Skip to content

Add automated PyPI publish workflow#8

Merged
richdawe-cio merged 1 commit into
mainfrom
cdp-6173-publish-workflow
Jun 26, 2026
Merged

Add automated PyPI publish workflow#8
richdawe-cio merged 1 commit into
mainfrom
cdp-6173-publish-workflow

Conversation

@richdawe-cio

@richdawe-cio richdawe-cio commented Jun 26, 2026

Copy link
Copy Markdown
Collaborator

Like customerio/customerio-python#120 :

Adds .github/workflows/publish.yml — triggered on GitHub releases, builds wheel + sdist, publishes to PyPI via trusted publishing (OIDC)

See the GH action docs at https://github.com/pypa/gh-action-pypi-publish

Pre-requisites for this to work:

  • The DX team needs to set up an environment pypi on this repo, for use by the publishing workflow.
  • We need to update the PyPi org settings to allow the publish workflow to be used for trusted publishing.
  • This PR needs to be reviewed and merged.
  • Then a new release needs to be tagged to trigger the publish workflow, and verify it works.

Note

Medium Risk
Changes how production packages reach PyPI (trusted publishing vs token/twine); misconfigured release or PyPI trust settings could block or mis-publish releases.

Overview
Replaces manual PyPI releases with a GitHub Release–triggered publish pipeline. The old release.yml workflow (manual workflow_dispatch, bump2version, setup.py + twine using PYPI_TOKEN) is removed.

Adds .github/workflows/publish.yml, which runs when a release is published: checks out the repo, builds with python -m build, and uploads to PyPI via pypa/gh-action-pypi-publish using OIDC (id-token: write, environment: pypi) instead of a stored token.

Lint and test workflows bump actions/checkout from v6 to v7 and set fetch-depth: 0 on checkout (aligned with the new publish job).

Reviewed by Cursor Bugbot for commit cf703c5. Bugbot is set up for automated code reviews on this repo. Configure here.

@@ -1,45 +0,0 @@
name: Release

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This has been replaced by the publish workflow, which will be run automatically when a release is made.

- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
fetch-depth: 0

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added fetch-depth for consistency with customerio-python.

@richdawe-cio richdawe-cio merged commit 113745c into main Jun 26, 2026
11 checks passed
@richdawe-cio richdawe-cio deleted the cdp-6173-publish-workflow branch June 26, 2026 14:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants