diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..9806ba2 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,80 @@ +# This pipeline is executed every time someone pushes a tag to GitHub. If the +# tag is a valid version number, it builds the library, and (will eventually) +# run the slow tests and the benchmarks, push the package distribution to PyPI, +# and if this is a production release, also publish the docs. +name: Release Pipeline + +on: + push: + tags: + - '**' + + +env: + # Force nox to produce colorful logs: + FORCE_COLOR: "true" + +jobs: + Check-Tag-Pattern: + if: github.repository == 'opendp/tumult-core' + runs-on: ubuntu-latest + steps: + - run: | + re="^(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)(-(alpha|beta|rc)\.(0|[1-9][0-9]*))?$" + if [[ ! "$GITHUB_REF_NAME" =~ $re ]]; then + echo "Tag $GITHUB_REF_NAME is not a valid version number. Aborting release pipeline." + exit 1 + fi + + Package-linux: + if: github.repository == 'opendp/tumult-core' + runs-on: ubuntu-latest + needs: Check-Tag-Pattern + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Set up runner + uses: opendp/tumult-tools/actions/setup@eabe1054863f0916a0087ad180fd83719049c094 + - run: uv run --only-group scripting nox -s build + - name: Upload wheel + uses: actions/upload-artifact@v4 + with: + name: linux-wheel + path: dist/*.whl + - name: Upload sdist + uses: actions/upload-artifact@v4 + with: + name: sdist + path: dist/*.tar.gz + + Package-macos-intel: + if: github.repository == 'opendp/tumult-core' + runs-on: macos-15-intel + needs: Check-Tag-Pattern + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Set up runner + uses: opendp/tumult-tools/actions/setup@eabe1054863f0916a0087ad180fd83719049c094 + - run: uv run --only-group scripting nox -s build + - name: Upload wheel + uses: actions/upload-artifact@v4 + with: + name: macos-intel-wheel + path: dist/*.whl + + Package-macos-arm: + if: github.repository == 'opendp/tumult-core' + runs-on: macos-latest + needs: Check-Tag-Pattern + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Set up runner + uses: opendp/tumult-tools/actions/setup@eabe1054863f0916a0087ad180fd83719049c094 + - run: uv run --only-group scripting nox -s build + - name: Upload wheel + uses: actions/upload-artifact@v4 + with: + name: macos-arm-wheel + path: dist/*.whl diff --git a/noxfile.py b/noxfile.py index 7662cea..f01e9fd 100644 --- a/noxfile.py +++ b/noxfile.py @@ -186,8 +186,8 @@ def build(session): Positional arguments given to nox are passed to the cibuildwheel command, allowing it to be run outside of the CI if needed. """ - session.run("uv", "build", "--sdist", external=True) session.run("cibuildwheel", "--output-dir", "dist/", *session.posargs) + session.run("uv", "build", "--sdist", external=True) sm = SessionManager( diff --git a/pyproject.toml b/pyproject.toml index 5c1828a..2306399 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -161,6 +161,11 @@ artifacts = [ [tool.cibuildwheel] build = "cp39-* cp310-* cp311-* cp312-*" skip = "*-musllinux*" +before-all = """ +if [ -d src/tmlt/core/ext/lib ] && [ ! -z ${CI+x} ]; then + echo 'Found compiled vendor libraries, but these must be built fresh by cibuildwheel.' + exit 1 +fi""" [tool.cibuildwheel.macos] environment = "MACOSX_DEPLOYMENT_TARGET='11.0'"