From ce58c0406a99cf7259cb0b19741c40ac309a237e Mon Sep 17 00:00:00 2001 From: Spencer Murray Date: Wed, 30 Jul 2025 13:07:41 -0400 Subject: [PATCH 1/3] Test --- .github/workflows/release-codecov-cli.yml | 48 +++++++++++------------ 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/workflows/release-codecov-cli.yml b/.github/workflows/release-codecov-cli.yml index a2b2e274..62952b7c 100644 --- a/.github/workflows/release-codecov-cli.yml +++ b/.github/workflows/release-codecov-cli.yml @@ -3,38 +3,38 @@ name: Build and publish codecov-cli on: - release: - types: [published] + push + # release: + # types: [published] permissions: contents: read jobs: - test: + publish_to_pypi: + permissions: + id-token: write # This is required for OIDC runs-on: ubuntu-latest + environment: + name: pypi + url: https://pypi.org/p/codecov-cli steps: - - run: echo "hi from build and publish codecov-cli" + - name: Download pypi release assets + uses: robinraju/release-downloader@daf26c55d821e836577a15f77d86ddc078948b05 # v1.12 + with: + # tag: ${{ github.ref_name }} + tag: "v11.0.6" + fileName: codecov_cli-* + out-file-path: codecov-cli/dist - # publish_to_pypi: - # permissions: - # id-token: write # This is required for OIDC - # runs-on: ubuntu-latest - # environment: - # name: pypi - # url: https://pypi.org/p/codecov-cli - # steps: - # - name: Download build artifacts - # uses: dawidd6/action-download-artifact@ac66b43f0e6a346234dd65d4d0c8fbb31cb316e5 # v11 - # with: - # branch: release/${{ github.ref }} - # name: codecov-cli_wheel - # path: codecov-cli/dist - # - # - name: Publish package to PyPi - # uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 - # with: - # verbose: true - # packages-dir: codecov-cli/dist + - name: test + run: ls -R codecov-cli/dist + + # - name: Publish package to PyPi + # uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 + # with: + # verbose: true + # packages-dir: codecov-cli/dist # publish_release: # name: Publish release From 07e977f3a4c3af6e9d0fa7ef5ba33de6247b1fc9 Mon Sep 17 00:00:00 2001 From: Spencer Murray Date: Wed, 30 Jul 2025 13:19:44 -0400 Subject: [PATCH 2/3] Re-enable real codecov-cli release --- .github/workflows/release-codecov-cli.yml | 64 ++++++++++------------- 1 file changed, 28 insertions(+), 36 deletions(-) diff --git a/.github/workflows/release-codecov-cli.yml b/.github/workflows/release-codecov-cli.yml index 62952b7c..a234b507 100644 --- a/.github/workflows/release-codecov-cli.yml +++ b/.github/workflows/release-codecov-cli.yml @@ -3,9 +3,8 @@ name: Build and publish codecov-cli on: - push - # release: - # types: [published] + release: + types: [published] permissions: contents: read @@ -15,45 +14,38 @@ jobs: permissions: id-token: write # This is required for OIDC runs-on: ubuntu-latest - environment: - name: pypi - url: https://pypi.org/p/codecov-cli steps: - name: Download pypi release assets uses: robinraju/release-downloader@daf26c55d821e836577a15f77d86ddc078948b05 # v1.12 with: - # tag: ${{ github.ref_name }} - tag: "v11.0.6" + tag: ${{ github.ref_name }} fileName: codecov_cli-* out-file-path: codecov-cli/dist - - name: test - run: ls -R codecov-cli/dist + - name: Publish package to PyPi + uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 + with: + verbose: true + packages-dir: codecov-cli/dist - # - name: Publish package to PyPi - # uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 - # with: - # verbose: true - # packages-dir: codecov-cli/dist + publish_release: + name: Publish release + runs-on: ubuntu-latest + permissions: + contents: "read" + id-token: "write" + steps: + - id: "auth" + name: "Authenticate to Google Cloud" + uses: "google-github-actions/auth@v1.0.0" + with: + create_credentials_file: "true" + workload_identity_provider: ${{ secrets.CODECOV_GCP_WIDP }} + service_account: ${{ secrets.CODECOV_GCP_WIDSA }} - # publish_release: - # name: Publish release - # runs-on: ubuntu-latest - # permissions: - # contents: "read" - # id-token: "write" - # steps: - # - id: "auth" - # name: "Authenticate to Google Cloud" - # uses: "google-github-actions/auth@v1.0.0" - # with: - # create_credentials_file: "true" - # workload_identity_provider: ${{ secrets.CODECOV_GCP_WIDP }} - # service_account: ${{ secrets.CODECOV_GCP_WIDSA }} - # - # # Publish the release tag to a Pub/Sub topic - # - name: Publish a message to a Pub/Sub topic - # env: - # CLOUDSDK_CORE_PROJECT: ${{ secrets.GCLOUD_UPLOADER_PROJECT_ID }} - # run: | - # gcloud pubsub topics publish ${{ secrets.GCLOUD_UPLOADER_PUBSUB_TOPIC }} --message '{"release":"'"${{ github.ref_name }}"'", "latest":true}' + # Publish the release tag to a Pub/Sub topic + - name: Publish a message to a Pub/Sub topic + env: + CLOUDSDK_CORE_PROJECT: ${{ secrets.GCLOUD_UPLOADER_PROJECT_ID }} + run: | + gcloud pubsub topics publish ${{ secrets.GCLOUD_UPLOADER_PUBSUB_TOPIC }} --message '{"release":"'"${{ github.ref_name }}"'", "latest":true}' From 001cff5e2f7b68ec1966533c7176af76248eb2ad Mon Sep 17 00:00:00 2001 From: Spencer Murray Date: Wed, 30 Jul 2025 13:24:34 -0400 Subject: [PATCH 3/3] Enable pypi target for prevent-cli in craft config --- .craft.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.craft.yml b/.craft.yml index 49c1d33d..d7a4b107 100644 --- a/.craft.yml +++ b/.craft.yml @@ -12,4 +12,5 @@ targets: - algorithm: sha256 includeNames: /^(sentry-prevent-|sentry_prevent_|codecov|codecov_)cli.*/i - # - name: pypi + - name: pypi + includeNames: /sentry_prevent_cli-*/i