mirror of
https://github.com/pypa/gh-action-pypi-publish.git
synced 2024-11-21 16:11:01 -05:00
Merge commit 'pull/origin/7'
This commit is contained in:
commit
21ffeac7ef
5 changed files with 76 additions and 29 deletions
2
.yamllint
Normal file
2
.yamllint
Normal file
|
@ -0,0 +1,2 @@
|
|||
indentation:
|
||||
indent-sequences: false
|
15
Dockerfile
15
Dockerfile
|
@ -4,17 +4,14 @@ LABEL "maintainer"="Sviatoslav Sydorenko <wk+re-actors@sydorenko.org.ua>"
|
|||
LABEL "repository"="https://github.com/re-actors/gh-action-pypi-publish"
|
||||
LABEL "homepage"="https://github.com/re-actors/gh-action-pypi-publish"
|
||||
|
||||
LABEL "com.github.actions.name"="pypi-publish"
|
||||
LABEL "com.github.actions.description"="Upload Python distribution packages to PyPI"
|
||||
LABEL "com.github.actions.icon"="upload-cloud"
|
||||
LABEL "com.github.actions.color"="yellow"
|
||||
|
||||
ENV PYTHONDONTWRITEBYTECODE 1
|
||||
ENV PYTHONUNBUFFERED 1
|
||||
|
||||
ADD LICENSE.md /LICENSE.md
|
||||
|
||||
RUN pip install --upgrade --no-cache-dir twine
|
||||
|
||||
ENTRYPOINT ["twine"]
|
||||
CMD ["upload", "dist/*"]
|
||||
WORKDIR /app
|
||||
COPY LICENSE.md .
|
||||
COPY twine-upload.sh .
|
||||
|
||||
RUN chmod +x twine-upload.sh
|
||||
ENTRYPOINT ["/app/twine-upload.sh"]
|
||||
|
|
57
README.md
57
README.md
|
@ -5,33 +5,50 @@ PyPI.
|
|||
|
||||
|
||||
## Usage
|
||||
To use the action simply add the following lines in the end of your
|
||||
`.github/main.workflow`.
|
||||
|
||||
```hcl
|
||||
action "Upload Python dist to PyPI" {
|
||||
uses = "re-actors/pypi-action@master"
|
||||
env = {
|
||||
TWINE_USERNAME = "f'{your_project}-bot'"
|
||||
}
|
||||
secrets = ["TWINE_PASSWORD"]
|
||||
}
|
||||
To use the action add the following step to your workflow file (e.g.:
|
||||
`.github/workflows/main.yml`)
|
||||
|
||||
|
||||
```yml
|
||||
- name: Publish a Python distribution to PyPI
|
||||
uses: pypa/gh-action-pypi-publish@master
|
||||
with:
|
||||
user: __token__
|
||||
password: ${{ secrets.pypi_password }}
|
||||
```
|
||||
|
||||
N.B. Use a valid tag, or branch, or commit SHA instead
|
||||
of `master` to pin the action to use a specific version of it.
|
||||
A common use case is to upload packages only on a tagged commit, to do so add a
|
||||
filter to the step:
|
||||
|
||||
|
||||
### Environment Variables and Secrets
|
||||
- **`TWINE_USERNAME`**: set this one to the username used to authenticate
|
||||
against PyPI. _It is recommended to have a separate user account like
|
||||
`f'{your_project}-bot'` having the lowest privileges possible on your
|
||||
target dist page._
|
||||
- **`TWINE_PASSWORD`**: it's a password for the account used in
|
||||
`TWINE_USERNAME` env var. **ATTENTION! WARNING! When adding this value
|
||||
to the Action node in your workflow, use SECRETS, not normal env vars.**
|
||||
```yml
|
||||
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
|
||||
```
|
||||
|
||||
So the full step would look like:
|
||||
|
||||
|
||||
```yml
|
||||
- name: Publish package
|
||||
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
|
||||
uses: pypa/gh-action-pypi-publish@master
|
||||
with:
|
||||
user: __token__
|
||||
password: ${{ secrets.pypi_password }}
|
||||
```
|
||||
|
||||
The example above uses the new [API token](https://pypi.org/help/#apitoken)
|
||||
feature of PyPI, which is recommended to restrict the access the action has.
|
||||
|
||||
The secret used in `${{ secrets.pypi_password }}` needs to be created on the settings
|
||||
page of your project on GitHub. See [Creating & using secrets].
|
||||
|
||||
|
||||
## License
|
||||
|
||||
The Dockerfile and associated scripts and documentation in this project
|
||||
are released under the [BSD 3-clause license](LICENSE.md).
|
||||
|
||||
|
||||
[Creating & using secrets]: https://help.github.com/en/articles/virtual-environments-for-github-actions#creating-and-using-secrets-encrypted-variables
|
||||
|
|
24
action.yml
Normal file
24
action.yml
Normal file
|
@ -0,0 +1,24 @@
|
|||
---
|
||||
name: pypi-publish
|
||||
description: Upload Python distribution packages to PyPI
|
||||
inputs:
|
||||
user:
|
||||
description: PyPI user
|
||||
required: false
|
||||
default: __token__
|
||||
password:
|
||||
description: Password for your PyPI user or an access token
|
||||
required: true
|
||||
repository_url:
|
||||
description: The repository URL to use
|
||||
required: false
|
||||
branding:
|
||||
color: yellow
|
||||
icon: upload-cloud
|
||||
runs:
|
||||
using: docker
|
||||
image: Dockerfile
|
||||
args:
|
||||
- ${{ inputs.user }}
|
||||
- ${{ inputs.password }}
|
||||
- ${{ inputs.repository_url }}
|
7
twine-upload.sh
Executable file
7
twine-upload.sh
Executable file
|
@ -0,0 +1,7 @@
|
|||
#! /usr/bin/env bash
|
||||
set -Eeuo pipefail
|
||||
|
||||
TWINE_USERNAME="$INPUT_USER" \
|
||||
TWINE_PASSWORD="$INPUT_PASSWORD" \
|
||||
TWINE_REPOSITORY_URL="$INPUT_REPOSITORY_URL" \
|
||||
exec twine upload dist/*
|
Loading…
Reference in a new issue