mirror of
https://github.com/pypa/gh-action-pypi-publish.git
synced 2024-12-28 18:04:50 -05:00
🎨 Warn about empty password/token action input
Before this patch, the warning would say that the token was expected to start with `pypi-` but it may be unobvious. With this change, the end-users are warned when they're passing a completely empty password value. Fixes #25.
This commit is contained in:
parent
d2ce3ec872
commit
efcb9babc8
1 changed files with 19 additions and 9 deletions
|
@ -23,15 +23,25 @@ if [[
|
|||
! "$INPUT_PASSWORD" =~ ^pypi-
|
||||
]]
|
||||
then
|
||||
echo \
|
||||
::warning file='# >>' PyPA publish to PyPI GHA'%3A' \
|
||||
POTENTIALLY INVALID TOKEN \
|
||||
'<< ':: \
|
||||
It looks like you are trying to use an API token to \
|
||||
authenticate in the package index and your token value does \
|
||||
not start with '"pypi-"' as it typically should. This may \
|
||||
cause an authentication error. Please verify that you have \
|
||||
copied your token properly if such an error occurs.
|
||||
if [[ -z "$INPUT_PASSWORD" ]]; then
|
||||
echo \
|
||||
::warning file='# >>' PyPA publish to PyPI GHA'%3A' \
|
||||
EMPTY TOKEN \
|
||||
'<< ':: \
|
||||
It looks like you have not passed a password or it \
|
||||
is otherwise empty. Please verify that you have passed it \
|
||||
directly or, preferably, through a secret.
|
||||
else
|
||||
echo \
|
||||
::warning file='# >>' PyPA publish to PyPI GHA'%3A' \
|
||||
POTENTIALLY INVALID TOKEN \
|
||||
'<< ':: \
|
||||
It looks like you are trying to use an API token to \
|
||||
authenticate in the package index and your token value does \
|
||||
not start with '"pypi-"' as it typically should. This may \
|
||||
cause an authentication error. Please verify that you have \
|
||||
copied your token properly if such an error occurs.
|
||||
fi
|
||||
fi
|
||||
|
||||
if ( ! ls -A ${INPUT_PACKAGES_DIR%%/}/*.tar.gz &> /dev/null && \
|
||||
|
|
Loading…
Reference in a new issue