From 2b8a150dd82ff7b04c67cc17ed84bf68fdff7be1 Mon Sep 17 00:00:00 2001 From: javierzazo Date: Fri, 12 Jun 2026 13:24:34 -0700 Subject: [PATCH 1/4] ci: release fix --- .github/workflows/build-docs.yaml | 18 +++++++++++ .github/workflows/main.yaml | 24 +-------------- .github/workflows/release.yaml | 51 +++++++++++++------------------ 3 files changed, 40 insertions(+), 53 deletions(-) diff --git a/.github/workflows/build-docs.yaml b/.github/workflows/build-docs.yaml index 86a42282..ee4e5ed7 100644 --- a/.github/workflows/build-docs.yaml +++ b/.github/workflows/build-docs.yaml @@ -6,6 +6,11 @@ on: description: 'the git sha to checkout' required: true type: string + publish-docs: + description: 'whether to deploy the generated docs to github pages' + required: false + default: false + type: boolean permissions: contents: read jobs: @@ -36,3 +41,16 @@ jobs: uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0 with: path: "rats-devtools/dist/site" + deploy-docs: + name: "deploy-docs" + if: "${{ inputs.publish-docs }}" + needs: generate-docs + runs-on: "ubuntu-latest" + timeout-minutes: 10 + permissions: + pages: write + id-token: write + steps: + - name: "deploy-gh-pages" + id: deployment + uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5 diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index ac83057e..f7ea8b18 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -2,13 +2,10 @@ name: Main on: push: branches: [ "main" ] - tags: - - "v[0-9]+.[0-9]+.[0-9]+" permissions: - contents: write + contents: read pages: write id-token: write - attestations: write concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true @@ -21,31 +18,12 @@ jobs: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} with: sha: ${{ github.sha }} - build-wheels: - uses: ./.github/workflows/build-wheels.yaml - permissions: - contents: read - id-token: write - attestations: write - with: - sha: ${{ github.sha }} build-docs: uses: ./.github/workflows/build-docs.yaml permissions: contents: read - with: - sha: ${{ github.sha }} - release: - uses: ./.github/workflows/release.yaml - permissions: - contents: write pages: write id-token: write - needs: - - build-docs - - build-wheels - - checks with: sha: ${{ github.sha }} publish-docs: true - publish-wheels: true diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index fb50a4d6..98fe0e6b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,24 +1,28 @@ name: Release on: - workflow_call: - inputs: - sha: - description: 'the git sha to checkout' - required: true - type: string - publish-docs: - description: 'whether to publish docs to the github pages' - required: true - type: boolean - publish-wheels: - description: 'whether to publish wheels to the configured feed' - required: true - type: boolean + push: + branches: [ "main" ] + tags: + - "v[0-9]+.[0-9]+.[0-9]+" +permissions: + contents: read +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true jobs: + build-wheels: + uses: ./.github/workflows/build-wheels.yaml + permissions: + contents: read + id-token: write + attestations: write + with: + sha: ${{ github.sha }} + publish-wheels: - name: "publish-wheels" - runs-on: "ubuntu-latest" - if: "${{ inputs.publish-wheels }}" + name: publish-wheels + runs-on: ubuntu-24.04 + needs: build-wheels strategy: fail-fast: false matrix: @@ -46,16 +50,3 @@ jobs: run: gh release upload "$TAG_NAME" dist/* --clobber - name: publish-wheels uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # release/v1 - - publish-docs: - name: "deploy-docs" - runs-on: "ubuntu-latest" - if: "${{ inputs.publish-docs }}" - timeout-minutes: 10 - permissions: - pages: write - id-token: write - steps: - - name: "deploy-gh-pages" - id: deployment - uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5 From 5700e4c2007ad68fdba1262906a2cbc76812d42f Mon Sep 17 00:00:00 2001 From: javierzazo Date: Fri, 12 Jun 2026 13:28:50 -0700 Subject: [PATCH 2/4] ci: fix pr --- .github/workflows/pr.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index bcc943e8..987f4ab1 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -30,5 +30,7 @@ jobs: uses: ./.github/workflows/build-docs.yaml permissions: contents: read + pages: write + id-token: write with: sha: ${{ github.sha }} From 951b6ae6dbb9b4bfb9e3c21a873b94f9f01f8bb8 Mon Sep 17 00:00:00 2001 From: javierzazo Date: Fri, 12 Jun 2026 13:33:31 -0700 Subject: [PATCH 3/4] fix: precommit --- .github/workflows/build-docs.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-docs.yaml b/.github/workflows/build-docs.yaml index 2007b98e..e308bdb1 100644 --- a/.github/workflows/build-docs.yaml +++ b/.github/workflows/build-docs.yaml @@ -53,4 +53,4 @@ jobs: steps: - name: "deploy-gh-pages" id: deployment - uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5.0.0 \ No newline at end of file + uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5.0.0 From 4e1a94617685c0a3888670832809a2b39fe959c2 Mon Sep 17 00:00:00 2001 From: javierzazo Date: Fri, 12 Jun 2026 13:35:20 -0700 Subject: [PATCH 4/4] dep-bump: update uv build --- rats-apps/pyproject.toml | 2 +- rats-devtools/pyproject.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/rats-apps/pyproject.toml b/rats-apps/pyproject.toml index 3c8ded09..9dbacb16 100644 --- a/rats-apps/pyproject.toml +++ b/rats-apps/pyproject.toml @@ -41,7 +41,7 @@ dev = [ ] [build-system] -requires = ["uv_build>=0.9.2,<0.12.0"] +requires = ["uv_build>=0.11.19,<0.12.0"] build-backend = "uv_build" [tool.uv.build-backend] diff --git a/rats-devtools/pyproject.toml b/rats-devtools/pyproject.toml index 65f2b45f..e8e99b2e 100644 --- a/rats-devtools/pyproject.toml +++ b/rats-devtools/pyproject.toml @@ -45,7 +45,7 @@ dev = [ ] [build-system] -requires = ["uv_build>=0.9.2,<0.12.0"] +requires = ["uv_build>=0.11.19,<0.12.0"] build-backend = "uv_build" [tool.uv.build-backend]