diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..f800ab5 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,50 @@ +name: Publish to PyPI + +on: + release: + types: [published] + workflow_dispatch: + +jobs: + build: + name: Build distribution + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v6 + + - name: Set up Python + uses: actions/setup-python@v6 + with: + python-version: "3.13" + cache: pip + + - name: Install build dependencies + run: python -m pip install --upgrade pip build + + - name: Build package + run: python -m build + + - name: Upload distribution artifacts + uses: actions/upload-artifact@v4 + with: + name: dist + path: dist/ + + publish: + name: Publish to PyPI + needs: build + runs-on: ubuntu-latest + environment: pypi + permissions: + id-token: write # required for trusted publishing + + steps: + - name: Download distribution artifacts + uses: actions/download-artifact@v4 + with: + name: dist + path: dist/ + + - name: Publish to PyPI + uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # release/v1 diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index ea40d7e..6868b88 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -64,3 +64,40 @@ git commit --no-verify ```bash pytest ``` + +## Releasing + +This project is published to [PyPI](https://pypi.org/project/luno-python/). Releases are made by maintainers with repository write access and PyPI publish access. + +### Steps + +1. **Decide the version number** following [Semantic Versioning](https://semver.org/): + - Patch (`x.y.Z`): backwards-compatible bug fixes + - Minor (`x.Y.0`): new backwards-compatible functionality + - Major (`X.0.0`): breaking changes + +2. **Bump the version** in `luno_python/__init__.py`: + ```python + VERSION = "x.y.z" + ``` + +3. **Commit and push** the version bump on a branch, then open and merge a PR: + ```bash + git checkout -b release-x.y.z + git add luno_python/__init__.py + git commit -m "release: bump version to x.y.z" + git push origin release-x.y.z + gh pr create --title "release: bump version to x.y.z" --body "Bump version for release." + # After review, merge the PR + ``` + +4. **Create a GitHub Release** from the merged commit on `main`: + ```bash + git checkout main && git pull origin main + gh release create vx.y.z --title "vx.y.z" --generate-notes + ``` + This triggers the publishing workflow, which automatically builds and uploads the package to PyPI. + +### PyPI Trusted Publishing + +The publishing workflow uses [PyPI Trusted Publishing](https://docs.pypi.org/trusted-publishers/) (OpenID Connect), which means no API tokens need to be stored as secrets. This must be configured once in PyPI's project settings under *Publishing → Add a new publisher*, pointing at this repository's `publish.yml` workflow. diff --git a/luno_python/__init__.py b/luno_python/__init__.py index 308cd67..16e7d70 100644 --- a/luno_python/__init__.py +++ b/luno_python/__init__.py @@ -1,3 +1,3 @@ """Luno Python SDK.""" -VERSION = "0.0.10" +VERSION = "0.3.0" diff --git a/pyproject.toml b/pyproject.toml index 5423a21..ef13dd0 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -22,7 +22,6 @@ skip_gitignore = true exclude_dirs = ["tests", "env", "build"] skips = [ "B101", # Skip assert_used check (common in tests) - "B107", # Skip hardcoded_password_default (empty string defaults are acceptable for optional credentials) ] [tool.pytest.ini_options]