mirror of
https://github.com/pypa/gh-action-pypi-publish.git
synced 2024-11-22 00:21:08 -05:00
Merge commit 'pull/origin/7'
This commit is contained in:
commit
21ffeac7ef
5 changed files with 76 additions and 29 deletions
2
.yamllint
Normal file
2
.yamllint
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
indentation:
|
||||||
|
indent-sequences: false
|
15
Dockerfile
15
Dockerfile
|
@ -4,17 +4,14 @@ LABEL "maintainer"="Sviatoslav Sydorenko <wk+re-actors@sydorenko.org.ua>"
|
||||||
LABEL "repository"="https://github.com/re-actors/gh-action-pypi-publish"
|
LABEL "repository"="https://github.com/re-actors/gh-action-pypi-publish"
|
||||||
LABEL "homepage"="https://github.com/re-actors/gh-action-pypi-publish"
|
LABEL "homepage"="https://github.com/re-actors/gh-action-pypi-publish"
|
||||||
|
|
||||||
LABEL "com.github.actions.name"="pypi-publish"
|
|
||||||
LABEL "com.github.actions.description"="Upload Python distribution packages to PyPI"
|
|
||||||
LABEL "com.github.actions.icon"="upload-cloud"
|
|
||||||
LABEL "com.github.actions.color"="yellow"
|
|
||||||
|
|
||||||
ENV PYTHONDONTWRITEBYTECODE 1
|
ENV PYTHONDONTWRITEBYTECODE 1
|
||||||
ENV PYTHONUNBUFFERED 1
|
ENV PYTHONUNBUFFERED 1
|
||||||
|
|
||||||
ADD LICENSE.md /LICENSE.md
|
|
||||||
|
|
||||||
RUN pip install --upgrade --no-cache-dir twine
|
RUN pip install --upgrade --no-cache-dir twine
|
||||||
|
|
||||||
ENTRYPOINT ["twine"]
|
WORKDIR /app
|
||||||
CMD ["upload", "dist/*"]
|
COPY LICENSE.md .
|
||||||
|
COPY twine-upload.sh .
|
||||||
|
|
||||||
|
RUN chmod +x twine-upload.sh
|
||||||
|
ENTRYPOINT ["/app/twine-upload.sh"]
|
||||||
|
|
57
README.md
57
README.md
|
@ -5,33 +5,50 @@ PyPI.
|
||||||
|
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
To use the action simply add the following lines in the end of your
|
|
||||||
`.github/main.workflow`.
|
|
||||||
|
|
||||||
```hcl
|
To use the action add the following step to your workflow file (e.g.:
|
||||||
action "Upload Python dist to PyPI" {
|
`.github/workflows/main.yml`)
|
||||||
uses = "re-actors/pypi-action@master"
|
|
||||||
env = {
|
|
||||||
TWINE_USERNAME = "f'{your_project}-bot'"
|
```yml
|
||||||
}
|
- name: Publish a Python distribution to PyPI
|
||||||
secrets = ["TWINE_PASSWORD"]
|
uses: pypa/gh-action-pypi-publish@master
|
||||||
}
|
with:
|
||||||
|
user: __token__
|
||||||
|
password: ${{ secrets.pypi_password }}
|
||||||
```
|
```
|
||||||
|
|
||||||
N.B. Use a valid tag, or branch, or commit SHA instead
|
A common use case is to upload packages only on a tagged commit, to do so add a
|
||||||
of `master` to pin the action to use a specific version of it.
|
filter to the step:
|
||||||
|
|
||||||
|
|
||||||
### Environment Variables and Secrets
|
```yml
|
||||||
- **`TWINE_USERNAME`**: set this one to the username used to authenticate
|
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
|
||||||
against PyPI. _It is recommended to have a separate user account like
|
```
|
||||||
`f'{your_project}-bot'` having the lowest privileges possible on your
|
|
||||||
target dist page._
|
So the full step would look like:
|
||||||
- **`TWINE_PASSWORD`**: it's a password for the account used in
|
|
||||||
`TWINE_USERNAME` env var. **ATTENTION! WARNING! When adding this value
|
|
||||||
to the Action node in your workflow, use SECRETS, not normal env vars.**
|
```yml
|
||||||
|
- name: Publish package
|
||||||
|
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
|
||||||
|
uses: pypa/gh-action-pypi-publish@master
|
||||||
|
with:
|
||||||
|
user: __token__
|
||||||
|
password: ${{ secrets.pypi_password }}
|
||||||
|
```
|
||||||
|
|
||||||
|
The example above uses the new [API token](https://pypi.org/help/#apitoken)
|
||||||
|
feature of PyPI, which is recommended to restrict the access the action has.
|
||||||
|
|
||||||
|
The secret used in `${{ secrets.pypi_password }}` needs to be created on the settings
|
||||||
|
page of your project on GitHub. See [Creating & using secrets].
|
||||||
|
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
||||||
The Dockerfile and associated scripts and documentation in this project
|
The Dockerfile and associated scripts and documentation in this project
|
||||||
are released under the [BSD 3-clause license](LICENSE.md).
|
are released under the [BSD 3-clause license](LICENSE.md).
|
||||||
|
|
||||||
|
|
||||||
|
[Creating & using secrets]: https://help.github.com/en/articles/virtual-environments-for-github-actions#creating-and-using-secrets-encrypted-variables
|
||||||
|
|
24
action.yml
Normal file
24
action.yml
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
---
|
||||||
|
name: pypi-publish
|
||||||
|
description: Upload Python distribution packages to PyPI
|
||||||
|
inputs:
|
||||||
|
user:
|
||||||
|
description: PyPI user
|
||||||
|
required: false
|
||||||
|
default: __token__
|
||||||
|
password:
|
||||||
|
description: Password for your PyPI user or an access token
|
||||||
|
required: true
|
||||||
|
repository_url:
|
||||||
|
description: The repository URL to use
|
||||||
|
required: false
|
||||||
|
branding:
|
||||||
|
color: yellow
|
||||||
|
icon: upload-cloud
|
||||||
|
runs:
|
||||||
|
using: docker
|
||||||
|
image: Dockerfile
|
||||||
|
args:
|
||||||
|
- ${{ inputs.user }}
|
||||||
|
- ${{ inputs.password }}
|
||||||
|
- ${{ inputs.repository_url }}
|
7
twine-upload.sh
Executable file
7
twine-upload.sh
Executable file
|
@ -0,0 +1,7 @@
|
||||||
|
#! /usr/bin/env bash
|
||||||
|
set -Eeuo pipefail
|
||||||
|
|
||||||
|
TWINE_USERNAME="$INPUT_USER" \
|
||||||
|
TWINE_PASSWORD="$INPUT_PASSWORD" \
|
||||||
|
TWINE_REPOSITORY_URL="$INPUT_REPOSITORY_URL" \
|
||||||
|
exec twine upload dist/*
|
Loading…
Reference in a new issue