Merge PR #136 into unstable/v1

This patch improves the logging detalization of which authentication
mode is selected when the action runs. It uses the `::notice` workflow
command to surface this detail to the workflow run summary page as
annotations.
This commit is contained in:
Sviatoslav Sydorenko 2023-03-22 16:22:52 +01:00
commit 48b317d84d
WARNING! Although there is a key with this ID in the database it does not verify this commit! This commit is SUSPICIOUS.
GPG key ID: 9345E8FEA89CA455

View file

@ -43,8 +43,19 @@ INPUT_PRINT_HASH="$(get-normalized-input 'print-hash')"
if [[ "${INPUT_USER}" == "__token__" && -z "${INPUT_PASSWORD}" ]] ; then
# No password supplied by the user implies that we're in the OIDC flow;
# retrieve the OIDC credential and exchange it for a PyPI API token.
echo "::notice::In OIDC flow"
echo \
'::notice::Attempting to perform OIDC credential exchange ' \
'to retrieve a temporary short-lived API token for authentication ' \
"against ${INPUT_REPOSITORY_URL}"
INPUT_PASSWORD="$(python /app/oidc-exchange.py)"
elif [[ "${INPUT_USER}" == '__token__' ]]; then
echo \
'::notice::Using a user-provided API token for authentication ' \
"against ${INPUT_REPOSITORY_URL}"
else
echo \
'::notice::Using a username + password pair for authentication ' \
"against ${INPUT_REPOSITORY_URL}}"
fi
if [[