shipcli 0.0.1__py3-none-any.whl

shipcli/publisher.py

@@ -0,0 +1,432 @@
+"""shipcli publish 发布能力。"""
+
+from __future__ import annotations
+
+import hashlib
+import importlib.util
+import json
+import mimetypes
+import os
+import subprocess
+import sys
+import urllib.error
+import urllib.parse
+import urllib.request
+from dataclasses import dataclass
+from pathlib import Path
+from typing import Any
+
+from shipcli.config import load_config
+
+@dataclass(frozen=True)
+class LocalReleaseProduct:
+    """描述本地已构建好的 release 分发产物。"""
+
+    app_name: str
+    version: str
+    version_dir: Path
+    dist_dir: Path
+
+
+@dataclass(frozen=True)
+class GitHubPublishResult:
+    """描述 GitHub Release 发布结果。"""
+
+    version: str
+    release_url: str
+    asset_paths: tuple[Path, ...]
+
+
+@dataclass(frozen=True)
+class PyPIPublishResult:
+    """描述 PyPI 发布结果。"""
+
+    version: str
+    distribution_paths: tuple[Path, ...]
+
+
+def is_git_repo(project_root: Path) -> bool:
+    """判断项目根目录是否为 git 仓库。"""
+    return (project_root / ".git").is_dir()
+
+
+def git_working_tree_clean(project_root: Path) -> bool:
+    """判断 git 工作区是否干净（无未提交改动，含未跟踪文件）。"""
+    result = subprocess.run(
+        ["git", "status", "--porcelain"],
+        cwd=project_root,
+        capture_output=True,
+        text=True,
+        check=False,
+    )
+    if result.returncode != 0:
+        return False
+    return result.stdout.strip() == ""
+
+
+def git_commit_all(project_root: Path, message: str) -> bool:
+    """提交工作区全部改动；无改动时返回 False。"""
+    if git_working_tree_clean(project_root):
+        return False
+    subprocess.run(
+        ["git", "add", "-A"],
+        cwd=project_root,
+        check=True,
+        capture_output=True,
+        text=True,
+    )
+    subprocess.run(
+        ["git", "commit", "-m", message],
+        cwd=project_root,
+        check=True,
+        capture_output=True,
+        text=True,
+    )
+    return True
+
+
+def git_tag_exists(project_root: Path, tag: str) -> bool:
+    """判断本地或远程是否已存在指定 git tag。"""
+    result = subprocess.run(
+        ["git", "tag", "-l", tag],
+        cwd=project_root,
+        capture_output=True,
+        text=True,
+        check=False,
+    )
+    if result.returncode != 0:
+        return False
+    return tag in result.stdout.split()
+
+
+def create_git_tag(project_root: Path, tag: str, push: bool = True) -> bool:
+    """为当前 HEAD 创建 git tag，已存在则跳过；返回是否实际新建。"""
+    if git_tag_exists(project_root, tag):
+        return False
+    subprocess.run(
+        ["git", "tag", tag],
+        cwd=project_root,
+        check=True,
+        capture_output=True,
+        text=True,
+    )
+    if push:
+        subprocess.run(
+            ["git", "push", "origin", tag],
+            cwd=project_root,
+            check=True,
+            capture_output=True,
+            text=True,
+        )
+    return True
+
+
+def resolve_release_version(project_root: Path, version: str | None = None) -> str:
+    """解析要发布的 release 版本，并阻止误发 dev 版本。"""
+    config = load_config(project_root)
+    resolved = version or config["version"]
+    if ".dev" in resolved or "-dev" in resolved:
+        raise ValueError("publish 命令只支持发布 release 版本，不能使用 dev 版本")
+    return resolved
+
+
+def find_local_release_product(project_root: Path, version: str) -> LocalReleaseProduct:
+    """定位 build 命令已生成的 release 分发产物。"""
+    config = load_config(project_root)
+    version_dir = project_root / config["build_root"] / "dist" / version
+    dist_dir = version_dir / "dist"
+    if not dist_dir.is_dir() or not any(dist_dir.glob("*.whl")):
+        raise FileNotFoundError(
+            f"未找到 release 分发文件：{dist_dir}，请先执行 `shipcli build --release`"
+        )
+    return LocalReleaseProduct(
+        app_name=config["app_name"],
+        version=version,
+        version_dir=version_dir,
+        dist_dir=dist_dir,
+    )
+
+
+def prepare_github_assets(project_root: Path, version: str) -> tuple[Path, ...]:
+    """准备 GitHub Release 需要上传的资产与校验文件（wheel/sdist + sha256）。"""
+    product = find_local_release_product(project_root, version)
+    assets: list[Path] = []
+    for pattern in ("*.whl", "*.tar.gz"):
+        for path in sorted(product.dist_dir.glob(pattern)):
+            assets.append(path)
+            assets.append(write_sha256_file(path))
+    if not assets:
+        raise FileNotFoundError(
+            f"未找到可上传的分发文件：{product.dist_dir}，请先执行 `shipcli build --release`"
+        )
+    return tuple(assets)
+
+
+def write_sha256_file(asset_path: Path) -> Path:
