Commit graph

50 commits

Author SHA1 Message Date
William Woodruff
8a08d61689
Expose PEP 740 attestations functionality
Some checks failed
🧪 / smoke-test (push) Has been cancelled
PR #236

This patch adds PEP 740 attestation generation to the workflow: when the Trusted Publishing flow is used, this will generate a publish attestation for each distribution being uploaded. These generated attestations are then fed into `twine`, which newly supports them via `--attestations`.

Ref: https://github.com/pypi/warehouse/issues/15871
2024-09-01 02:50:29 +02:00
Peter Shen
67a07ebbed
Disable the progress bar when running twine upload
PR #231
Resolves #229

Co-authored-by: Sviatoslav Sydorenko <webknjaz@redhat.com>
2024-05-16 17:14:58 +02:00
William Woodruff
771d60f44b
Eliminate future tense in the password nudge in twine-upload
Additionally, this turns the corresponding code branch into a hard error in case of the regular PyPI.

Signed-off-by: William Woodruff <william@trailofbits.com>

PR #234
Fixes #233
2024-05-16 17:07:28 +02:00
William Woodruff
674fb78567
twine-upload: replace notice with debug, simplify msgs 2023-12-04 20:27:16 -05:00
William Woodruff
2319287e0a
twine-upload: ::error, switch nudge order
Signed-off-by: William Woodruff <william@trailofbits.com>
2023-11-22 17:28:02 -05:00
William Woodruff
254a0d4ec4
twine-upload: add a nudge for password auth
Closes #187.
2023-11-05 23:53:52 -05:00
William Woodruff
e90e853e89
twine-upload: only nudge on PyPI-looking domains
Signed-off-by: William Woodruff <william@trailofbits.com>
2023-07-10 12:11:56 -04:00
William Woodruff
be695966b0
twine-upload: add a nudge for trusted publishing
Closes #164.

Signed-off-by: William Woodruff <william@trailofbits.com>
2023-07-10 11:44:56 -04:00
Jaap Roes
775be49481
Remove extraneous } 2023-06-08 14:56:32 +02:00
William Woodruff
0b567d5b01
oidc-exchange, twine-upload: remove more OIDC refs
...but not all, since some make sense in a debugging
context.

Signed-off-by: William Woodruff <william@trailofbits.com>
2023-04-03 21:32:49 +09:00
William Woodruff
dfde872acc
Apply suggestions from code review
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
2023-04-02 22:20:08 +09:00
William Woodruff
3d567f44ce
twine-upload: expound
Signed-off-by: William Woodruff <william@trailofbits.com>
2023-04-01 21:09:00 +09:00
Hugo van Kemenade
65bf8a81de Remove double spaces 2023-03-29 21:22:09 +03:00
William Woodruff
ae295504b3
twine-upload: increase detail on console notices
Signed-off-by: William Woodruff <william@trailofbits.com>

Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
2023-03-22 11:19:01 -04:00
William Woodruff
2b46bad8cb
OIDC beta support
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
2023-03-15 17:08:09 -04:00
Sviatoslav Sydorenko
22b4d1f125
🐛 Make kebab options fall back for snake_case
The previous release didn't take into account the action defaults so
the promised fallbacks for the old input names didn't work. This patch
corrects that mistake.
2023-03-11 03:06:39 +01:00
Sviatoslav Sydorenko
f131721e84
🎨 Convert action inputs to use kebab-case
Up until now, the action input names followed the snake_case naming
pattern that is well familiar to the pythonistas. But in GitHub
actions, the de-facto standard is using kebab-case, which is what
this patch achieves.
This style helps make the keys in YAML better standardized and
distinguishable from other identifiers.
The old snake_case names remain functional for the time being and will
not be removed until at least v3 release of this action.
2023-03-11 01:24:52 +01:00
Colin Dean
efcb9babc8
🎨 Warn about empty password/token action input
Before this patch, the warning would say that the token was
expected to start with `pypi-` but it may be unobvious. With this
change, the end-users are warned when they're passing a completely
empty password value.

