name: Build and Publish ray-serve-apps on: push: branches: - main paths: - 'ray-serve/**' - '.gitea/workflows/publish-ray-serve.yaml' pull_request: branches: - main paths: - 'ray-serve/**' workflow_dispatch: env: NTFY_URL: http://ntfy.observability.svc.cluster.local:80 jobs: lint: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v5 with: python-version: '3.11' - name: Install ruff run: pip install ruff - name: Lint with ruff run: | cd ray-serve ruff check . ruff format --check . publish: needs: lint runs-on: ubuntu-latest if: github.event_name == 'push' && github.ref == 'refs/heads/main' steps: - name: Checkout uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v5 with: python-version: '3.11' - name: Install build tools run: pip install build twine - name: Build package run: | cd ray-serve python -m build - name: Publish to Gitea PyPI env: TWINE_USERNAME: ${{ secrets.REGISTRY_USER }} TWINE_PASSWORD: ${{ secrets.REGISTRY_TOKEN }} TWINE_REPOSITORY_URL: http://gitea-http.gitea.svc.cluster.local:3000/api/packages/daviestechlabs/pypi run: | cd ray-serve # Debug: check if secrets are set (don't print the token!) echo "Username set: ${TWINE_USERNAME:+yes}" echo "Password set: ${TWINE_PASSWORD:+yes}" if [ -z "$TWINE_USERNAME" ] || [ -z "$TWINE_PASSWORD" ]; then echo "ERROR: REGISTRY_USER or REGISTRY_TOKEN secrets not set" exit 1 fi # Use twine for proper PyPI upload protocol python -m twine upload --verbose dist/* - name: Notify on success if: success() run: | curl -s -X POST "${{ env.NTFY_URL }}/gitea-ci" \ -H "Title: ray-serve-apps published" \ -H "Priority: default" \ -H "Tags: package,white_check_mark" \ -d "Published ray-serve-apps to Gitea PyPI" - name: Notify on failure if: failure() run: | curl -s -X POST "${{ env.NTFY_URL }}/gitea-ci" \ -H "Title: ray-serve-apps publish failed" \ -H "Priority: high" \ -H "Tags: package,x" \ -d "Failed to publish ray-serve-apps to Gitea PyPI"