1+ name : Labelbox Python SDK Publish
2+
3+ on :
4+ workflow_dispatch :
5+ inputs :
6+ tag :
7+ description : ' Release Tag'
8+ required : true
9+ skip-tests :
10+ description : ' Skip PROD Test (Do not do this unless there is an emergency)'
11+ default : ' false'
12+ required : true
13+ type : choice
14+ options :
15+ - false
16+ - true
17+
18+
19+ concurrency :
20+ group : ${{ github.workflow }}
21+ cancel-in-progress : false
22+
23+ # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
24+ permissions :
25+ contents : read
26+ pages : write
27+ id-token : write
28+
29+ jobs :
30+ build :
31+ runs-on : ubuntu-latest
32+ steps :
33+ - uses : actions/checkout@v4
34+ with :
35+ token : ${{ secrets.ACTIONS_ACCESS_TOKEN }}
36+ ref : ${{ inputs.tag }}
37+ - name : Install the latest version of rye
38+ uses : eifinger/setup-rye@v2
39+ with :
40+ version : ${{ vars.RYE_VERSION }}
41+ enable-cache : true
42+ - name : Rye Setup
43+ run : |
44+ rye config --set-bool behavior.use-uv=true
45+ name : Create build
46+ working-directory : libs/labelbox
47+ run : |
48+ rye sync
49+ rye build
50+ uses : actions/upload-artifact@v4
51+ with :
52+ name : build
53+ path : ./dist
54+ test-build :
55+ if : ${{ inputs.skip-tests }} != "true"
56+ needs : ['build']
57+ runs-on : ubuntu-latest
58+ strategy :
59+ fail-fast : false
60+ matrix :
61+ include :
62+ - python-version : 3.8
63+ prod-key : PROD_LABELBOX_API_KEY_2
64+ da-test-key : DA_GCP_LABELBOX_API_KEY
65+ - python-version : 3.9
66+ prod-key : PROD_LABELBOX_API_KEY_3
67+ da-test-key : DA_GCP_LABELBOX_API_KEY
68+ - python-version : " 3.10"
69+ prod-key : PROD_LABELBOX_API_KEY_4
70+ da-test-key : DA_GCP_LABELBOX_API_KEY
71+ - python-version : 3.11
72+ prod-key : LABELBOX_API_KEY
73+ da-test-key : DA_GCP_LABELBOX_API_KEY
74+ - python-version : 3.12
75+ prod-key : PROD_LABELBOX_API_KEY_5
76+ da-test-key : DA_GCP_LABELBOX_API_KEY
77+ steps :
78+ - uses : actions/checkout@v4
79+ with :
80+ token : ${{ secrets.ACTIONS_ACCESS_TOKEN }}
81+ ref : ${{ inputs.tag }}
82+ - name : Install the latest version of rye
83+ uses : eifinger/setup-rye@v2
84+ with :
85+ version : ${{ vars.RYE_VERSION }}
86+ enable-cache : true
87+ - name : Rye Setup
88+ run : |
89+ rye config --set-bool behavior.use-uv=true
90+ name : Python setup
91+ run : rye pin ${{ matrix.python-version }}
92+ - uses : actions/download-artifact@v4
93+ with :
94+ name : build
95+ path : ./dist
96+ - name : Prepare package and environment
97+ run : |
98+ rye sync
99+ rye run toml unset --toml-path pyproject.toml tool.rye.workspace
100+ rye sync -f --update-all
101+ name : Integration Testing
102+ env :
103+ PYTEST_XDIST_AUTO_NUM_WORKERS : 32
104+ LABELBOX_TEST_API_KEY : ${{ secrets[matrix.prod-key] }}
105+ DA_GCP_LABELBOX_API_KEY : ${{ secrets[matrix.da-test-key] }}
106+ LABELBOX_TEST_ENVIRON : prod
107+ run : |
108+ rye add labelbox --path ./$(find ./dist/ -name *.tar.gz) --sync
109+ cd libs/labelbox
110+ rm pyproject.toml
111+ rye run pytest tests/integration
112+ name : Data Testing
113+ env :
114+ PYTEST_XDIST_AUTO_NUM_WORKERS : 32
115+ LABELBOX_TEST_API_KEY : ${{ secrets[matrix.prod-key] }}
116+ DA_GCP_LABELBOX_API_KEY : ${{ secrets[matrix.da-test-key] }}
117+ LABELBOX_TEST_ENVIRON : prod
118+ run : |
119+ rye add labelbox --path ./$(find ./dist/ -name *.tar.gz) --sync --features data
120+ cd libs/labelbox
121+ rye run pytest tests/data
122+ pypi-publish :
123+ runs-on : ubuntu-latest
124+ needs : ['test-build']
125+ environment :
126+ name : publish
127+ url : ' https://pypi.org/project/labelbox/'
128+ permissions :
129+ # IMPORTANT: this permission is mandatory for trusted publishing
130+ id-token : write
131+ steps :
132+ - uses : actions/download-artifact@v4
133+ with :
134+ name : build
135+ - name : Publish package distributions to PyPI
136+ uses : pypa/gh-action-pypi-publish@release/v1
137+ with :
138+ packages-dir : artifact/
139+ container-publish :
140+ runs-on : ubuntu-latest
141+ needs : ['test-build']
142+ env :
143+ CONTAINER_IMAGE : " ghcr.io/${{ github.repository }}"
144+ steps :
145+ - name : downcase CONTAINER_IMAGE
146+ run : |
147+ echo "CONTAINER_IMAGE=${CONTAINER_IMAGE,,}" >> ${GITHUB_ENV}
148+
149+ - name : Set up Docker Buildx
150+ uses : docker/setup-buildx-action@v3
151+
152+ - name : Log in to the Container registry
153+ uses : docker/login-action@v3
154+ with :
155+ registry : ghcr.io
156+ username : ${{ github.actor }}
157+ password : ${{ secrets.GITHUB_TOKEN }}
158+
159+ - name : Build and push
160+ uses : docker/build-push-action@v5
161+ with :
162+ github-token : ${{ secrets.GITHUB_TOKEN }}
163+ push : true
164+
165+ platforms : |
166+ linux/amd64
167+ linux/arm64
168+
169+ tags : |
170+ ${{ env.CONTAINER_IMAGE }}:latest
171+ ${{ env.CONTAINER_IMAGE }}:${{ inputs.tag }}
172+
173+ # Note that the build and pypi-publish jobs are split so that the additional permissions are only granted to the pypi-publish job.
0 commit comments