diff --git a/.github/workflows/publish-mastodon.template.md b/.github/workflows/publish-mastodon.template.md new file mode 100644 index 000000000..c8b9dba6f --- /dev/null +++ b/.github/workflows/publish-mastodon.template.md @@ -0,0 +1,6 @@ +New #xclim release: v{{ .version }} 🎉 + +Latest source code available at: https://github.com/Ouranosinc/xclim/releases/tag/{{ .version }} +Check out the docs for more information: https://xclim.readthedocs.io/en/stable/ + +{{ .contributors }} diff --git a/.github/workflows/publish-mastodon.yml b/.github/workflows/publish-mastodon.yml index 1694767c0..706ee5864 100644 --- a/.github/workflows/publish-mastodon.yml +++ b/.github/workflows/publish-mastodon.yml @@ -5,30 +5,72 @@ on: types: - published workflow_dispatch: + inputs: + version-tag: + description: 'Version to announce' + required: true + type: string + dry-run: + description: 'Dry run' + default: true + type: boolean jobs: build: runs-on: ubuntu-latest + environment: production steps: - name: Checkout uses: actions/checkout@v3.6.0 - name: Current Version + if: ${{ !github.event.inputs.version-tag }} run: | CURRENT_VERSION="$(grep -E '__version__' xclim/__init__.py | cut -d ' ' -f3)" - echo "current_version=${CURRENT_VERSION}" >> $GITHUB_ENV + echo "version=v${CURRENT_VERSION}" >> $GITHUB_ENV + - name: Set Version from Input + if: ${{ github.event.inputs.version-tag }} + run: | + echo "version=${{ github.event.inputs.version-tag }}" >> $GITHUB_ENV + + - name: Get Release Description + if: ${{ !endsWith(env.current_version, '-dev') }} + id: get_release_description + run: | + # Fetch the release information using the GitHub API + RELEASE_INFO=$(curl -sH "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ + "https://api.github.com/repos/${{ github.repository }}/releases/tags/${{ env.version }}") + + # Extract the release description from the response + RELEASE_DESCRIPTION=$(echo "$RELEASE_INFO" | jq -r .body) + + # Remove Markdown links and the space preceding them + CLEANED_DESCRIPTION=$(echo "$RELEASE_DESCRIPTION" | sed -E 's/\[([^\]]+)\]\([^)]+\)//g') + + # Extract the first line of the release description + CONTRIBUTORS=$(echo "$CLEANED_DESCRIPTION" | head -n 1) + + echo "CONTRIBUTORS=${CONTRIBUTORS}" >> $GITHUB_ENV + + - name: Prepare Message + id: render_template + uses: chuhlomin/render-template@v1.7 + with: + template: publish-mastodon.template.md + vars: | + version: ${{ env.version }} + contributors: ${{ env.CONTRIBUTORS }} + + - name: Message Preview + run: echo "${{ steps.render_template.outputs.result }}" - name: Send toot to Mastodon - id: mastodon + if: ${{ !github.event.inputs.dry-run }} uses: cbrgm/mastodon-github-action@v1.0.3 with: - message: | - New #xclim release: v${{ env.current_version }} 🎉 - - Source code available at: https://github.com/Ouranosinc/xclim - Check out the docs for more information: https://xclim.readthedocs.io/en/v${{ env.current_version }}/ - visibility: "public" # default: public + message: ${{ steps.render_template.outputs.result }} + visibility: "public" env: - MASTODON_URL: ${{ secrets.MASTODON_URL }} # https://example.social - MASTODON_ACCESS_TOKEN: ${{ secrets.MASTODON_ACCESS_TOKEN }} # access token + MASTODON_URL: ${{ secrets.MASTODON_URL }} + MASTODON_ACCESS_TOKEN: ${{ secrets.MASTODON_ACCESS_TOKEN }} diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml index af9412a52..b77b5d489 100644 --- a/.github/workflows/publish-pypi.yml +++ b/.github/workflows/publish-pypi.yml @@ -8,6 +8,10 @@ on: jobs: build-n-publish-pypi: name: Build and publish Python 🐍 distributions 📦 to PyPI + environment: production + permissions: + # IMPORTANT: this permission is mandatory for trusted publishing + id-token: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v3.6.0 @@ -21,6 +25,3 @@ jobs: run: flit build - name: Publish distribution 📦 to PyPI uses: pypa/gh-action-pypi-publish@v1.8.10 - with: - user: __token__ - password: ${{ secrets.PYPI_API_TOKEN }} diff --git a/.github/workflows/tag-testpypi.yml b/.github/workflows/tag-testpypi.yml index 0f7279aa7..edbc542fd 100644 --- a/.github/workflows/tag-testpypi.yml +++ b/.github/workflows/tag-testpypi.yml @@ -3,11 +3,15 @@ name: Publish Python 🐍 distributions 📦 to TestPyPI on: push: tags: - - '*' + - 'v*' jobs: build-n-publish-testpypi: name: Build and publish Python 🐍 distributions 📦 to TestPyPI + environment: staging + permissions: + # IMPORTANT: this permission is mandatory for trusted publishing + id-token: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v3.6.0 @@ -22,7 +26,5 @@ jobs: - name: Publish distribution 📦 to Test PyPI uses: pypa/gh-action-pypi-publish@v1.8.10 with: - user: __token__ - password: ${{ secrets.TEST_PYPI_API_TOKEN }} - repository_url: https://test.pypi.org/legacy/ - skip_existing: true + repository-url: https://test.pypi.org/legacy/ + skip-existing: true diff --git a/.readthedocs.yml b/.readthedocs.yml index 542bf7202..a9e45d17e 100644 --- a/.readthedocs.yml +++ b/.readthedocs.yml @@ -10,7 +10,7 @@ sphinx: build: os: ubuntu-22.04 tools: - python: "mambaforge-4.10" + python: "mambaforge-22.9" jobs: pre_build: - sphinx-apidoc -o docs/apidoc/ --private --module-first xclim xclim/testing/tests xclim/indicators xclim/indices diff --git a/CHANGES.rst b/CHANGES.rst index d5cbd74e3..18be9c810 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -32,6 +32,8 @@ Internal changes * Updated the testing data used in the `analogs.ipynb` notebook to use the testing data now found in `Ouranosinc/xclim-testdata`'s main branch. (`xclim-testdata PR/26 `_, :pull:`1473`). * Fixed an issue with automatic labelling that occurs when a Pull Request is made from a forked repository. (:pull:`1479`). * Changes to the ``.zenodo.json`` file no longer are marked as CI-related changes. (:pull:`1479`). +* GitHub deployment workflows now employs use of deployment environments for workflow security and uses the `Trusted Publisher `_ feature to sign and publish the `xclim` wheel and source distributions. (:pull:`1469`). +* Mastodon publishing now uses `chuhlomin/render-template `_ and a standard formatting markdown document to format Mastodon toots. (:pull:`1469`). v0.45.0 (2023-09-05) --------------------