Modernize Python repo: pyproject.toml + uv + semantic-release

.github/workflows/python-tests.yml

@@ -1,11 +1,11 @@
 name: Python Tests
 
 on:
-  push:
-    branches: [main]
   pull_request:
     branches:
       - "**"
+  # Called from release.yml before publishing on push to main.
+  workflow_call:
 
 jobs:
   python-tests:
@@ -26,13 +26,16 @@ jobs:
         with:
           python-version: ${{ matrix.python-version }}
 
-      - name: Install dependencies
-        run: pip install -r requirements/pip-tools.txt tox
+      - name: Install uv
+        uses: astral-sh/setup-uv@v6
+
+      - name: Install CI dependencies
+        run: uv sync --group ci
 
       - name: Run tests with Tox (${{ matrix.toxenv }})
         env:
           TOXENV: ${{ matrix.toxenv }}
-        run: tox
+        run: uv run tox
 
       - name: Upload coverage to Codecov
         if: matrix.python-version == '3.12' && matrix.toxenv == 'django42'

.github/workflows/release.yml

@@ -0,0 +1,99 @@
+name: Release
+
+on:
+  push:
+    branches: [main]
+
+jobs:
+  run_tests:
+    uses: ./.github/workflows/python-tests.yml
+
+  release:
+    needs: run_tests
+    runs-on: ubuntu-latest
+    if: github.ref_name == 'main'
+    concurrency:
+      group: ${{ github.workflow }}-release-${{ github.ref_name }}
+      cancel-in-progress: false
+
+    permissions:
+      contents: write
+
+    steps:
+      # Checkout at the branch that triggered the workflow, then force-reset to
+      # the exact sha so we don't accidentally release commits that arrived
+      # while this workflow was running.
+      - name: Setup | Checkout Repository on Release Branch
+        uses: actions/checkout@v6
+        with:
+          ref: ${{ github.ref_name }}
+
+      - name: Setup | Force release branch to workflow sha
+        run: git reset --hard ${{ github.sha }}
+
+      - name: Set up Python
+        uses: actions/setup-python@v6
+        with:
+          python-version: "3.12"
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v6
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v6
+        with:
+          node-version: 24
+
+      - name: Install npm dependencies and build
+        run: |
+          npm ci
+          npm run build
+
+      - name: Action | Semantic Version Release
+        id: release
+        uses: python-semantic-release/python-semantic-release@v10.5.3
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          git_committer_name: "github-actions"
+          git_committer_email: "actions@users.noreply.github.com"
+          changelog: "false"
+
+      - name: Publish | Upload to GitHub Release Assets
+        uses: python-semantic-release/publish-action@v10.5.3
+        if: steps.release.outputs.released == 'true'
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          tag: ${{ steps.release.outputs.tag }}
+
+      - name: Upload | Distribution Artifacts
+        uses: actions/upload-artifact@v4
+        if: steps.release.outputs.released == 'true'
+        with:
+          name: distribution-artifacts
+          path: dist/
+          if-no-files-found: error
+
+    outputs:
+      released: ${{ steps.release.outputs.released || 'false' }}
+      version: ${{ steps.release.outputs.version }}
+
+  publish_to_pypi:
+    # Separate from the release job for least privilege and retry-ability:
+    # publishing can fail independently and shouldn't require reversing the release.
+    runs-on: ubuntu-latest
+    needs: release
+    if: github.ref_name == 'main' && needs.release.outputs.released == 'true'
+
+    permissions:
+      contents: read
+      id-token: write   # for PyPI OIDC trusted publisher
+
+    steps:
+      - name: Download Distribution Artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: distribution-artifacts
+          path: dist/
+
+      - name: Publish to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1

MANIFEST.in

@@ -1,7 +1,5 @@
 # --- ROOT FILES ---
 include CHANGELOG.rst LICENSE.txt README.rst
-include requirements/base.in
-include requirements/constraints.txt
 
