New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
make build and deploy to PyPI Github Action use PyPI's new trusted publishers authentication #2269
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #2269 +/- ##
=======================================
Coverage 93.48% 93.48%
=======================================
Files 238 238
Lines 12948 12948
=======================================
Hits 12105 12105
Misses 843 843 ☔ View full report in Codecov by Sentry. |
Looks good to me @valeriupredoi! To test that everything works as expected, could you do an upload to test pypi? |
cheers @bouweandela! Yis, I'll do us one tomorrow 👍 |
snap! Test (and subsequent actual) PyPI is complains about our development version:
@bouweandela do you know of a workaround without an actual release that'd have the version set correctly? Only thing I can think of it to plop a hardcoded version in setup.py |
OK a frozen version in |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
yay! Cheers, buds! Let me enable the script on PyPI main, then I'll merge, you and @zklaus will have a great time seeing how it uploads to PyPI when releasing next week, like a good movie 😁 |
Done! |
…blishers authentication (#2269)
Description
This is us going forward and keeping up with the newest trends, and a big thank you to @bouweandela suggesting this to me for a different package. This is a simple, token-free, password-free secure method to upload the Python package to PyPI; it's described in https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/ and setup explained in https://docs.pypi.org/trusted-publishers/adding-a-publisher/ - but, in a nutshell, it goes like this:
This is the changed GA workflow at our end, for this to be enabled (note that the Python setup action has been upgraded to v4, the latest); I've not yet enabled Trusted Publishers at our PyPI project end, will do that only is this PR gets merged.
TODO
Checklist
It is the responsibility of the author to make sure the pull request is ready to review. The icons indicate whether the item will be subject to the 🛠 Technical or 🧪 Scientific review.
To help with the number pull requests: