-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' of https://github.com/andife/onnx
- Loading branch information
Showing
4 changed files
with
90 additions
and
105 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -18,13 +18,14 @@ concurrency: | |
| cancel-in-progress: true | ||
|
|
||
| jobs: | ||
|
|
||
| call-workflow-sourcedist: | ||
| strategy: | ||
| matrix: | ||
| os: ['mac-latest'] | ||
| uses: ./.github/workflows/release_sourcedist.yml | ||
| with: | ||
| os: "mac" | ||
| strategy: | ||
| matrix: | ||
| os: ['mac-latest'] | ||
| uses: ./.github/workflows/release_sourcedist.yml | ||
| with: | ||
| os: "mac" | ||
|
|
||
| call-workflow-ubuntu_x86: | ||
| strategy: | ||
|
|
@@ -47,94 +48,90 @@ jobs: | |
| matrix: | ||
| os: ['windows-latest'] | ||
| uses: ./.github/workflows/release_win.yml | ||
| with: | ||
| os: "win" | ||
| with: | ||
| os: "win" | ||
|
|
||
| call-workflow-mac: | ||
| strategy: | ||
| matrix: | ||
| os: ['mac-latest'] | ||
| uses: ./.github/workflows/release_mac.yml | ||
| with: | ||
| os: "mac" | ||
| os: "macos" | ||
|
|
||
|
|
||
|
|
||
| publish-weekly: | ||
| # Publish weekly pypi, if not all OS variants are successful, it's ok | ||
| name: Publish Weekly to TestPyPI | ||
| publish_to_testpypi: | ||
| # TODO Add a deployment step for reviewing https://docs.github.com/en/actions/managing-workflow-runs/reviewing-deployments | ||
| name: Release (Publish to testpypi, onnxweekly) | ||
| runs-on: ubuntu-latest | ||
| needs: [call-workflow-mac, call-workflow-ubuntu_x86, call-workflow-ubuntu_aarch64, call-workflow-win, call-workflow-sourcedist] | ||
| # does not run on forks or pull requests | ||
| if: (github.repository_owner == 'onnx') && (( github.event_name == 'schedule' )) && ((needs.call-workflow-mac.result == 'success') || (needs.call-workflow-ubuntu_x86.result == 'success') || (needs.call-workflow-ubuntu_aarch64.result == 'success') || (needs.call-workflow-sourcedist.result == 'success')) | ||
|
|
||
| environment: | ||
| name: pypi | ||
| url: https://pypi.org/p/onnx-weekly/ | ||
| # name: pypi # TODO: Does not yet exist, has to be created, see here: https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/ | ||
|
|
||
| needs: [call-workflow-ubuntu_x86, call-workflow-ubuntu_aarch64, call-workflow-mac, call-workflow-win] | ||
| if: (github.ref == 'refs/head/main') && (github.event_name != 'pull_request') && ((needs.call-workflow-mac.result == 'success') || (needs.call-workflow-ubuntu_x86.result == 'success') || (needs.call-workflow-ubuntu_aarch64.result == 'success') || (needs.call-workflow-win.result == 'success')) | ||
|
|
||
| environment: | ||
| name: testpypi | ||
| url: https://test.pypi.org/p/onnx | ||
|
|
||
| permissions: | ||
| contents: write # IMPORTANT: mandatory for making GitHub Releases # TODO: check what is needed here? | ||
| id-token: write # IMPORTANT: mandatory for trusted publishing (which means without api-token or password) | ||
| contents: write # IMPORTANT: mandatory for making GitHub Releases | ||
| id-token: write # IMPORTANT: mandatory for sigstore | ||
|
|
||
| steps: | ||
|
|
||
| - uses: actions/download-artifact@v4 | ||
| with: | ||
| pattern: wheels* # TODO change back to python-wheels? | ||
| pattern: wheels* | ||
| path: dist | ||
| merge-multiple: true | ||
|
|
||
| - uses: actions/download-artifact@v4 | ||
| with: | ||
| pattern: sdist* | ||
| path: dist | ||
