1212 workflow_dispatch :
1313 inputs :
1414 tag :
15- description : ' Git tag to build and release (e.g., v1.2.3). Must already exist.'
15+ description : " Git tag to build and release (e.g., v1.2.3). Must already exist."
1616 required : true
1717
1818jobs :
@@ -65,16 +65,11 @@ jobs:
6565 description : " Release notes body extracted from CHANGELOG.md"
6666 value : ${{ steps.changelog.outputs.changes }} # Output the extracted changelog body
6767
68- # Job 2: Publish to Production PyPI
69- # This job runs only if Job 1 completes successfully (implicit dependency)
70- # and only on tag push events (NOT manual dispatch for production).
7168 publish_pypi :
7269 name : Publish to Production PyPI
7370 runs-on : ubuntu-latest
74- # This job explicitly depends on build_and_testpypi completing successfully
7571 needs : build_and_testpypi
7672
77- # Only run on tag push events, NOT on manual dispatch for the final PyPI publish
7873 if : " github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')"
7974 steps :
8075 - name : Download package artifacts
@@ -91,27 +86,17 @@ jobs:
9186 - name : Set up uv
9287 uses : astral-sh/setup-uv@v6
9388
94- # --- Publish to Production PyPI Step ---
9589 - name : Publish to PyPI
96- # Execute the Task Automation publish session for Production PyPI.
97- # Calls uv publish dist/* which defaults to pypi.org (Topic 10).
98- # Configure Production PyPI credentials securely.
9990 env :
100- # Production PyPI credentials stored as secrets in GitHub Settings -> Secrets
10191 TWINE_USERNAME : __token__
102- TWINE_PASSWORD : ${{ secrets.PYPI_API_TOKEN }} # Use GitHub Encrypted Secret
103- # Optional: TWINE_REPOSITORY if publishing to a custom production index
104- run : uvx nox -s publish-package # Call the publish-package session (defaults to pypi.org)
92+ TWINE_PASSWORD : ${{ secrets.PYPI_API_TOKEN }}
93+ run : uvx nox -s publish-python
10594
106-
107- # Job 3: Create GitHub Release (Runs regardless of PyPI publish success, relies on build job for info/artifacts)
10895 create_github_release :
10996 name : Create GitHub Release
11097 runs-on : ubuntu-latest
111- # Needs the build job (which includes getting changelog)
11298 needs : build_and_testpypi
11399
114- # Only run this job if triggered by a tag push
115100 if : " github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')"
116101
117102 steps :
@@ -125,19 +110,10 @@ jobs:
125110 run : echo "tag=${{ github.ref_name }}" >> $GITHUB_OUTPUT
126111
127112 - name : Create GitHub Release
128- # Uses a standard action to create a release in GitHub based on the tag.
129113 uses : softprops/action-gh-release@v2
130114 with :
131- # The Git tag the release is associated with
132115 tag_name : ${{ steps.get_tag.outputs.tag }}
133- # The name of the release (often the same as the tag)
134116 name : Release ${{ steps.get_tag.outputs.tag }}
135- # The body of the release notes - access the output from the 'build_and_testpypi' job
136- body : ${{ needs.build_and_testpypi.outputs.changelog_body }} # Access changelog body from dependent job output
137-
138-
139- files : dist/* # Attach built sdist and wheel files as release assets
140- # Optional: Mark as a draft release for manual review before publishing
141- # draft: true
142- # Optional: Mark as a pre-release for tags containing hyphens (e.g., v1.0.0-rc1)
117+ body : ${{ needs.build_and_testpypi.outputs.changelog_body }}
118+ files : dist/*
143119 prerelease : ${{ contains(steps.get_tag.outputs.tag, '-') }} # Checks if tag contains hyphen (e.g. v1.0.0-rc.1)
0 commit comments