name: Release
on:
release:
types: [published]
permissions:
contents: read
concurrency:
group: release-${{ github.ref }}
cancel-in-progress: false
jobs:
verify-version:
name: verify tag matches Cargo.toml version
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Assert git tag equals crate version
run: |
crate_version=$(grep -m1 '^version' Cargo.toml | sed -E 's/.*"(.*)".*/\1/')
tag="${GITHUB_REF_NAME}"
echo "tag=$tag crate_version=$crate_version"
if [ "$tag" != "v$crate_version" ]; then
echo "::error::release tag '$tag' does not match Cargo.toml version 'v$crate_version'"
exit 1
fi
publish-crate:
name: publish crate (crates.io)
needs: verify-version
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- run: cargo publish
env:
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
build-wheels:
name: build wheels (${{ matrix.os }})
needs: verify-version
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Build wheels
uses: PyO3/maturin-action@v1
with:
command: build
args: --release --out dist
manylinux: auto
- uses: actions/upload-artifact@v4
with:
name: wheels-${{ matrix.os }}
path: dist
build-sdist:
name: build sdist
needs: verify-version
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Build sdist
uses: PyO3/maturin-action@v1
with:
command: sdist
args: --out dist
- uses: actions/upload-artifact@v4
with:
name: sdist
path: dist
publish-pypi:
name: publish to PyPI
needs: [build-wheels, build-sdist]
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/project/segovia/
permissions:
id-token: write
steps:
- uses: actions/download-artifact@v4
with:
path: dist
merge-multiple: true
- uses: pypa/gh-action-pypi-publish@release/v1