ci: add release workflow without pypa action

.github/workflows/release.yml

@@ -0,0 +1,36 @@
+# Always build and verify our release process, but then also conditionally
+# upload to PyPI if a git tag triggered the workflow.
+#
+name: Release
+
+on:
+ push:
+ pull_request:
+ workflow_dispatch:
+
+jobs:
+ build-verify-upload-release:
+ runs-on: ubuntu-20.04
+ steps:
+ - uses: actions/checkout@v2
+ - uses: actions/setup-python@v2
+ with:
+ python-version: 3.8
+
+ - name: install dependencies
+ run: |
+ pip install --upgrade pip
+ pip install build twine
+ pip freeze
+
+ - name: build release
+ run: |
+ python -m build --sdist --wheel .
+ ls -l dist
+
+ - name: verify release metadata
+ run: python -m twine check dist/*
+
+ - name: upload release to pypi
+ if: startsWith(github.ref, 'refs/tags/')
+ run: twine upload --username __token__ --password ${{ secrets.pypi_password }} dist/*