Merge aabe83c06d into 0d02f372c3

This is a follow-up for #230, which renamed the workflow filename.

.github/workflows/build-and-push-docker-image.yml

@@ -0,0 +1,54 @@
+---
+
+name: 🏗️
+
+on:   # yamllint disable-line rule:truthy
+  pull_request:
+  push:
+    branches: ["release/*", "unstable/*"]
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: Docker image tag
+        required: true
+        type: string
+
+jobs:
+  smoke-test:
+    uses: ./.github/workflows/reusable-smoke-test.yml
+  build-and-push:
+    if: github.event_name != 'pull_request'
+    runs-on: ubuntu-latest
+    needs:
+    - smoke-test
+    timeout-minutes: 10
+    steps:
+    - uses: actions/checkout@v4
+    - name: Build Docker image
+      run: |
+        DOCKER_TAG="${DOCKER_TAG/'/'/'-'}"
+        DOCKER_TAG_MAJOR=$(echo "$DOCKER_TAG" | cut -d '.' -f 1)
+        DOCKER_TAG_MAJOR_MINOR=$(echo "$DOCKER_TAG" | cut -d '.' -f 1-2)
+        IMAGE="ghcr.io/$GITHUB_REPOSITORY:${DOCKER_TAG}"
+        IMAGE_MAJOR="ghcr.io/$GITHUB_REPOSITORY:${DOCKER_TAG_MAJOR}"
+        IMAGE_MAJOR_MINOR="ghcr.io/$GITHUB_REPOSITORY:${DOCKER_TAG_MAJOR_MINOR}"
+        echo "IMAGE=$IMAGE" >>"$GITHUB_ENV"
+        echo "IMAGE_MAJOR=$IMAGE_MAJOR" >>"$GITHUB_ENV"
+        echo "IMAGE_MAJOR_MINOR=$IMAGE_MAJOR_MINOR" >>"$GITHUB_ENV"
+        docker build . \
+          --build-arg BUILDKIT_INLINE_CACHE=1 \
+          --cache-from $IMAGE \
+          --tag $IMAGE
+        docker tag $IMAGE $IMAGE_MAJOR
+        docker tag $IMAGE $IMAGE_MAJOR_MINOR
+      env:
+        DOCKER_TAG: ${{ inputs.tag || github.ref_name }}
+    - name: Log in to GHCR
+      run: >-
+        echo ${{ secrets.GITHUB_TOKEN }} |
+          docker login ghcr.io -u $GITHUB_ACTOR --password-stdin
+    - name: Push Docker image to GHCR
+      run: |
+        docker push $IMAGE
+        docker push $IMAGE_MAJOR
+        docker push $IMAGE_MAJOR_MINOR

.github/workflows/publish-major-minor.yml

@@ -0,0 +1,62 @@
+name: "Publish Major-Minor-Tags"
+on:
+  push:
+    tags:
+      - "v*"
+
+jobs:
+  push-tags:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Python 3.8
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.8
+      - name: Install packaging
+        run: python -m pip install -U packaging --user
+      - name: Get versions
+        id: get_versions
+        shell: python
+        run: |
+          from packaging.version import parse
+
+          tag_ref = "${{ github.ref }}"
+          tag_name = tag_ref.split("/")[-1]
+          version = parse(tag_name)
+          print(f"tag_name: {tag_name}")
+          print(f"version: {version}")
+          if version.is_prerelease:
+              print("No tags created (dev or pre version)!")
+              exit(0)
+
+          print("Creating new major and minor tags!")
+          print(f"::set-output name=original_tag_name::{tag_name}")
+          print(f"::set-output name=major_version::v{version.major}")
+          print(f"::set-output name=minor_version::v{version.major}.{version.minor}")      
+      - name: Setup git user as [bot]
+        run: |
+          git config user.email 'github-actions[bot]@users.noreply.github.com'
+          git config user.name 'github-actions[bot]'
+      - name: Create major + minor tags
+        if: steps.get_versions.outputs.original_tag_name != ''
+        env:
+          original_tag_name: ${{ steps.get_versions.outputs.original_tag_name }}
+          major_version: ${{ steps.get_versions.outputs.major_version }}
+          minor_version: ${{ steps.get_versions.outputs.minor_version }}
+        run: |
+          git tag --annotate '${{ env.major_version }}' \
+            --message='Major version tag of: ${{ env.original_tag_name }}' \
+            --message="Original tag SHA1: $(git rev-parse ${{ env.original_tag_name }})"
+          git tag --annotate '${{ env.minor_version }}' \
+            --message='Minor version tag of: ${{ env.original_tag_name }}' \
+            --message="Original tag SHA1: $(git rev-parse ${{ env.original_tag_name }})"
+      - name: Push major + minor tags
+        if: steps.get_versions.outputs.original_tag_name != ''
+        env:
+          major_version: ${{ steps.get_versions.outputs.major_version }}
+          minor_version: ${{ steps.get_versions.outputs.minor_version }}
+        run: |
+          git push --force --atomic origin \
+            '${{ env.major_version }}' \
+            '${{ env.minor_version }}'