+    """为发布资产生成 SHA256 校验文件。"""
+    digest = hashlib.sha256(asset_path.read_bytes()).hexdigest()
+    checksum_path = asset_path.with_name(asset_path.name + ".sha256")
+    checksum_path.write_text(f"{digest}  {asset_path.name}\n", encoding="utf-8")
+    return checksum_path
+
+
+def collect_pypi_distributions(
+    project_root: Path,
+    version: str,
+    dist_dir: Path | None = None,
+) -> tuple[Path, ...]:
+    """收集与目标版本匹配的 Python 分发文件。"""
+    if dist_dir is not None:
+        resolved_dist_dir = dist_dir.resolve()
+    else:
+        # 默认从构建产出的版本目录取，对齐 `shipcli build`。
+        config = load_config(project_root)
+        resolved_dist_dir = (project_root / config["build_root"] / "dist" / version / "dist").resolve()
+    if not resolved_dist_dir.is_dir():
+        raise FileNotFoundError(
+            f"未找到分发目录：{resolved_dist_dir}，请先执行 `shipcli build --release`"
+        )
+
+    candidates = sorted(
+        [
+            *resolved_dist_dir.glob("*.whl"),
+            *resolved_dist_dir.glob("*.tar.gz"),
+        ]
+    )
+    matched = tuple(path for path in candidates if version in path.name)
+    if not matched:
+        raise FileNotFoundError(
+            f"未找到版本 {version} 的分发文件：{resolved_dist_dir}"
+        )
+    return matched
+
+
+def publish_to_pypi(
+    project_root: Path,
+    version: str,
+    repository_url: str | None = None,
+    dist_dir: Path | None = None,
+    skip_existing: bool = False,
+) -> PyPIPublishResult:
+    """把已存在的 Python 分发文件上传到 PyPI 仓库。"""
+    distributions = collect_pypi_distributions(project_root, version, dist_dir=dist_dir)
+    if importlib.util.find_spec("twine") is None:
+        raise RuntimeError("未安装 twine，请先执行 `python3 -m pip install twine`")
+
+    env = os.environ.copy()
+    token = env.get("SHIPCLI_PYPI_TOKEN")
+    if token:
+        env["TWINE_USERNAME"] = "__token__"
+        env["TWINE_PASSWORD"] = token
+    elif not env.get("TWINE_PASSWORD"):
+        raise RuntimeError("发布到 PyPI 需要设置 `SHIPCLI_PYPI_TOKEN` 或 `TWINE_PASSWORD`")
+
+    command = [sys.executable, "-m", "twine", "upload", "--non-interactive"]
+    if repository_url:
+        command.extend(["--repository-url", repository_url])
+    if skip_existing:
+        command.append("--skip-existing")
+    command.extend(str(path) for path in distributions)
+    subprocess.run(command, check=True, cwd=project_root, env=env)
+    return PyPIPublishResult(version=version, distribution_paths=distributions)
+
+
+def publish_to_github_release(
+    project_root: Path,
+    version: str,
+    repo: str | None = None,
+    tag: str | None = None,
+    title: str | None = None,
+    notes: str | None = None,
+    draft: bool = False,
+    prerelease: bool = False,
+) -> GitHubPublishResult:
+    """把已构建好的 release 产物发布到 GitHub Release。"""
+    product = find_local_release_product(project_root, version)
+    token = os.environ.get("SHIPCLI_GITHUB_TOKEN") or os.environ.get("GITHUB_TOKEN")
+    if not token:
+        raise RuntimeError("发布到 GitHub 需要设置 `SHIPCLI_GITHUB_TOKEN` 或 `GITHUB_TOKEN`")
+
+    resolved_repo = repo or os.environ.get("SHIPCLI_GITHUB_REPO") or os.environ.get("GITHUB_REPOSITORY")
+    if not resolved_repo:
+        raise RuntimeError(
+            "发布到 GitHub 需要提供 `--github-repo`，或设置 `SHIPCLI_GITHUB_REPO`/`GITHUB_REPOSITORY`"
+        )
+
+    resolved_tag = tag or f"v{version}"
+    resolved_title = title or f"{product.app_name} {version}"
+    release = get_or_create_github_release(
+        repo=resolved_repo,
+        token=token,
+        tag=resolved_tag,
+        title=resolved_title,
+        notes=notes or "",
+        draft=draft,
+        prerelease=prerelease,
+    )
+    upload_url = str(release["upload_url"]).split("{", 1)[0]
+    existing_assets = {
+        str(asset["name"]): int(asset["id"])
+        for asset in release.get("assets", [])
+        if "name" in asset and "id" in asset
+    }
+
+    asset_paths = prepare_github_assets(project_root, version)
+    for asset_path in asset_paths:
+        existing_id = existing_assets.get(asset_path.name)
+        if existing_id is not None:
+            delete_github_asset(resolved_repo, token, existing_id)
+        upload_github_asset(upload_url, token, asset_path)
+
+    return GitHubPublishResult(
+        version=version,
+        release_url=str(release["html_url"]),
+        asset_paths=asset_paths,
+    )
+
+
+def get_or_create_github_release(
+    repo: str,
+    token: str,
+    tag: str,
+    title: str,
+    notes: str,
+    draft: bool,
+    prerelease: bool,
