try to fix test publish

maxscheurer · maxscheurer · commit a9784d6f7454 · 2026-03-16T23:18:51.000+01:00
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -117,16 +117,16 @@ jobs:
           name: cibw-wheels-${{ matrix.os }}-${{ strategy.job-index }}
           path: ./wheelhouse/*.whl
 
-  upload_all:
-    name: Upload distributions
+  upload_testpypi:
+    name: Upload to TestPyPI
     needs:
       - build_wheels
       - build_sdist
     if: >-
       github.event_name == 'workflow_dispatch'
       || (github.event_name == 'push' && github.ref == 'refs/heads/master')
-      || github.event_name == 'release'
-    environment: pypi
+      || (github.event_name == 'release' && github.event.release.prerelease)
+    environment: testpypi
     permissions:
       id-token: write
     runs-on: ubuntu-latest
@@ -155,12 +155,43 @@ jobs:
           PY
 
       - uses: pypa/gh-action-pypi-publish@release/v1
-        if: >-
-          github.event_name == 'workflow_dispatch'
-          || (github.event_name == 'push' && github.ref == 'refs/heads/master')
-          || (github.event_name == 'release' && github.event.release.prerelease)
         with:
           repository-url: https://test.pypi.org/legacy/
+          skip-existing: true
+          verbose: true
+
+  upload_pypi:
+    name: Upload to PyPI
+    needs:
+      - build_wheels
+      - build_sdist
+    if: github.event_name == 'release' && !github.event.release.prerelease
+    environment: pypi
+    permissions:
+      id-token: write
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/download-artifact@v4
+        with:
+          pattern: cibw-*
+          path: dist
+          merge-multiple: true
+
+      - name: Reject local versions in upload artifacts
+        run: |
+          python - <<'PY'
+          from pathlib import Path
+          files = [path.name for path in Path("dist").glob("*") if path.is_file()]
+          bad = [name for name in files if "+" in name]
+          if bad:
+              joined = "\n".join(f" - {name}" for name in bad)
+              raise SystemExit(
+                  "Refusing to upload artifacts with local version identifiers:\n"
+                  f"{joined}\n"
+                  "Configure setuptools_scm local_scheme to drop local version suffixes."
+              )
+          print("Artifact version check passed.")
+          PY
 
       - uses: pypa/gh-action-pypi-publish@release/v1
-        if: github.event_name == 'release' && !github.event.release.prerelease
