Skip to content

build(pip): publish java-api and java-api-stubs to PyPI #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
cesarcoatl merged 1 commit into from
Dec 8, 2025
Merged

build(pip): publish java-api and java-api-stubs to PyPI #5

cesarcoatl merged 1 commit into from
Dec 8, 2025

Conversation

@cesarcoatl
Copy link
Member

@cesarcoatl cesarcoatl commented Dec 8, 2025
edited by sourcery-ai bot
Loading

Summary by Sourcery

Publish the java-api and java-api-stubs packages to PyPI on release and update installation instructions accordingly.

CI:

  • Add a GitHub Actions workflow to run CI and upload java-api and java-api-stubs distributions to PyPI on release publication.

Deployment:

  • Configure automated publishing of the java-api and java-api-stubs packages to PyPI using GitHub Actions and repository secrets.

Documentation:

  • Update java-api and java-api-stubs READMEs to reference installation from PyPI instead of GitHub sources and refresh example environment details.

@sourcery-ai
Copy link
Contributor

sourcery-ai bot commented Dec 8, 2025
edited
Loading

Reviewer's Guide

Adds automated PyPI publishing for the java-api and java-api-stubs packages upon GitHub releases, and updates the READMEs to point to the new PyPI distributions instead of direct GitHub installs and to reflect current environment details.

File-Level Changes

Change Details Files
Switch installation instructions to use published PyPI packages instead of Git-based installs.
  • Update java-api README to replace git+https install command with plain pip install of the java-api package.
  • Refresh the sample Python 2 REPL banner to match a newer environment version.
  • Update java-api-stubs README installation example to use the java-api-stubs PyPI package instead of the GitHub subdirectory URL.
  • Clarify supported Python versions wording for java-api-stubs by changing '3.7+ through 3.12' to '3.7 through 3.12'.
 java-api/README.md
java-api-stubs/README.md
Introduce GitHub Actions workflow to publish java-api and java-api-stubs to PyPI on release.
  • Create a publish workflow triggered on GitHub release publication.
  • Reuse existing ci.yml and pr-build.yml workflows as prerequisite jobs before publishing.
  • Add a PyPI upload job for java-api using coatl-dev/actions/pypi-upload with a dedicated API token and working directory.
  • Add a PyPI upload job for java-api-stubs specifying Python 3.12 and its own PyPI API token and working directory.
 .github/workflows/publish.yml
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

sourcery-ai[bot]
sourcery-ai bot reviewed Dec 8, 2025
View reviewed changes
Copy link
Contributor

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey there - I've reviewed your changes - here's some feedback:

  • In the publish workflow, the step names still say "Upload ignition-api" while the working directories are java-api and java-api-stubs; consider renaming these to match the actual package names to avoid confusion.
  • For the pypi-upload job, you explicitly pin python-version: '3.12' only for the java-api-stubs upload; consider either documenting or aligning the Python version for both uploads to keep the workflow behavior consistent and predictable.
Prompt for AI Agents 
Please address the comments from this code review:

## Overall Comments
- In the publish workflow, the step names still say "Upload ignition-api" while the working directories are `java-api` and `java-api-stubs`; consider renaming these to match the actual package names to avoid confusion.
- For the `pypi-upload` job, you explicitly pin `python-version: '3.12'` only for the `java-api-stubs` upload; consider either documenting or aligning the Python version for both uploads to keep the workflow behavior consistent and predictable.

## Individual Comments

### Comment 1
<location> `.github/workflows/publish.yml:20-21` </location>
<code_context>
+    needs: pr-build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v6
+
+      - name: Upload ignition-api to PyPI
</code_context>

<issue_to_address>
**🚨 issue (security):** Pin `actions/checkout` to a stable major or SHA instead of `v6`.

`v6` doesn’t exist yet, and major tags can change with breaking updates. Please pin to the current stable major (e.g. `actions/checkout@v4`) or, preferably, to a specific commit SHA to avoid unexpected workflow breakage or behavior changes.
</issue_to_address>
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

.github/workflows/publish.yml
Comment on lines +20 to +21
- name: Checkout repo
uses: actions/checkout@v6
Copy link
Contributor

@sourcery-ai sourcery-ai bot Dec 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚨 issue (security): Pin actions/checkout to a stable major or SHA instead of v6.

v6 doesn’t exist yet, and major tags can change with breaking updates. Please pin to the current stable major (e.g. actions/checkout@v4) or, preferably, to a specific commit SHA to avoid unexpected workflow breakage or behavior changes.

@cesarcoatl cesarcoatl merged commit cbfcffd into main Dec 8, 2025
3 checks passed
@cesarcoatl cesarcoatl deleted the build/pip/publish-to-pypi branch December 8, 2025 22:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cesarcoatl