Merge commit 'pull/origin/7'

This commit is contained in:
Sviatoslav Sydorenko 2019-08-23 13:34:06 +02:00
commit 21ffeac7ef
No known key found for this signature in database
GPG key ID: 9345E8FEA89CA455
5 changed files with 76 additions and 29 deletions

2
.yamllint Normal file
View file

@ -0,0 +1,2 @@
indentation:
indent-sequences: false

View file

@ -4,17 +4,14 @@ LABEL "maintainer"="Sviatoslav Sydorenko <wk+re-actors@sydorenko.org.ua>"
LABEL "repository"="https://github.com/re-actors/gh-action-pypi-publish"
LABEL "homepage"="https://github.com/re-actors/gh-action-pypi-publish"
LABEL "com.github.actions.name"="pypi-publish"
LABEL "com.github.actions.description"="Upload Python distribution packages to PyPI"
LABEL "com.github.actions.icon"="upload-cloud"
LABEL "com.github.actions.color"="yellow"
ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED 1
ADD LICENSE.md /LICENSE.md
RUN pip install --upgrade --no-cache-dir twine
ENTRYPOINT ["twine"]
CMD ["upload", "dist/*"]
WORKDIR /app
COPY LICENSE.md .
COPY twine-upload.sh .
RUN chmod +x twine-upload.sh
ENTRYPOINT ["/app/twine-upload.sh"]

View file

@ -5,33 +5,50 @@ PyPI.
## Usage
To use the action simply add the following lines in the end of your
`.github/main.workflow`.
```hcl
action "Upload Python dist to PyPI" {
uses = "re-actors/pypi-action@master"
env = {
TWINE_USERNAME = "f'{your_project}-bot'"
}
secrets = ["TWINE_PASSWORD"]
}
To use the action add the following step to your workflow file (e.g.:
`.github/workflows/main.yml`)
```yml
- name: Publish a Python distribution to PyPI
uses: pypa/gh-action-pypi-publish@master
with:
user: __token__
password: ${{ secrets.pypi_password }}
```
N.B. Use a valid tag, or branch, or commit SHA instead
of `master` to pin the action to use a specific version of it.
A common use case is to upload packages only on a tagged commit, to do so add a
filter to the step:
### Environment Variables and Secrets
- **`TWINE_USERNAME`**: set this one to the username used to authenticate
against PyPI. _It is recommended to have a separate user account like
`f'{your_project}-bot'` having the lowest privileges possible on your
target dist page._
- **`TWINE_PASSWORD`**: it's a password for the account used in
`TWINE_USERNAME` env var. **ATTENTION! WARNING! When adding this value
to the Action node in your workflow, use SECRETS, not normal env vars.**
```yml
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
```
So the full step would look like:
```yml
- name: Publish package
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
uses: pypa/gh-action-pypi-publish@master
with:
user: __token__
password: ${{ secrets.pypi_password }}
```
The example above uses the new [API token](https://pypi.org/help/#apitoken)
feature of PyPI, which is recommended to restrict the access the action has.
The secret used in `${{ secrets.pypi_password }}` needs to be created on the settings
page of your project on GitHub. See [Creating & using secrets].
## License
The Dockerfile and associated scripts and documentation in this project
are released under the [BSD 3-clause license](LICENSE.md).
[Creating & using secrets]: https://help.github.com/en/articles/virtual-environments-for-github-actions#creating-and-using-secrets-encrypted-variables

24
action.yml Normal file
View file

@ -0,0 +1,24 @@
---
name: pypi-publish
description: Upload Python distribution packages to PyPI
inputs:
user:
description: PyPI user
required: false
default: __token__
password:
description: Password for your PyPI user or an access token
required: true
repository_url:
description: The repository URL to use
required: false
branding:
color: yellow
icon: upload-cloud
runs:
using: docker
image: Dockerfile
args:
- ${{ inputs.user }}
- ${{ inputs.password }}
- ${{ inputs.repository_url }}

7
twine-upload.sh Executable file
View file

@ -0,0 +1,7 @@
#! /usr/bin/env bash
set -Eeuo pipefail
TWINE_USERNAME="$INPUT_USER" \
TWINE_PASSWORD="$INPUT_PASSWORD" \
TWINE_REPOSITORY_URL="$INPUT_REPOSITORY_URL" \
exec twine upload dist/*