+) -> dict[str, Any]:
+    """读取指定 tag 的 Release，不存在时自动创建。"""
+    api_base = f"https://api.github.com/repos/{repo}"
+    existing = find_github_release_by_tag(repo, token, tag)
+    if existing is not None:
+        return existing
+
+    payload = {
+        "tag_name": tag,
+        "name": title,
+        "body": notes,
+        "draft": draft,
+        "prerelease": prerelease,
+        "generate_release_notes": False,
+    }
+    return github_json_request(
+        f"{api_base}/releases",
+        token,
+        method="POST",
+        payload=payload,
+        expected_statuses=(201,),
+    )
+
+
+def find_github_release_by_tag(repo: str, token: str, tag: str) -> dict[str, Any] | None:
+    """按 tag 查找 GitHub Release，不存在时返回 `None`。"""
+    url = f"https://api.github.com/repos/{repo}/releases/tags/{urllib.parse.quote(tag, safe='')}"
+    headers = {
+        "Accept": "application/vnd.github+json",
+        "Authorization": f"Bearer {token}",
+        "X-GitHub-Api-Version": "2022-11-28",
+    }
+    request = urllib.request.Request(url, headers=headers, method="GET")
+    try:
+        with urllib.request.urlopen(request) as response:
+            raw = response.read()
+    except urllib.error.HTTPError as exc:
+        if exc.code == 404:
+            return None
+        message = _read_github_error(exc)
+        raise RuntimeError(message) from exc
+
+    if not raw:
+        return {}
+    return json.loads(raw.decode("utf-8"))
+
+
+def delete_github_asset(repo: str, token: str, asset_id: int) -> None:
+    """删除 GitHub Release 中同名的旧资产。"""
+    github_json_request(
+        f"https://api.github.com/repos/{repo}/releases/assets/{asset_id}",
+        token,
+        method="DELETE",
+        expected_statuses=(204,),
+    )
+
+
+def upload_github_asset(upload_url: str, token: str, asset_path: Path) -> None:
+    """上传单个资产到 GitHub Release。"""
+    url = f"{upload_url}?{urllib.parse.urlencode({'name': asset_path.name})}"
+    content_type = mimetypes.guess_type(asset_path.name)[0] or "application/octet-stream"
+    github_binary_request(
+        url=url,
+        token=token,
+        data=asset_path.read_bytes(),
+        content_type=content_type,
+        expected_statuses=(201,),
+    )
+
+
+def github_json_request(
+    url: str,
+    token: str,
+    method: str = "GET",
+    payload: dict[str, Any] | None = None,
+    expected_statuses: tuple[int, ...] = (200, 201),
+) -> dict[str, Any]:
+    """向 GitHub API 发送 JSON 请求。"""
+    headers = {
+        "Accept": "application/vnd.github+json",
+        "Authorization": f"Bearer {token}",
+        "X-GitHub-Api-Version": "2022-11-28",
+    }
+    data = None
+    if payload is not None:
+        headers["Content-Type"] = "application/json"
+        data = json.dumps(payload).encode("utf-8")
+    request = urllib.request.Request(url, data=data, headers=headers, method=method)
+    return _open_github_request(request, expected_statuses)
+
+
+def github_binary_request(
+    url: str,
+    token: str,
+    data: bytes,
+    content_type: str,
+    expected_statuses: tuple[int, ...] = (201,),
+) -> dict[str, Any]:
+    """向 GitHub 上传二进制资产。"""
+    headers = {
+        "Accept": "application/vnd.github+json",
+        "Authorization": f"Bearer {token}",
+        "Content-Type": content_type,
+        "X-GitHub-Api-Version": "2022-11-28",
+    }
+    request = urllib.request.Request(url, data=data, headers=headers, method="POST")
+    return _open_github_request(request, expected_statuses)
+
+
+def _open_github_request(
+    request: urllib.request.Request,
+    expected_statuses: tuple[int, ...],
+) -> dict[str, Any]:
+    """统一处理 GitHub API 返回结果与错误信息。"""
+    try:
+        with urllib.request.urlopen(request) as response:
+            if response.status not in expected_statuses:
+                raise RuntimeError(f"GitHub API 返回了未预期状态码：{response.status}")
+            raw = response.read()
+    except urllib.error.HTTPError as exc:
+        message = _read_github_error(exc)
+        raise RuntimeError(message) from exc
+
+    if not raw:
+        return {}
+    return json.loads(raw.decode("utf-8"))
+
+
+def _read_github_error(exc: urllib.error.HTTPError) -> str:
+    """提取 GitHub API 错误消息，避免泄露请求凭证。"""
+    payload = exc.read().decode("utf-8", errors="replace")
+    try:
+        data = json.loads(payload)
+    except json.JSONDecodeError:
+        return f"GitHub API 请求失败：HTTP {exc.code}"
+    message = data.get("message") or f"HTTP {exc.code}"
+    return f"GitHub API 请求失败：{message}"