# Copyright © Michal Čihař <michal@weblate.org> # # SPDX-License-Identifier: GPL-3.0-or-later name: Distribution on: push: branches-ignore: - deepsource-fix-** - renovate/** - weblate tags: - weblate-* pull_request: permissions: contents: read jobs: dist: runs-on: ubuntu-24.04 name: Build packages env: PYTHONUNBUFFERED: 1 PYTHONWARNINGS: default,ignore:unclosed:ResourceWarning permissions: # Needed for Sigstore id-token: write # Needed for attestations attestations: write steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v5 - name: Setup Python uses: actions/setup-python@v5 with: python-version: '3.13' - name: build run: | echo "::add-matcher::.github/matchers/setuptools.json" uv build echo "::remove-matcher owner=setuptools::" - name: Sign the dists with Sigstore if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/weblate') uses: sigstore/gh-action-sigstore-python@v3.0.0 with: inputs: dist/* - name: Attest if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/weblate') uses: actions/attest-build-provenance@v2 with: subject-path: dist/* - uses: actions/upload-artifact@v4 with: path: dist/* name: dist lint: runs-on: ubuntu-24.04 name: Lint packages env: PYTHONUNBUFFERED: 1 needs: - dist steps: - uses: actions/checkout@v4 - name: Install apt dependencies run: sudo ./ci/apt-install - name: Set up Python uses: actions/setup-python@v5 with: python-version: '3.13' - uses: astral-sh/setup-uv@v5 with: enable-cache: true cache-dependency-glob: '' cache-suffix: '3.13' - uses: actions/download-artifact@v4 - name: Cleanup dist # Remove files not supported on PyPI (eg. Sigstore signatures) run: find dist -mindepth 1 -not -name '*.tar.gz' -not -name '*.whl' -delete - name: list wheel run: unzip -l dist/*.whl - name: list sdist run: tar tvf dist/*.tar.gz - name: twine check run: uvx twine check --strict dist/* - name: pydistcheck run: uvx pydistcheck --inspect dist/* - name: pyroma run: uvx pyroma dist/*.tar.gz - name: check-wheel-contents run: uvx check-wheel-contents dist/*.whl - name: check-manifest run: uvx check-manifest -v - name: install run: | uv venv .venv-install source .venv-install/bin/activate uv pip install dist/*.whl notes: runs-on: ubuntu-24.04 name: Build release notes steps: - uses: actions/checkout@v4 - uses: astral-sh/setup-uv@v5 - name: Set up Python uses: actions/setup-python@v5 with: python-version: '3.13' - name: Install apt dependencies run: | sudo apt update sudo apt install -y graphviz pandoc - name: Install Python dependencies run: uv sync --no-sources --only-group docs --frozen - name: Sphinx build run: | . .venv/bin/activate ./ci/run-docs - name: Convert release notes run: | version=$(sed -n '/^VERSION =/ s/.*"\(.*\)"/\1/p' weblate/utils/version.py) namever="weblate-$version" sed "s/latest/$namever/" < scripts/release-notes-filter.lua > scripts/release-notes-filter.version.lua mkdir dist ./scripts/extract-release-notes > "dist/Weblate-$version.html" pandoc "dist/Weblate-$version.html" --write=gfm --wrap=none --lua-filter=scripts/release-notes-filter.version.lua -o "dist/Weblate-$version.md" rm scripts/release-notes-filter.version.lua - uses: actions/upload-artifact@v4 with: path: dist/* name: notes publish_pypi: name: Publish to PyPI if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/weblate') permissions: # this permission is mandatory for trusted publishing id-token: write needs: - notes - dist - lint runs-on: ubuntu-24.04 steps: - uses: actions/download-artifact@v4 - name: Cleanup dist # Remove files not supported on PyPI (eg. Sigstore signatures) run: find dist -mindepth 1 -not -name '*.tar.gz' -not -name '*.whl' -delete - uses: astral-sh/setup-uv@v5 - run: uv publish --trusted-publishing always publish_github: name: Publish to GitHub if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/weblate') permissions: # this permission is mandatory for creating a release contents: write needs: - notes - dist - lint runs-on: ubuntu-24.04 steps: - uses: actions/download-artifact@v4 - name: Extract notes body run: tail -n+3 notes/Weblate-*.md > notes.md - name: Extract notes title id: get-name run: echo name=$(head -n1 notes/Weblate-*.md) > "$GITHUB_OUTPUT" - uses: ncipollo/release-action@v1 with: artifacts: dist/* bodyFile: notes.md name: ${{ steps.get-name.outputs.name }}