nkpk: Add support for firmware updates #308
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright Nitrokey GmbH | |
| # SPDX-License-Identifier: Apache-2.0 OR MIT | |
| name: Continuous delivery - PyPI | |
| on: | |
| pull_request: | |
| push: | |
| branches: [master] | |
| release: | |
| types: [published] | |
| workflow_dispatch: | |
| env: | |
| POETRY_SPEC: poetry >=2,<3 | |
| jobs: | |
| check-package-version: | |
| name: Check package version | |
| runs-on: ubuntu-latest | |
| container: python:3.10-slim | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install poetry | |
| run: pip install "${POETRY_SPEC}" | |
| - name: Check package version format | |
| shell: bash | |
| run: | | |
| PACKAGE_VERSION=$(poetry version --short) | |
| echo "PACKAGE_VERSION = $PACKAGE_VERSION" | |
| if [[ $PACKAGE_VERSION =~ ^[0-9]+.[0-9]+.[0-9]+(-rc\.[1-9])?$ ]]; then exit 0; else exit 1; fi | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| container: python:3.10-slim | |
| needs: check-package-version | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install required packages | |
| run: | | |
| apt update | |
| apt install -y binutils gcc libpcsclite-dev libusb-1.0-0 make swig | |
| - name: Install poetry | |
| run: pip install "${POETRY_SPEC}" | |
| - name: Build | |
| run: poetry build | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: nitropy-pypi | |
| path: dist | |
| publish-testpypi: | |
| name: Publish to TestPyPI | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: github.event_name == 'release' || github.ref == 'refs/heads/master' | |
| environment: | |
| name: testpypi | |
| url: https://test.pypi.org/p/pynitrokey | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: nitropy-pypi | |
| path: dist | |
| - name: Publish to TestPyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ | |
| skip-existing: true | |
| check-tag-version: | |
| name: Check tag version | |
| runs-on: ubuntu-latest | |
| container: python:3.10-slim | |
| if: github.event_name == 'release' | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install poetry | |
| run: pip install "${POETRY_SPEC}" | |
| - name: Check tag version | |
| shell: bash | |
| run: | | |
| VERSION_TAG="${{ github.event.release.tag_name }}" | |
| PACKAGE_VERSION="v"$(poetry version --short) | |
| echo "VERSION_TAG = $VERSION_TAG" | |
| echo "PACKAGE_VERSION = $PACKAGE_VERSION" | |
| if [ $VERSION_TAG == $PACKAGE_VERSION ]; then exit 0; else exit 1; fi | |
| publish-pypi: | |
| name: Publish to PyPI | |
| runs-on: ubuntu-latest | |
| needs: [build, check-tag-version] | |
| if: github.event_name == 'release' | |
| environment: | |
| name: pypi | |
| url: https://pypi.org/p/pynitrokey | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: nitropy-pypi | |
| path: dist | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 |