 # --- PACKAGE DATA ---
 recursive-include xblocks_contrib *.html *.js *.css *.jar *.png *.gif *.jpg *.jpeg *.svg *.yaml *.underscore

Makefile

@@ -13,29 +13,12 @@ JS_TARGET := $(PACKAGE_NAME)/public/js/translations
 help:
 	@perl -nle'print $& if m{^[\.a-zA-Z_-]+:.*?## .*$$}' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m  %-25s\033[0m %s\n", $$1, $$2}'
 
-# Define PIP_COMPILE_OPTS=-v to get more information during make upgrade.
-PIP_COMPILE = pip-compile --upgrade $(PIP_COMPILE_OPTS)
-
-upgrade: export CUSTOM_COMPILE_COMMAND=make upgrade
-upgrade: ## update the requirements/*.txt files with the latest packages satisfying requirements/*.in
-	pip install -qr requirements/pip-tools.txt
-	# Make sure to compile files after any other files they include!
-	$(PIP_COMPILE) --allow-unsafe -o requirements/pip-tools.txt requirements/pip-tools.in
-	pip install -qr requirements/pip-tools.txt
-	$(PIP_COMPILE) -o requirements/base.txt requirements/base.in
-	$(PIP_COMPILE) -o requirements/test.txt requirements/test.in
-	$(PIP_COMPILE) -o requirements/doc.txt requirements/doc.in
-	$(PIP_COMPILE) -o requirements/quality.txt requirements/quality.in
-	$(PIP_COMPILE) -o requirements/dev.txt requirements/dev.in
-	# Let tox control the Django version for tests
-	sed '/^[dD]jango==/d' requirements/test.txt > requirements/test.tmp
-	mv requirements/test.tmp requirements/test.txt
-
-piptools: ## install pinned version of pip-compile and pip-sync
-	pip install -r requirements/pip-tools.txt
-
-requirements: piptools ## install development environment requirements
-	pip-sync -q requirements/dev.txt requirements/private.*
+upgrade: ## update uv.lock and regenerate uv constraints from edx-lint
+	uv run --with edx-lint edx_lint write_uv_constraints pyproject.toml
+	uv lock --upgrade
+
+requirements: ## install development environment requirements using uv
+	uv sync --group dev
 
 # XBlock directories
 XBLOCKS=$(shell find $(shell pwd)/$(PACKAGE_NAME) -mindepth 2 -maxdepth 2 -type d -name 'conf' -exec dirname {} \;)

README.rst

@@ -31,7 +31,7 @@ The possible XBlock statuses are:
 
 * In Development: We're building and testing this block.
 * Ready to Use: You can try this on your site using the Waffle flag.
-* Done: The built-in block has been removed. The setup.py entrypoint has been removed from edx-platform and added to xblock-contrib.
+* Done: The built-in block has been removed. The ``pyproject.toml`` entry-point has been removed from edx-platform and added to xblock-contrib.
 
 
 Additional XBlocks that belong here
@@ -51,6 +51,29 @@ Over time, more XBlocks may be moved here. An XBlock belongs here if and only if
 Installation and Development Guide
 **********************************
 
+Python Setup
+------------
+
+This project uses `uv <https://docs.astral.sh/uv/>`_ for dependency management.
+
+1. `Install uv <https://docs.astral.sh/uv/getting-started/installation/>`_.
+2. Install all development dependencies::
+
+    $ make requirements
+
+   This runs ``uv sync --group dev`` and installs the package in editable mode.
+
+3. Run the test suite::
+
+    $ uv run tox
+
+4. To upgrade all dependencies::
+
+    $ make upgrade
+
+Frontend Setup
+--------------
+
 Study scripts in the ``package.json`` file to understand the available commands.
 
 1. Install this repository into your runtime (for example ``openedx-platform``) as an editable dependency. For Tutor, you can mount this repository for local development.