search

scipy / oldest-supported-numpy

Meta-package providing the oldest supported Numpy for a given Python version and platform
BSD 2-Clause "Simplified" License
55 stars 33 forks source link

Release workflow #42

Closed tupui closed 2 years ago

tupui commented 2 years ago

Related to #32.

Since tags are used, automatic deployment could be setup to ease the release process. This workflow deploy when main is tagged with a new release.

This needs to add credentials as secrets (if not already).

Note that PyPi test is set in this PR, just in case.

tupui commented 2 years ago

One improvement could be to add a check for tag=version in setup.cfg

tupui commented 2 years ago

One improvement could be to add a check for tag=version in setup.cfg

What do you mean exactly, what should this do?

It would check that the tag you are pushing corresponds to the version set in setup.cfg.

I've seen this happen a few time and then the deployment fails. So you need to delete the tag, push an update on the file and re tag. But yeah now that I rethink this, it would be the same with the check, still need to fix and redo everything. I had this as an early stop before running lot of tests before deploying.

Alternatively,a simple checklist for the person who does the manual action can also do the job.

Another different approach that I've used and worked ok is to have a makefile. It would test, call something like bumpversion to set the version->commit->tag and then deploy to PyPi. Adds another tool though and all runs locally. I thought it was maybe too much for this repo but I can do this if you prefer.

tupui commented 2 years ago

@rgommers can I do something else?

rgommers commented 2 years ago

Alternatively,a simple checklist for the person who does the manual action can also do the job.

This would be the easiest I think:

tupui commented 2 years ago

Sounds good to me 👍 Looks like the CI did the release properly 😃

tupui commented 2 years ago

I learned recently that you can use a token instead of your credentials. This way you can create a token just for this project, which is safer in case of any leak/misuse.

TWINE_USERNAME: __token__
TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }}
rgommers commented 2 years ago

__token__ is already used as username. let's leave this as is, since it's working.