🐍 3.8
uses: actions/setup-python@v5
with:
python-version: 3.8
- name: Prepare env
run: |
python -m pip install -r tests/requirements.txt
- name: Python Packaging tests
run: pytest tests/extra_python_package/
# This runs the packaging tests and also builds and saves the packages as
# artifacts.
packaging:
name: 🐍 3.8 • 📦 & 📦 tests • ubuntu-latest
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup 🐍 3.8
uses: actions/setup-python@v5
with:
python-version: 3.8
- name: Prepare env
run: |
python -m pip install -r tests/requirements.txt build twine
- name: Python Packaging tests
run: pytest tests/extra_python_package/
- name: Build SDist and wheels
run: |
python -m build
PYBIND11_GLOBAL_SDIST=1 python -m build
- name: Check metadata
run: twine check dist/*
- name: Save standard package
uses: actions/upload-artifact@v4
with:
name: standard
path: dist/pybind11-*
- name: Save global package
uses: actions/upload-artifact@v4
with:
name: global
path: dist/pybind11_global-*
# When a GitHub release is made, upload the artifacts to PyPI
upload:
name: Upload to PyPI
runs-on: ubuntu-latest
if: github.event_name == 'release' && github.event.action == 'published'
needs: [packaging]
environment:
name: pypi
url: https://pypi.org/p/pybind11
permissions:
id-token: write
attestations: write
steps:
# Downloads all to directories matching the artifact names
- uses: actions/download-artifact@v4
- name: Generate artifact attestation for sdist and wheel
uses: actions/attest-build-provenance@c4fbc648846ca6f503a13a2281a5e7b98aa57202 # v2.0.1
with:
subject-path: "*/pybind11*"
- name: Publish standard package
uses: pypa/gh-action-pypi-publish@release/v1
with:
packages-dir: standard/
attestations: true
- name: Publish global package
uses: pypa/gh-action-pypi-publish@release/v1
with:
packages-dir: global/
attestations: true