Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Python Starter Kit: Trusted publishing #167

Open
ingyhere opened this issue Aug 22, 2024 · 5 comments
Open

Python Starter Kit: Trusted publishing #167

ingyhere opened this issue Aug 22, 2024 · 5 comments
Assignees
@ingyhere
Labels
high complexity Ticket has multiple difficult sub-tasks release update Mid-cycle update to released product to provide further functionality, features or clarification software lifecycle Process improvements involving developing, testing, integrating, deploying software

Comments

@ingyhere
Copy link
Contributor

ingyhere commented Aug 22, 2024
edited
Loading

Checked for duplicates

Yes - I've already checked

Best Practice Guide Category

Software Lifecycle

Best practice guide URL

Python Starter Kit

Describe the improvement

Python Package Index (PyPi) publishing has transitioned to Trusted Publishing in an implementation step en route to PEP 740 adoption. This ticket is to implement Trusted Publishing (TP).

What does TP provide? It guarantees the provenance of software published from your organization. When that provenance is validated, the details and package origins of your published software is "verified" rather than reported as "unverified" in the package index.

Moreover, the publishing process has changes to isolate the actual delivery to package indices with the option for different signature validation and publishing keys, depending on the target index.
@ingyhere ingyhere self-assigned this Aug 22, 2024
@ingyhere ingyhere added high complexity Ticket has multiple difficult sub-tasks software lifecycle Process improvements involving developing, testing, integrating, deploying software release update Mid-cycle update to released product to provide further functionality, features or clarification labels Aug 22, 2024
@yunks128
Copy link
Contributor

yunks128 commented Oct 1, 2024

@ingyhere This is great! Thanks for your contribution. slim-cli (https://pypi.org/project/slim-cli/) would benefit directly from TP. I'd be happy to be a tester for your documentation.

A few questions:

  • Have you considered integrating TP into your CI/CD pipelines for automated and secure package publishing? That would be great!
  • How do you plan to structure the updated documentation? Will you provide a specific section that explains the changes related to Trusted Publishing, key management, and workflow automation?

@jpl-jengelke
Copy link
Contributor

jpl-jengelke commented Oct 2, 2024
edited
Loading

Excellent. I'm still testing, waiting for a break in my project when we have resources available to troubleshoot if there are any issues. We should have it wrapped up within two weeks.

  • Have you considered integrating TP into your CI/CD pipelines for automated and secure package publishing? That would be great!

Yes, that's the plan. It will be integrated with the Python Starter Kit as soon as it's tested.

  • How do you plan to structure the updated documentation? Will you provide a specific section that explains the changes related to Trusted Publishing, key management, and workflow automation?

I haven't thought much yet about it. I suspect it could be a separate guide. But I plan to modify the Python Starter Kit docs to integrate it.

jpl-jengelke added a commit to NASA-AMMOS/slim-starterkit-python that referenced this issue Oct 17, 2024
@jpl-jengelke
NASA-AMMOS/slim#167: Implement trusted publishing. ...
55b7683
@ingyhere ingyhere mentioned this issue Oct 17, 2024
Merged
@ingyhere
Copy link
Contributor Author

ingyhere commented Oct 17, 2024
edited
Loading

Testing complete. I have created a PR in the slim-starterkit-python project. Please feel free to review.

@ingyhere
Copy link
Contributor Author

A PR in SLIM (here) will also be created shortly to add this to the documentation stack.

jpl-jengelke added a commit to NASA-AMMOS/slim-starterkit-python that referenced this issue Oct 17, 2024
@jpl-jengelke
NASA-AMMOS/slim#167: Rev version for latest release. ...
60ed337
jpl-jengelke added a commit to NASA-AMMOS/slim-starterkit-python that referenced this issue Oct 31, 2024
@jpl-jengelke
NASA-AMMOS/slim#167: Update documentation links in comments. ...
3c8d41d
jpl-jengelke added a commit to NASA-AMMOS/slim-starterkit-python that referenced this issue Oct 31, 2024
@jpl-jengelke
NASA-AMMOS/slim#167: Update documentation links in comments, CHANGELO…
69fa797 
…G and version for release. ...
@ingyhere ingyhere changed the title Python Starter Kit: Trusted publishing and documentation refresh Python Starter Kit: Trusted publishing Oct 31, 2024
@ingyhere ingyhere mentioned this issue Oct 31, 2024
Open
@ingyhere
Copy link
Contributor Author

De-scoped this so documentation updates do not slow down TP implementation.

@ingyhere ingyhere mentioned this issue Oct 31, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ingyhere ingyhere

Labels
high complexity Ticket has multiple difficult sub-tasks release update Mid-cycle update to released product to provide further functionality, features or clarification software lifecycle Process improvements involving developing, testing, integrating, deploying software
Projects
SLIM Planning Board
Status: 🏗 In Progress
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ingyhere @yunks128 @jpl-jengelke