diff options
Diffstat (limited to 'third_party/re2/src/.github/workflows')
| -rw-r--r-- | third_party/re2/src/.github/workflows/pages.yml | 2 | ||||
| -rw-r--r-- | third_party/re2/src/.github/workflows/python.yml | 14 | ||||
| -rw-r--r-- | third_party/re2/src/.github/workflows/release.yml | 39 |
3 files changed, 50 insertions, 5 deletions
diff --git a/third_party/re2/src/.github/workflows/pages.yml b/third_party/re2/src/.github/workflows/pages.yml index 5bff8306c..85e54d876 100644 --- a/third_party/re2/src/.github/workflows/pages.yml +++ b/third_party/re2/src/.github/workflows/pages.yml @@ -38,4 +38,4 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4.1.1 - - uses: actions/deploy-pages@v4.0.4 + - uses: actions/deploy-pages@v4.0.5 diff --git a/third_party/re2/src/.github/workflows/python.yml b/third_party/re2/src/.github/workflows/python.yml index 7d9048c09..7f97adc23 100644 --- a/third_party/re2/src/.github/workflows/python.yml +++ b/third_party/re2/src/.github/workflows/python.yml @@ -80,6 +80,9 @@ jobs: BAZELISK_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} BAZEL_CPU: darwin_${{ matrix.arch.bazel-name }} PLAT_NAME: macosx-${{ matrix.os }}.0-${{ matrix.arch.python-name }} + # Force a specific target version of macOS. + # Otherwise, `delocate` renames the wheels! + MACOSX_DEPLOYMENT_TARGET: ${{ matrix.os }}.0 # Stop macOS from reporting the system version as 10.x. # Otherwise, Python refuses to install the built wheel! SYSTEM_VERSION_COMPAT: 0 @@ -91,7 +94,7 @@ jobs: - uses: bazel-contrib/setup-bazel@0.8.1 with: bazelisk-version: '1.x' - - uses: actions/setup-python@v5.0.0 + - uses: actions/setup-python@v5.1.0 with: python-version: ${{ matrix.ver }} - name: Prepare Python ${{ matrix.ver }} environment @@ -147,7 +150,7 @@ jobs: ARCHITECTURE=${{ matrix.arch.name }} echo "architecture=${ARCHITECTURE,,}" >> "${GITHUB_ENV}" shell: bash - - uses: actions/setup-python@v5.0.0 + - uses: actions/setup-python@v5.1.0 with: python-version: ${{ matrix.ver }} architecture: ${{ env.architecture }} @@ -181,13 +184,17 @@ jobs: - wheel-linux - wheel-macos - wheel-windows + permissions: + contents: read + # Required for PyPI publishing. + id-token: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v4.1.1 # Stash the timestamp for the commit SHA that triggered the workflow. - run: echo "timestamp=$(git log -1 --pretty=%ct)" >> "${GITHUB_ENV}" shell: bash - - uses: actions/setup-python@v5.0.0 + - uses: actions/setup-python@v5.1.0 with: python-version: '3.x' - name: Prepare Python 3.x environment @@ -221,5 +228,4 @@ jobs: - if: inputs.build >= 1 uses: pypa/gh-action-pypi-publish@v1.8.14 with: - password: ${{ secrets.PYPI_API_TOKEN }} packages-dir: python/dist diff --git a/third_party/re2/src/.github/workflows/release.yml b/third_party/re2/src/.github/workflows/release.yml new file mode 100644 index 000000000..dd150a3a5 --- /dev/null +++ b/third_party/re2/src/.github/workflows/release.yml @@ -0,0 +1,39 @@ +name: Release +on: + push: + tags: ['**'] +permissions: + contents: read +jobs: + create: + permissions: + # Required to create the release + # and upload the release assets. + contents: write + # Required for Sigstore signing. + id-token: write + runs-on: ubuntu-latest + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + steps: + - uses: actions/checkout@v4.1.1 + - run: | + gh release create "${GITHUB_REF_NAME}" \ + --generate-notes --latest --verify-tag \ + --repo "${GITHUB_REPOSITORY}" + gh release download "${GITHUB_REF_NAME}" \ + --archive tar.gz \ + --repo "${GITHUB_REPOSITORY}" + gh release download "${GITHUB_REF_NAME}" \ + --archive zip \ + --repo "${GITHUB_REPOSITORY}" + shell: bash + - uses: sigstore/gh-action-sigstore-python@v2.1.1 + with: + # N.B. This is a whitespace-separated string! + inputs: '*.tar.gz *.zip' + - run: | + gh release upload "${GITHUB_REF_NAME}" \ + *.tar.gz *.zip *.sigstore \ + --repo "${GITHUB_REPOSITORY}" + shell: bash |