setuptools-github helps to setup a simple project life cycle where the target is delivering packages into PyPI from a hosted project at Github.
The idea is rather simple (and detailed in here):
beta/N.M.O branch will do all the previous checks + publishing a beta package N.M.ObXXX (XXX is an increasing number) on PyPIbeta/N.M.O branch will publish an official package on PyPI for N.M.OSee here for what the life cycle implementation looks like.
The project should conform to this layout style:
project-name/
├── setup.py
├── pyproject.toml
├── .github
│ └── workflows <- workflow files for
│ ├── beta.yml * beta/N.M.O branches
│ ├── master.yml * master branch
│ └── tags.yml * release/N.M.O tags
├── src
│ └── project_name <- project name
│ └── __init__.py <- version_file
└── tests <- tests (pytest)
├── conftest.py
└── requirements.txt <- requirement file for tests
NOTE for a pyproject.toml / hatch enabled version of this, please use hatch-ci plugin
pip install setuptools-github
or
conda install -c conda-forge setuptools-github
Create a new version_file src/project_name/__init__.py file to store the package information:
__version__ = "N.M.O" # replace N, M and O with numerical values (eg. 0.0.0)
__hash__ = "" # leave this empty
Include in the setup.py file:
from setuptools_github import tools
setup(
name="project-name",
version=tools.process(version_file, os.getenv("GITHUB_DUMP"))["version"],
...
NOTE: there's an annotated
tools.processexample in setup.py with support for keyword substitution on text files.
These are the steps to automate the build process on github.
Add these workflows file to your project:
These will trigger a build on:
NOTE: Most likely you might need to change:
- the
tests/requirements.txtfile- the envs variables at the beging of
master.ymlandbeta.yml
In order to publish to codecov the coveragen info and to PyPI the wheels, you need to set the github secrets under:
https://github.com/username/project-name/settings/secrets/actions
These are the needed secrets for the PyPI index and codecov services:
Every time there's a commit on the master branch, this will trigger the workflow under ./github/workflows/master.yml:
On completion static and dynamic tests are supported.
In order to prepare for a release a new beta/N.M.O branch should be created:
python -m setuptools_github.script make-beta src/project_name/__init__.py
or
setuptools-github make-beta src/project_name/__init__.py
Every commit on beta/N.M.O branch if Secrets have been set properly:
NOTE: the name project-N.M.O.bX contains the X: this is an incrementing counter set during build. This means project-N.M.O.bX < project-N.M.O allowing the correct package ordering.
To release an official package for project-N.M.O from the beta/N.M.O branch:
python -m setuptools_github.script micro src/project_name/__init__.py
or
setuptools-github make-beta micro src/project_name/__init__.py
This will tag the HEAD on beta/N.M.O branch with the release/N.M.O tag and increment the version_file with the next version N.M.O+1 (using micro).
Once done, you'll need to push it the tag.
git push release/N.M.O
This will:
FAQs
supports github releases
We found that setuptools-github demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
vlt's new "reproduce" tool verifies npm packages against their source code, outperforming traditional provenance adoption in the JavaScript ecosystem.
Research
Security News
Socket researchers uncovered a malicious PyPI package exploiting Deezer’s API to enable coordinated music piracy through API abuse and C2 server control.
Research
The Socket Research Team discovered a malicious npm package, '@ton-wallet/create', stealing cryptocurrency wallet keys from developers and users in the TON ecosystem.