diff --git a/.github/workflows/pypi.yml b/.github/workflows/pypi.yml index b35104429..b31b1627a 100644 --- a/.github/workflows/pypi.yml +++ b/.github/workflows/pypi.yml @@ -38,7 +38,7 @@ jobs: with: python-version: 3.8 - name: Build package - - run: python setup.py sdist bdist_wheel + run: python setup.py sdist bdist_wheel - name: Publish package uses: pypa/gh-action-pypi-publish@v1.5.0 with: diff --git a/CHANGELOG.md b/CHANGELOG.md index f6c1286d0..52262f9b4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -30,11 +30,11 @@ If you love `detect-secrets`, please star our project on GitHub to show your sup --> ### v1.2.0 -##### TODO DATE +##### February 10th, 2022 #### :mega: Release Highlights - Continous integration github action added ([#506]) -- Release pipeline github action added ([#TODO]) +- Release pipeline github action added ([#513]) #### :tada: New Features @@ -56,6 +56,7 @@ If you love `detect-secrets`, please star our project on GitHub to show your sup - Updated README due hook failing to interpret filenames with spaces ([#470]) - Add CI github action badge to README +- Development dependency bumps ([#519]) [#463]: https://github.com/Yelp/detect-secrets/pull/463 [#465]: https://github.com/Yelp/detect-secrets/pull/465 @@ -68,6 +69,8 @@ If you love `detect-secrets`, please star our project on GitHub to show your sup [#506]: https://github.com/Yelp/detect-secrets/pull/506 [#507]: https://github.com/Yelp/detect-secrets/pull/507 [#509]: https://github.com/Yelp/detect-secrets/pull/509 +[#513]: https://github.com/Yelp/detect-secrets/pull/513 +[#519]: https://github.com/Yelp/detect-secrets/pull/519 ### v1.1.0 ##### April 14th, 2021 diff --git a/docs/upgrades.md b/docs/upgrades.md index bfee89a2b..0a269a3df 100644 --- a/docs/upgrades.md +++ b/docs/upgrades.md @@ -71,10 +71,5 @@ scripts/bump-version ### Pushing to PyPi -```bash -# First, test with test.pypi.com -scripts/upload-to-pypi - -# If all looks good, we can head to prod! -scripts/upload-to-pypi --prod -``` +Once the tag from `scripts/bump-version` has been created and pushed to the repository, the pypi +github action will automatically start and publish the package to pypi. diff --git a/scripts/upload-to-pypi b/scripts/upload-to-pypi deleted file mode 100755 index 2d14e1d10..000000000 --- a/scripts/upload-to-pypi +++ /dev/null @@ -1,144 +0,0 @@ -#!/usr/bin/env python -import argparse -import os -import re -import shutil -import subprocess -import sys -from contextlib import contextmanager -from functools import lru_cache -from typing import Generator -from typing import Tuple -from urllib.parse import urlsplit -from urllib.parse import urlunsplit - -from detect_secrets.__version__ import VERSION - - -PACKAGE_NAME = 'detect-secrets' - - -def main() -> int: - args = parse_args() - set_index_url(args.prod) - - if exists_in_pypi(): - print('error: version already exists in pypi.', file=sys.stderr) - return 1 - - install_dependencies() - with create_distribution_files(): - upload_to_pypi() - - return 0 - - -def parse_args() -> argparse.Namespace: - parser = argparse.ArgumentParser() - parser.add_argument( - '--prod', - action='store_true', - help='Uploads to proper PyPI.', - ) - - return parser.parse_args() - - -def set_index_url(is_prod: bool) -> None: - # Source: https://pip.pypa.io/en/latest/user_guide/#environment-variables - if os.environ.get('PIP_DEFAULT_INDEX_URL'): - # If this is already specified, don't specify the index url through CLI, otherwise - # it will be overwritten. - return - - if is_prod: - # This will default to public pypi. - return - - # Otherwise, we leverage environment variables to inject this to make things simpler. - os.environ['PIP_DEFAULT_INDEX_URL'] = 'https://test.pypi.org/simple/' - - -def install_dependencies() -> None: - pip_install('setuptools', 'wheel', 'twine') - - -@lru_cache(maxsize=1) -def get_pip_version() -> Tuple[int]: - return tuple( - map( - int, - # example output: pip 19.3.1 from ... - ( - subprocess.check_output('pip --version'.split()).decode() - .split()[1] - .split('.') - ), - ), - ) - - -def exists_in_pypi() -> bool: - # Source: https://stackoverflow.com/a/26664162/13340678 - pip_version = get_pip_version() - - command = ['pip', 'install'] - if os.environ.get('PIP_DEFAULT_INDEX_URL'): - command += ['-i', os.environ['PIP_DEFAULT_INDEX_URL']] - if pip_version[0] >= 20 and pip_version[1] >= 3: - command.append('--use-deprecated=legacy-resolver') - - try: - subprocess.check_output( - [ - sys.executable, '-m', - *command, - f'{PACKAGE_NAME}==', - ], - stderr=subprocess.STDOUT, - ) - except subprocess.CalledProcessError as e: - available_versions = re.search(r'from versions: ([^\)]+)\)', e.stdout.decode()).group(1) - return VERSION in available_versions - - -def upload_to_pypi() -> None: - command = ['twine', 'upload'] - if os.environ.get('PIP_DEFAULT_INDEX_URL'): - # NOTE: The upload URL is `/legacy`. - parts = list(urlsplit(os.environ['PIP_DEFAULT_INDEX_URL'])) - parts[2] = '/legacy/' - - command += ['--repository-url', urlunsplit(parts)] - - subprocess.run([*command, 'dist/*']) - - -def pip_install(*packages) -> None: - subprocess.run([ - sys.executable, '-m', - 'pip', 'install', - *packages, - ]) - - -@contextmanager -def create_distribution_files() -> Generator[None, None, None]: - try: - subprocess.run([ - sys.executable, 'setup.py', - # sdist == source files - 'sdist', - - # bdest == binary distributions through wheels (for faster installs) - 'bdist_wheel', - ]) - - yield - finally: - shutil.rmtree('build') - shutil.rmtree('dist') - - -if __name__ == '__main__': - sys.exit(main())