| merge-multiple: true | ||
|
|
||
| - name: Publish distribution to PyPI | ||
| - name: Publish distribution to TestPyPI | ||
| if: (github.event_name == 'schedule') && (github.repository_owner == 'onnx') | ||
| uses: pypa/gh-action-pypi-publish@release/v1 | ||
| with: | ||
| with: | ||
| repository-url: https://test.pypi.org/legacy/ | ||
| verbose: true | ||
| print-hash: true | ||
| print-hash: true | ||
|
|
||
| prepare-release: | ||
| name: Release-Prep (p.ex. sigstore, pypi) | ||
| runs-on: ubuntu-latest | ||
| needs: [call-workflow-mac, call-workflow-ubuntu_x86, call-workflow-ubuntu_aarch64, call-workflow-win] | ||
| if: (needs.call-workflow-mac.result == 'success') && (needs.call-workflow-ubuntu_x86.result == 'success') && (needs.call-workflow-ubuntu_aarch64.result == 'success') && (needs.call-workflow-win.result == 'success') | ||
| name: Release-Prep (p.ex. sigstore, pypi) | ||
| runs-on: ubuntu-latest | ||
| needs: [call-workflow-mac, call-workflow-ubuntu_x86, call-workflow-ubuntu_aarch64, call-workflow-win] | ||
| if: (needs.call-workflow-mac.result == 'success') && (needs.call-workflow-ubuntu_x86.result == 'success') && (needs.call-workflow-ubuntu_aarch64.result == 'success') && (needs.call-workflow-win.result == 'success') && (needs.call-workflow-sourcedist.result == 'success') | ||
|
|
||
| permissions: | ||
| contents: write # IMPORTANT: mandatory for making GitHub Releases | ||
| id-token: write # IMPORTANT: mandatory for sigstore | ||
| permissions: | ||
| contents: write # IMPORTANT: mandatory for making GitHub Releases | ||
| id-token: write # IMPORTANT: mandatory for sigstore | ||
|
|
||
| steps: | ||
|
|
||
| - uses: actions/download-artifact@v4 | ||
| with: | ||
| pattern: wheels* # TODO change back to python-wheels? | ||
| path: dist | ||
| merge-multiple: true | ||
|
|
||
| - name: Sign the dists with Sigstore #/home/runner/work/onnx/onnx/dist/*.tar.gz | ||
| # Signing should only be done for the final release and maybe not for release candidates... probably this prep release steps has to be splitted or renamend to prepare signatures | ||
| if: github.event_name != 'pull_request' || startsWith( github.base_ref, 'rel-') | ||
| uses: sigstore/[email protected] | ||
| with: | ||
| inputs: >- | ||
| /home/runner/work/onnx/onnx/dist/*.whl | ||
| steps: | ||
|
|
||
| - uses: actions/download-artifact@v4 | ||
| with: | ||
| pattern: wheels* # TODO change back to python-wheels? | ||
| path: dist | ||
| merge-multiple: true | ||
|
|
||
| - name: Sign the dists with Sigstore #/home/runner/work/onnx/onnx/dist/*.tar.gz | ||
| # Signing should only be done for the final release and maybe not for release candidates... probably this prep release steps has to be splitted or renamend to prepare signatures | ||
| if: github.event_name != 'pull_request' || startsWith( github.base_ref, 'rel-') | ||
| uses: sigstore/[email protected] | ||
| with: | ||
| inputs: >- | ||
| /home/runner/work/onnx/onnx/dist/*.whl | ||
| - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b | ||
| if: github.event_name != 'pull_request' || startsWith( github.base_ref, 'rel-') | ||
| with: | ||
| name: sigstore-files | ||
| path: | | ||
| /home/runner/work/onnx/onnx/dist/*.sigstore.json | ||
|
|
||
| - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b | ||
| if: github.event_name != 'pull_request' || startsWith( github.base_ref, 'rel-') | ||
| with: | ||
