Siddharth Balyan
6bdad1f3b2
ci: add PyPI publish workflow (salvaged from #25901) (#26148)
* ci(pypi): add publish workflow for automated PyPI releases
Triggered by CalVer tag pushes from scripts/release.py (v20* pattern).
Three jobs: build (uv build) → publish (OIDC trusted publishing) → sign
(Sigstore + attach to existing GitHub Release).
- workflow_dispatch as manual escape hatch
- skip-existing for safe re-runs
- Graceful skip when GitHub Release not found (sign job)
- Top-level permissions: contents: read (CodeQL compliant)
Requires one-time setup: PyPI trusted publisher + GitHub pypi environment.
Co-authored-by: dmahan93 <44207705+dmahan93@users.noreply.github.com>
* fix(release): address review findings
- Stage acp_registry/agent.json in version bump commit (was silently left unstaged)
- Add missing return when no previous tags found without --first-release
- Fix get_pr_number return type annotation (str -> str | None)
- Prefer uv build over python -m build (matches CI workflow), with fallback
- Use unit separator (%x1f) in git log format to handle | in author names
- Add explicit encoding='utf-8' to .release_notes.md write
Workflow hardening:
- Gracefully skip signing when GitHub Release not found (env var gate
instead of exit 1, so PyPI publish still shows green)
* fix(ci): harden PyPI workflow — SHA-pin actions, guard workflow_dispatch, explicit build flags
- Pin all actions to commit SHAs (supply-chain hardening for id-token:write)
- workflow_dispatch now requires confirm_tag input + checks out that tag
- Both uv build paths explicitly pass --sdist --wheel
---------
Co-authored-by: dmahan93 <44207705+dmahan93@users.noreply.github.com>
2026-05-15 13:21:48 +05:30
..
2026-04-14 14:23:37 -07:00
2026-04-30 23:17:14 -07:00
2026-05-13 10:30:42 -04:00
2026-04-23 22:22:11 -07:00
2026-05-10 13:19:41 -07:00
2026-04-30 22:52:30 +05:30
2026-04-30 22:52:30 +05:30
2026-05-04 20:58:21 -07:00
2026-04-14 14:23:37 -07:00
2026-04-19 16:25:21 -07:00
2026-05-12 17:10:57 -07:00
2026-05-15 13:21:48 +05:30
2026-05-08 18:47:07 -04:00