encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2026-03-04 20:11:21 +03:00
Code Issues Packages Projects Releases Wiki Activity

Setup release workflow with trusted publisher (#9852)

Browse Source
This commit is contained in:
Bruno Alla 2026-03-04 14:09:14 +01:00 committed by GitHub
parent bb76622337
commit 9734f77406
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 135 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

124
.github/workflows/release.yml vendored Normal file
View File

@ -0,0 +1,124 @@
name: Publish Release
concurrency:
# stop previous release runs if tag is recreated
group: release-${{ github.ref }}
cancel-in-progress: true
on:
push:
tags:
# Order matters, the last rule that applies to a tag
# is the one that takes effect:
# https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#example-including-and-excluding-branches-and-tags
- '*.*.*'
# There should be no dev tags created, but to be safe,
# let's not publish them.
- '!*.*.*.dev*'
env:
PYPI_URL: https://pypi.org/p/djangorestframework
PYPI_TEST_URL: https://test.pypi.org/p/djangorestframework
jobs:
build:
name: Build distribution 📦
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: "3.x"
- name: Install pypa/build
run: python3 -m pip install build
- name: Build a binary wheel and a source tarball
run: python3 -m build
- name: Store the distribution packages
uses: actions/upload-artifact@v7
with:
name: python-package-distributions
path: dist/
publish-to-testpypi:
name: Publish Python 🐍 distribution 📦 to TestPyPI
needs:
- build
runs-on: ubuntu-24.04
environment:
name: testpypi
url: ${{ env.PYPI_TEST_URL }}
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- name: Download all the dists
uses: actions/download-artifact@v8
with:
name: python-package-distributions
path: dist/
- name: Publish distribution 📦 to TestPyPI
uses: pypa/gh-action-pypi-publish@release/v1.13
with:
repository-url: https://test.pypi.org/legacy/
skip-existing: true
publish-to-pypi:
name: Publish Python 🐍 distribution 📦 to PyPI
needs:
- build
- publish-to-testpypi
runs-on: ubuntu-24.04
environment:
name: pypi
url: ${{ env.PYPI_URL }}
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
steps:
- name: Download all the dists
uses: actions/download-artifact@v8
with:
name: python-package-distributions
path: dist/
- name: Publish distribution 📦 to PyPI
uses: pypa/gh-action-pypi-publish@release/v1.13
github-release:
name: >-
Sign the Python 🐍 distribution 📦 with Sigstore
and upload them to GitHub Release
needs:
- publish-to-pypi
runs-on: ubuntu-24.04
permissions:
contents: write # IMPORTANT: mandatory for making GitHub Releases
id-token: write # IMPORTANT: mandatory for sigstore
steps:
- name: Download all the dists
uses: actions/download-artifact@v8
with:
name: python-package-distributions
path: dist/
- name: Sign the dists with Sigstore
uses: sigstore/gh-action-sigstore-python@v3.2.0
with:
inputs: >-
./dist/*.tar.gz
./dist/*.whl
- name: Create GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
run: >-
gh release create
'${{ github.ref_name }}'
--repo '${{ github.repository }}'
--generate-notes
- name: Upload artifact signatures to GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
# Upload to GitHub Release using the `gh` CLI.
# `dist/` contains the built packages, and the
# sigstore-produced signatures and certificates.
run: >-
gh release upload
'${{ github.ref_name }}' dist/**
--repo '${{ github.repository }}'

18
docs/community/project-management.md
View File

@ -60,19 +60,23 @@ The following template should be used for the description of the issue, and serv
- [ ] `README` Python & Django versions
- [ ] `docs` Python & Django versions
- [ ] Ensure the pull request increments the version to `*.*.*` in [`restframework/__init__.py`](https://github.com/encode/django-rest-framework/blob/main/rest_framework/__init__.py).
- [ ] Update the release-notes.md:
- Start drafting a new release in GitHub: https://github.com/encode/django-rest-framework/releases/new
- Select the tag that you want to give to the next release and the previous tag
- Click the "Generate release notes" button
- Don't confirm anything yet! Copy the generated content to a file `input.md`
- Run `uv tool run linkify-gh-markdown input.md` to make the links absolute
- Put the generated content in the release-notes.md file
- [ ] Ensure documentation validates
- Build and serve docs `mkdocs serve`
- Validate links `pylinkvalidate.py -P http://127.0.0.1:8000`
- [ ] Confirm with @tomchristie that release is finalized and ready to go.
- [ ] Confirm with other maintainers that the release is finalized and ready to go.
- [ ] Ensure that release date is included in pull request.
- [ ] Merge the release pull request.
- [ ] Install the release tools: `pip install build twine`
- [ ] Build the package: `python -m build`
- [ ] Push the package to PyPI with `twine upload dist/*`
- [ ] Tag the release, with `git tag -a *.*.* -m 'version *.*.*'; git push --tags`.
- [ ] Deploy the documentation with `mkdocs gh-deploy`.
- [ ] Tag the release, either with `git tag -a *.*.* -m 'version *.*.*'; git push --tags` or in GitHub.
- [ ] Wait for the release workflow to run. It will build the distribution, upload it to Test PyPI, PyPI and create the GitHub release.
- [ ] Make a release announcement on the [discussion group](https://groups.google.com/forum/?fromgroups#!forum/django-rest-framework).
- [ ] Make a release announcement on twitter.
- [ ] Make a release announcement on social media (Mastodon, etc...) and on the [Django forum](https://forum.djangoproject.com/).
- [ ] Close the milestone on GitHub.
To modify this process for future releases make a pull request to the [project management](https://www.django-rest-framework.org/topics/project-management/) documentation.