Package pushed on JFrog #68

Workflow file for this run

	name: Build, test and deploy LedgerWallet

	on:
	workflow_dispatch:
	push:
	tags:
	- '*'
	branches:
	- master
	pull_request:
	branches:
	- master
	- develop

	permissions:
	id-token: write
	attestations: write

	jobs:
	build_install:
	name: Build and install the Ledgerblue Python package
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix:
	python_version: ['3.8', '3.9', '3.10', '3.11', '3.12', '3.13']
	steps:
	- name: Clone
	uses: actions/checkout@v4

	- name: Setup Python version
	uses: actions/setup-python@v5
	with:
	python-version: ${{ matrix.python_version }}

	- name: Build & install
	run: \|
	pip install -U pip
	pip install -U .

	package-deploy:
	name: Build the Python package, and deploy if needed
	runs-on: public-ledgerhq-shared-small
	needs: build_install
	steps:
	- name: Clone
	uses: actions/checkout@v3
	with:
	fetch-depth: 0

	- name: Install dependencies
	run: \|
	# Needed to workaround this bug https://github.com/pypa/setuptools/issues/4759
	# To be removed when it's fixed
	pip install -U packaging

	python -m pip install pip --upgrade
	pip install build twine

	- name: Build the Python package
	run: \|
	python -m build
	twine check dist/*
	echo "TAG_VERSION=$(python -c 'from ledgerblue import __version__; print(__version__)')" >> "$GITHUB_ENV"

	- name: Display current status
	run: \|
	echo "Current status is:"
	if [[ ${{ github.ref }} == "refs/tags/"* ]];
	then
	echo "- Triggered from tag, will be deployed on pypi.org";
	else
	echo "- Not triggered from tag, will be deployed on test.pypi.org";
	fi
	echo "- Tag version: ${{ env.TAG_VERSION }}";

	- name: Publish Python package on pypi.org
	if: success() && github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
	run: python -m twine upload dist/*
	env:
	TWINE_USERNAME: __token__
	TWINE_PASSWORD: ${{ secrets.PYPI_PUBLIC_API_TOKEN }}
	TWINE_NON_INTERACTIVE: 1

	- name: Login to Ledger Artifactory
	if: success() && github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
	timeout-minutes: 10
	id: jfrog-login
	uses: LedgerHQ/actions-security/actions/jfrog-login@actions/jfrog-login-1

	- name: Publish Python package on Ledger Artifactory
	if: success() && github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
	run: python -m twine upload dist/*
	env:
	TWINE_REPOSITORY_URL: https://jfrog.ledgerlabs.net/artifactory/api/pypi/embedded-apps-pypi-prod-green
	TWINE_USERNAME: ${{ steps.jfrog-login.outputs.oidc-user }}
	TWINE_PASSWORD: ${{ steps.jfrog-login.outputs.oidc-token }}
	TWINE_NON_INTERACTIVE: 1

	- name: Generate library build attestations
	if: success() && github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
	timeout-minutes: 10
	uses: LedgerHQ/actions-security/actions/attest@actions/attest-1
	with:
	subject-path: dist/*

	- name: Sign library artifacts
	if: success() && github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
	timeout-minutes: 10
	uses: LedgerHQ/actions-security/actions/sign-blob@actions/sign-blob-1
	with:
	path: dist

	- name: Publish a release on the repo
	if: \|
	success() &&
	github.event_name == 'push' &&
	startsWith(github.ref, 'refs/tags/')
	uses: "marvinpinto/action-automatic-releases@latest"
	with:
	automatic_release_tag: "v${{ env.TAG_VERSION }}"
	repo_token: "${{ secrets.GITHUB_TOKEN }}"
	prerelease: false
	files: \|
	LICENSE
	dist/

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Package pushed on JFrog #68

Workflow file

Package pushed on JFrog #68

Jobs

Run details

Workflow file for this run