.github/workflows/reusable-smoke-test.yml

@@ -1,10 +1,9 @@
 ---
 
-name: 🧪
+name: ♻️ 🧪
 
 on:   # yamllint disable-line rule:truthy
-  push:
-  pull_request:
+  workflow_call:
 
 env:
   devpi-password: abcd1234
@@ -27,7 +26,33 @@ env:
     PYTEST_THEME_MODE
 
 jobs:
+  fail-fast:
+
+    strategy:
+      matrix:
+        os: [macos-latest, windows-latest]
+
+    runs-on: ${{ matrix.os }}
+
+    timeout-minutes: 2
+
+    steps:
+    - name: Check out the action locally
+      uses: actions/checkout@v4
+      with:
+        path: test
+    - name: Fail-fast in unsupported environments
+      continue-on-error: true
+      id: fail-fast
+      uses: ./test
+    - name: Error if action did not fail-fast in unsupported environments
+      if: steps.fail-fast.outcome == 'success'
+      run: |
+        >&2 echo This action should fail-fast in unsupported environments.
+        exit 1
+
   smoke-test:
+
     runs-on: ubuntu-latest
 
     services:

README.md

@@ -279,7 +279,7 @@ are released under the [BSD 3-clause license](LICENSE.md).
 
 
 [🧪 GitHub Actions CI/CD workflow tests badge]:
-https://github.com/pypa/gh-action-pypi-publish/actions/workflows/self-smoke-test-action.yml/badge.svg?branch=unstable%2Fv1&event=push
+https://github.com/pypa/gh-action-pypi-publish/actions/workflows/build-and-push-docker-image.yml/badge.svg?branch=unstable%2Fv1&event=push
 [GHA workflow runs list]:
 https://github.com/pypa/gh-action-pypi-publish/actions/workflows/self-smoke-test-action.yml?query=branch%3Aunstable%2Fv1
 

action.yml

@@ -91,15 +91,70 @@ branding:
   color: yellow
   icon: upload-cloud
 runs:
-  using: docker
-  image: Dockerfile
-  args:
-  - ${{ inputs.user }}
-  - ${{ inputs.password }}
-  - ${{ inputs.repository-url }}
-  - ${{ inputs.packages-dir }}
-  - ${{ inputs.verify-metadata }}
-  - ${{ inputs.skip-existing }}
-  - ${{ inputs.verbose }}
-  - ${{ inputs.print-hash }}
-  - ${{ inputs.attestations }}
+  using: composite
+  steps:
+  - name: Fail-fast in unsupported environments
+    if: runner.os != 'Linux'
+    run: |
+      >&2 echo This action is only able to run under GNU/Linux environments
+      exit 1
+    shell: bash -eEuo pipefail {0}
+  - name: Reset path if needed
+    run: |
+      # Reset path if needed
+      # https://github.com/pypa/gh-action-pypi-publish/issues/112
+      if [[ $PATH != *"/usr/bin"* ]]; then
+        echo "\$PATH=$PATH. Resetting \$PATH for GitHub Actions."
+        PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+        echo "PATH=$PATH" >>"$GITHUB_ENV"
+        echo "$PATH" >>"$GITHUB_PATH"
+        echo "\$PATH reset. \$PATH=$PATH"
+      fi
+    shell: bash
+  - name: Set repo and ref from which to run Docker container action
+    id: set-repo-and-ref
+    run: |
+      # Set repo and ref from which to run Docker container action
+      # to handle cases in which `github.action_` context is not set
+      # https://github.com/actions/runner/issues/2473
+      REF=${{ env.ACTION_REF || env.PR_REF || github.ref_name }}
+      REPO=${{ env.ACTION_REPO || env.PR_REPO || github.repository }}
+      REPO_ID=${{ env.PR_REPO_ID || github.repository_id }}
+      echo "ref=$REF" >>"$GITHUB_OUTPUT"
+      echo "repo=$REPO" >>"$GITHUB_OUTPUT"
+      echo "repo-id=$REPO_ID" >>"$GITHUB_OUTPUT"
+    shell: bash
+    env:
+      ACTION_REF: ${{ github.action_ref }}
+      ACTION_REPO: ${{ github.action_repository }}
+      PR_REF: ${{ github.event.pull_request.head.ref }}
+      PR_REPO: ${{ github.event.pull_request.head.repo.full_name }}
+      PR_REPO_ID: ${{ github.event.pull_request.base.repo.id }}
+  - name: Check out action repo
+    uses: actions/checkout@v4
+    with:
+      path: action-repo
+      ref: ${{ steps.set-repo-and-ref.outputs.ref }}
+      repository: ${{ steps.set-repo-and-ref.outputs.repo }}
+  - name: Create Docker container action
+    run: |
+      # Create Docker container action
+      python create-docker-action.py
+    env:
+      REF: ${{ steps.set-repo-and-ref.outputs.ref }}
+      REPO: ${{ steps.set-repo-and-ref.outputs.repo }}
+      REPO_ID: ${{ steps.set-repo-and-ref.outputs.repo-id }}
+    shell: bash
+    working-directory: action-repo
+  - name: Run Docker container
+    uses: ./action-repo/.github/actions/run-docker-container
+    with:
+      user: ${{ inputs.user }}
+      password: ${{ inputs.password }}
+      repository-url: ${{ inputs.repository-url || inputs.repository_url }}
+      packages-dir: ${{ inputs.packages-dir || inputs.packages_dir }}
+      verify-metadata: ${{ inputs.verify-metadata || inputs.verify_metadata }}
+      skip-existing: ${{ inputs.skip-existing || inputs.skip_existing }}
+      verbose: ${{ inputs.verbose }}
+      print-hash: ${{ inputs.print-hash || inputs.print_hash }}
+      attestations: ${{ inputs.attestations }}