| name: sigstore-files | ||
| path: | | ||
| /home/runner/work/onnx/onnx/dist/*.sigstore.json | ||
| # TODO | ||
| # at this point, we have the wheels and could check if they are usable by offline testing...continue-on-error: | ||
| # For more information about environments and required approvals, see "Using environments for deployment." F | ||
| # We can use a separate requirement for deploy | ||
| # TODO | ||
| # at this point, we have the wheels and could check if they are usable by offline testing...continue-on-error: | ||
| # For more information about environments and required approvals, see "Using environments for deployment." F | ||
| # We can use a separate requirement for deploy | ||
|
|
||
| release: | ||
| # TODO Add a deployment step for reviewing https://docs.github.com/en/actions/managing-workflow-runs/reviewing-deployments | ||
|
|
@@ -147,37 +144,28 @@ jobs: | |
| name: releasepypi | ||
| url: https://pypi.org/p/onnx | ||
|
|
||
| #steps: | ||
|
|
||
| # publish_to_pypi: | ||
| # # TODO Add a deployment step for reviewing https://docs.github.com/en/actions/managing-workflow-runs/reviewing-deployments | ||
| # name: Release (Publish to testpypi, onnxweekly) | ||
| # runs-on: ubuntu-latest | ||
| # needs: [call-workflow-ubuntu_x86, call-workflow-ubuntu_aarch64, call-workflow-mac, call-workflow-win] | ||
| # if: (github.ref == 'refs/head/main') && (github.event_name != 'pull_request') && ((needs.call-workflow-mac.result == 'success') || (needs.call-workflow-ubuntu_x86.result == 'success') || (needs.call-workflow-ubuntu_aarch64.result == 'success') || (needs.call-workflow-win.result == 'success')) | ||
|
|
||
| # environment: | ||
| # name: testpypi | ||
| # url: https://test.pypi.org/p/onnx | ||
|
|
||
| # permissions: | ||
| # contents: write # IMPORTANT: mandatory for making GitHub Releases | ||
| # id-token: write # IMPORTANT: mandatory for sigstore | ||
|
|
||
| # steps: | ||
|
|
||
| # - uses: actions/download-artifact@v4 | ||
| # with: | ||
| # pattern: wheels* # TODO change back to python-wheels? | ||
| # path: dist | ||
| # merge-multiple: true | ||
|
|
||
| # - name: Publish distribution to TestPyPI | ||
| # if: (github.event_name == 'schedule') && (github.repository_owner == 'onnx') | ||
| # uses: pypa/gh-action-pypi-publish@release/v1 | ||
| # with: | ||
| # repository-url: https://test.pypi.org/legacy/ | ||
| # verbose: true | ||
| # print-hash: true | ||
| steps: | ||
|
|
||
| - uses: actions/download-artifact@v4 | ||
| with: | ||
| pattern: sigstore-files* # TODO change back to python-wheels? | ||
| path: dist | ||
| merge-multiple: true | ||
|
|
||
| - name: Publish distribution to PyPI | ||
| uses: pypa/gh-action-pypi-publish@release/v1 | ||
| with: | ||
| repository-url: https://pypi.org/legacy/ | ||
|
|
||
|
|
||
| # The Release is created by the Github GUI, we only add the files here | ||
| - name: Upload artifact signatures to GitHub Release | ||
| if: startsWith(github.ref, 'refs/tags/') # only publish to PyPI on tag pushes # TODO check exact variants | ||
| env: | ||
| GITHUB_TOKEN: ${{ github.token }} | ||
| # Upload to GitHub Release using the `gh` CLI. | ||
| # `dist/` contains the built packages, and the | ||
| # sigstore-produced signatures and certificates. | ||
| run: >- | ||
| gh release upload | ||
| '${{ github.ref_name }}' /home/runner | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters