mirror of
https://github.com/pypa/gh-action-pypi-publish.git
synced 2024-11-24 09:31:06 -05:00
Adapt to new yml based github actions
Co-Authored-By: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua> Co-Authored-By: Pradyun Gedam <pradyunsg@gmail.com>
This commit is contained in:
parent
0bc3d275be
commit
25d67dc298
4 changed files with 74 additions and 29 deletions
15
Dockerfile
15
Dockerfile
|
@ -4,17 +4,14 @@ LABEL "maintainer"="Sviatoslav Sydorenko <wk+re-actors@sydorenko.org.ua>"
|
|||
LABEL "repository"="https://github.com/re-actors/gh-action-pypi-publish"
|
||||
LABEL "homepage"="https://github.com/re-actors/gh-action-pypi-publish"
|
||||
|
||||
LABEL "com.github.actions.name"="pypi-publish"
|
||||
LABEL "com.github.actions.description"="Upload Python distribution packages to PyPI"
|
||||
LABEL "com.github.actions.icon"="upload-cloud"
|
||||
LABEL "com.github.actions.color"="yellow"
|
||||
|
||||
ENV PYTHONDONTWRITEBYTECODE 1
|
||||
ENV PYTHONUNBUFFERED 1
|
||||
|
||||
ADD LICENSE.md /LICENSE.md
|
||||
|
||||
RUN pip install --upgrade --no-cache-dir twine
|
||||
|
||||
ENTRYPOINT ["twine"]
|
||||
CMD ["upload", "dist/*"]
|
||||
WORKDIR /app
|
||||
COPY ./LICENSE.md /app/
|
||||
COPY ./twine-upload.sh /app/
|
||||
|
||||
RUN chmod +x /app/twine-upload.sh
|
||||
ENTRYPOINT ["/app/twine-upload.sh"]
|
||||
|
|
57
README.md
57
README.md
|
@ -5,33 +5,50 @@ PyPI.
|
|||
|
||||
|
||||
## Usage
|
||||
To use the action simply add the following lines in the end of your
|
||||
`.github/main.workflow`.
|
||||
|
||||
```hcl
|
||||
action "Upload Python dist to PyPI" {
|
||||
uses = "re-actors/pypi-action@master"
|
||||
env = {
|
||||
TWINE_USERNAME = "f'{your_project}-bot'"
|
||||
}
|
||||
secrets = ["TWINE_PASSWORD"]
|
||||
}
|
||||
To use the action add the following step to your workflow file (e.g.:
|
||||
`.github/workflows/main.yml`)
|
||||
|
||||
|
||||
```yml
|
||||
- name: Publish a Python distribution to PyPI
|
||||
uses: pypi/gh-action-pypi-publish@master
|
||||
with:
|
||||
user: __token__
|
||||
password: ${{ secrets.pypi_password }}
|
||||
```
|
||||
|
||||
N.B. Use a valid tag, or branch, or commit SHA instead
|
||||
of `master` to pin the action to use a specific version of it.
|
||||
A common use case is to upload packages only on a tagged commit, to do so add a
|
||||
filter to the step:
|
||||
|
||||
|
||||
### Environment Variables and Secrets
|
||||
- **`TWINE_USERNAME`**: set this one to the username used to authenticate
|
||||
against PyPI. _It is recommended to have a separate user account like
|
||||
`f'{your_project}-bot'` having the lowest privileges possible on your
|
||||
target dist page._
|
||||
- **`TWINE_PASSWORD`**: it's a password for the account used in
|
||||
`TWINE_USERNAME` env var. **ATTENTION! WARNING! When adding this value
|
||||
to the Action node in your workflow, use SECRETS, not normal env vars.**
|
||||
```yml
|
||||
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
|
||||
```
|
||||
|
||||
So the full step would look like:
|
||||
|
||||
|
||||
```yml
|
||||
- name: Publish package
|
||||
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
|
||||
uses: pypi/gh-action-pypi-publish@master
|
||||
with:
|
||||
user: __token__
|
||||
password: ${{ secrets.pypi }}
|
||||
```
|
||||
|
||||
The example above uses the new [API token](https://pypi.org/help/#apitoken)
|
||||
feature of PyPI, which is recommended to restrict the access the action has.
|
||||
|
||||
The secret used in `${{ secrets.pypi_password }}` needs to be created on the settings
|
||||
page of your project on GitHub. See [Creating & using secrets].
|
||||
|
||||
|
||||
## License
|
||||
|
||||
The Dockerfile and associated scripts and documentation in this project
|
||||
are released under the [BSD 3-clause license](LICENSE.md).
|
||||
|
||||
|
||||
[Creating & using secrets]: https://help.github.com/en/articles/virtual-environments-for-github-actions#creating-and-using-secrets-encrypted-variables
|
||||
|
|
24
action.yml
Normal file
24
action.yml
Normal file
|
@ -0,0 +1,24 @@
|
|||
---
|
||||
name: pypi-publish
|
||||
description: Upload Python distribution packages to PyPI
|
||||
inputs:
|
||||
user:
|
||||
description: PyPI user
|
||||
required: false
|
||||
default: __token__
|
||||
password:
|
||||
description: Password for your PyPI user or an access token
|
||||
required: true
|
||||
repository_url:
|
||||
description: The repository URL to use
|
||||
required: false
|
||||
branding:
|
||||
color: yellow
|
||||
icon: upload-cloud
|
||||
runs:
|
||||
using: docker
|
||||
image: Dockerfile
|
||||
args:
|
||||
- ${{ inputs.user }}
|
||||
- ${{ inputs.password }}
|
||||
- ${{ inputs.repository_url }}
|
7
twine-upload.sh
Executable file
7
twine-upload.sh
Executable file
|
@ -0,0 +1,7 @@
|
|||
#!/usr/bin/env bash
|
||||
set -Eeuo pipefail
|
||||
|
||||
TWINE_USERNAME=$INPUT_USER \
|
||||
TWINE_PASSWORD=$INPUT_PASSWORD \
|
||||
TWINE_REPOSITORY_URL=$INPUT_REPOSITORY_URL \
|
||||
exec twine upload dist/*
|
Loading…
Reference in a new issue