create-docker-action.py

@@ -0,0 +1,75 @@
+import json
+import os
+import pathlib
+
+DESCRIPTION = 'description'
+REQUIRED = 'required'
+
+REF = os.environ['REF']
+REPO = os.environ['REPO']
+REPO_ID = os.environ['REPO_ID']
+REPO_ID_GH_ACTION = '178055147'
+
+
+def set_image(ref: str, repo: str, repo_id: str) -> str:
+    if repo_id == REPO_ID_GH_ACTION:
+        return '../../../Dockerfile'
+    docker_ref = ref.replace('/', '-')
+    return f'docker://ghcr.io/{repo}:{docker_ref}'
+
+
+image = set_image(REF, REPO, REPO_ID)
+
+action = {
+    'name': '🏃',
+    DESCRIPTION: (
+        'Run Docker container to upload Python distribution packages to PyPI'
+    ),
+    'inputs': {
+        'user': {DESCRIPTION: 'PyPI user', REQUIRED: False},
+        'password': {
+            DESCRIPTION: 'Password for your PyPI user or an access token',
+            REQUIRED: False,
+        },
+        'repository-url': {
+            DESCRIPTION: 'The repository URL to use',
+            REQUIRED: False,
+        },
+        'packages-dir': {
+            DESCRIPTION: 'The target directory for distribution',
+            REQUIRED: False,
+        },
+        'verify-metadata': {
+            DESCRIPTION: 'Check metadata before uploading',
+            REQUIRED: False,
+        },
+        'skip-existing': {
+            DESCRIPTION: (
+                'Do not fail if a Python package distribution'
+                ' exists in the target package index'
+            ),
+            REQUIRED: False,
+        },
+        'verbose': {DESCRIPTION: 'Show verbose output.', REQUIRED: False},
+        'print-hash': {
+            DESCRIPTION: 'Show hash values of files to be uploaded',
+            REQUIRED: False,
+        },
+        'attestations': {
+            DESCRIPTION: (
+                '[EXPERIMENTAL]'
+                ' Enable experimental support for PEP 740 attestations.'
+                ' Only works with PyPI and TestPyPI via Trusted Publishing.'
+            ),
+            REQUIRED: False,
+        },
+    },
+    'runs': {
+        'using': 'docker',
+        'image': image,
+    },
+}
+
+action_path = pathlib.Path('.github/actions/run-docker-container/action.yml')
+action_path.parent.mkdir(parents=True, exist_ok=True)
+action_path.write_text(json.dumps(action, ensure_ascii=False), encoding='utf-8')