Updated the GitHub workflows

Author: coordt

.github/actions/package-and-upload-artifacts/action.yaml

@@ -0,0 +1,49 @@
+name: Package and upload artifacts
+description: Package a Python project and upload the artifacts and release notes
+inputs:
+  tag-name:
+    description: 'The name of the tag for the GitHub release'
+    required: true
+runs:
+  using: 'composite'
+  steps:
+    - name: Parse changelog for release notes
+      shell: bash
+      run: |
+        function extract_version_content() {
+          changelog=$1
+          target_version=$2
+
+          awk -v target="$target_version" '
+            /^## / {
+              if (found) exit;
+              version=$2;
+              if (version == target) found=1;
+              next;
+            }
+            found { print; }
+          ' <<< "$changelog"
+        }
+
+        changelog=$(cat "CHANGELOG.md")
+        target_version=${{ inputs.tag-name }}
+        echo "TAG_NAME=$target_version" >> $GITHUB_ENV
+        content=$(extract_version_content "$changelog" "$target_version")
+
+        if [ -n "$content" ]; then
+          echo "::notice::Found release notes for ${target_version}"
+          echo "$content" >> release-notes.md
+        else
+          echo "::warning::Did not find release notes for ${target_version}"
+          touch release-notes.md
+        fi
+
+    - name: Upload release notes
+      uses: actions/upload-artifact@v4
+      with:
+        name: release-notes
+        path: release-notes.md
+
+    - name: Package and upload artifacts
+      if: ${{ env.PACKAGE == 'true' }}
+      uses: hynek/build-and-inspect-python-package@v2

.github/actions/release/action.yaml

@@ -0,0 +1,39 @@
+name: Release
+description: Create a GitHub release and upload the package to PyPI
+inputs:
+  pypi-api-token:
+    description: 'PyPI API token'
+    required: true
+  tag-name:
+    description: 'The name of the tag for the GitHub release'
+    required: true
+  github-token:
+    description: 'GitHub token'
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    - name: Download packages built by build-and-inspect-python-package
+      uses: actions/download-artifact@v4
+      with:
+        name: Packages
+        path: dist
+
+    - name: Download release notes
+      uses: actions/download-artifact@v4
+      with:
+        name: release-notes
+
+    - name: Create a GitHub release
+      uses: softprops/action-gh-release@v1
+      with:
+        files: dist/*
+        tag_name: "${{ inputs.tag-name }}"
+        body_path: release-notes.md
+        token: ${{ inputs.github-token }}
+
+    - name: Upload package to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1
+      with:
+        password: ${{ inputs.pypi-api-token }}

.github/actions/setup-python-and-git/action.yaml

@@ -0,0 +1,23 @@
+name: checkout-and-setup-python
+description: 'Checkout the repository and setup Python'
+inputs:
+  python-version:
+    description: 'Python version to use'
+    required: false
+    default: '3.11'
+runs:
+  using: 'composite'
+  steps:
+    - uses: actions/setup-python@v4
+      name: Setup Python
+      with:
+        python-version: ${{ inputs.python-version }}
+        cache: 'pip' # caching pip dependencies
+
+    - name: Git check
+      run: |
+        git config --global user.email "[email protected]"
+        git config --global user.name "Testing Git"
+        git --version
+        git config --list
+      shell: bash

.github/dependabot.yml

@@ -0,0 +1,13 @@
+# Keep GitHub Actions up to date with GitHub's Dependabot...
+# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
+# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    groups:
+      github-actions:
+        patterns:
+          - "*"  # Group all Actions updates into a single larger pull request
+    schedule:
+      interval: weekly

.github/workflows/bumpversion.yaml

@@ -0,0 +1,31 @@
+name: Deploy final documentation
+
+on:
+  push:
+    branches: [ "master" ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          token: ${{ secrets.PAT }}
+
+      - name: Set up Python 3.10
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.10"
+
+      - name: Install dependencies
+        run: |
+          git pull --all
+          python -m pip install ".[docs]"
+
+      - name: Build and deploy documentation
+        run: |
+          mkdocs gh-deploy --strict -v

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,38 @@
+name: Deploy PR previews
+
+on:
+  pull_request:
+    types:
+      - opened
+      - reopened
+      - synchronize
+      - closed
+
+concurrency: preview-${{ github.ref }}
+
+jobs:
+  deploy-preview:
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Python 3.10
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.10"
+
+      - name: Install dependencies
+        run: |
+          python -m pip install ".[docs]"
+
+      - name: Build documentation
+        run: |
+          mkdocs build --strict -v
+
+      - name: Deploy preview
+        uses: rossjrw/pr-preview-action@v1
+        with:
+          source-dir: ./site/