Merge pull request #1679 from ocefpaf/pypi_and_dependabot

update PyPI GHA and add dependabot.yml
python-visualization · Dec 12, 2022 · a457a86 · a457a86
2 parents 2e0b4f6 + 5dbcb6e
commit a457a86
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 3 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,11 @@
+# See https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot
+
+version: 2
+updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "Bot"
diff --git a/.github/workflows/pypi.yml b/.github/workflows/pypi.yml
@@ -1,6 +1,13 @@
 name: Publish to PyPI
 
-on: ["push", "pull_request"]
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+  release:
+    types:
+      - published
 
 defaults:
   run:
@@ -15,7 +22,7 @@ jobs:
     - name: Set up Python
       uses: actions/setup-python@v4
       with:
-        python-version: 3.x
+        python-version: "3.x"
 
     - name: Get tags
       run: git fetch --depth=1 origin +refs/tags/*:refs/tags/*
@@ -38,7 +45,7 @@ jobs:
         python -m twine check *
 
     - name: Publish a Python distribution to PyPI
-      if: ${{ github.event_name == 'release' }}
+      if: success() && github.event_name == 'release'
       uses: pypa/gh-action-pypi-publish@v1.5.1
       with:
         user: __token__