Publish to PyPI using Trusted Publishers #94
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Mariatta
reviewed
Oct 12, 2023
.github/workflows/deploy.yml
Outdated
|
|
||
| # Upload to real PyPI on GitHub Releases. | ||
| release-pypi: | ||
| name: Publish released package to pypi.org |
There was a problem hiding this comment.
Be consistent with the previous job name.
Since we used Test PyPI before, we can use PyPI here instead of pypi.org
Mariatta
reviewed
Oct 12, 2023
Mariatta
reviewed
Oct 12, 2023
Mariatta
reviewed
Oct 12, 2023
Mariatta
reviewed
Oct 12, 2023
Mariatta
reviewed
Oct 12, 2023
Mariatta
reviewed
Oct 12, 2023
hugovk
commented
Oct 12, 2023
Co-authored-by: Mariatta <[email protected]>
Mariatta
approved these changes
Oct 12, 2023
This was referenced Oct 12, 2023
Merged
This was referenced Nov 12, 2023
7 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Switch to PyPI's Trusted Publishers for more secure upload.
First, format
pyproject.tomlfor easy comparison with other projects.Switch backend to hatch with the hatch_vcs plugin to enable publishing to Test PyPI.
Add new deploy workflow using https://github.com/hynek/build-and-inspect-python-package to confirm we can build packages and inspect as desired. Done for all runs, but not uploaded yet.
Upload to Test PyPI on every commit on main.
Upload to real PyPI on GitHub Releases.
Remove old release job.
TODO:
PYPI_TOKENfrom this repo secrets, it's no longer needed.