Fixes #25.
2023-03-10 20:37:53 +01:00
Sviatoslav Sydorenko
c7f29f7ade
🐛 Override $HOME in the container with /root
This is necessary to let `python -m site` locate the real install
directories.
This fixes #115 — the bug caused by GitHub passing the value of
`$HOME` from the host system that does not match the container's
expectations.
2022-12-07 02:41:32 +01:00
Sviatoslav Sydorenko
e71a4a4c1d
Add support for verbose bash execusion w/ $DEBUG 2022-12-07 00:07:43 +01:00
Sviatoslav Sydorenko
e56e8212f4
🐛 Make id always available in twine-upload 2022-12-07 00:07:20 +01:00
Sviatoslav Sydorenko
c879b84594
🐛 Use full path to bash in shebang 2022-12-07 00:02:01 +01:00
Sviatoslav Sydorenko
57e7d53102
🐛Ensure the default $PATH value is pre-loaded
This patch imports the system-global profile script to
populate the `$PATH` variable with the typically available binary
paths.

Ref:
https://github.com/pypa/gh-action-pypi-publish/issues/112#issuecomment-1340065840
2022-12-06 23:58:05 +01:00
Sviatoslav Sydorenko
1350b8bd72
🐛 Avoid broken env vars passed by GHA from host
Fixes https://github.com/pypa/gh-action-pypi-publish/issues/112.
2022-12-06 21:40:38 +01:00
meowmeowcat
c3fbd68c15
Remove quotes
Fix #90
2022-01-13 12:50:40 +08:00
Sviatoslav Sydorenko
0575dc8eab
Refactor the hash helper script to use pathlib and CLI args 2022-01-09 00:24:29 +01:00
Sviatoslav Sydorenko
8682135dac
Correct the if-clause for printing the hashes 2022-01-09 00:05:27 +01:00
meowmeowcat
06a2dd6685 Fix bug 2022-01-08 12:21:09 +08:00
meowmeowcat
77ee113713 Move out the Python script from the shell script 2022-01-08 12:12:15 +08:00
meowmeowcat
e5cc29fe08 Show hash values of files uploaded 2022-01-08 00:24:27 +08:00
Sviatoslav Sydorenko
54b39fb937
🚑 Fix referring to $INPUT_VERBOSE var
Resolves #41
2020-09-26 00:42:02 +02:00
Subin Modeel
cf69e2047c Update twine-upload.sh 2020-09-25 13:14:20 -04:00
Christian Schmidbauer
f4c7b2841d Allow wildcards in INPUT_PACKAGES_DIR 2020-07-08 15:42:31 +02:00
Sviatoslav Sydorenko
00ef3b8182
Expose skip_existing setting to the end-users 2020-06-19 21:30:53 +02:00
Sviatoslav Sydorenko
6a02ab807d
Add clarifying messages to annotation titles 2020-06-04 01:23:32 +02:00
Sviatoslav Sydorenko
323b1496ae
Invert quoting when rendering $INPUT_PACKAGES_DIR 2020-06-04 01:21:51 +02:00
Sviatoslav Sydorenko
328d2c65fa
Output warnings as GH Checks annotations 2020-06-04 01:06:14 +02:00
Sviatoslav Sydorenko
c37b99ec5f
Merge PR #33
This change implements running dists verification before
performing actual upload. It is controlled by the input
called `verify_metadata` which is on by default.
2020-06-03 17:44:19 +02:00
Henry Schreiner
9bda1cadd0 Use metadata_verify instead of check 2020-06-03 11:05:45 -04:00
Henry Schreiner
ab50aa7f47
Update twine-upload.sh
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
2020-06-03 10:29:18 -04:00
Henry Schreiner
176ae50c06 feat: Add twine check before upload #30 2020-06-02 14:44:35 -04:00
Sviatoslav Sydorenko
d7872a6165
Change dist param to packages-dir 2019-12-06 13:38:52 +01:00
Jesse Farebrother
4f4304928f Custom dist 2019-12-05 16:25:02 -07:00
Hugo
881f0049bd Typos and brevity 2019-09-16 14:01:16 +03:00
Sviatoslav Sydorenko
04871990d3
Print a warning if there's no dists to upload 2019-09-12 17:55:39 +02:00
Sviatoslav Sydorenko
e4638127f9
Emit a warning if the token looks invalid
Resolves #9
2019-09-12 17:55:34 +02:00
Sviatoslav Sydorenko
8e9ff975ca
Protect env vars in Twine invocation 2019-08-23 13:17:10 +02:00
Sviatoslav Sydorenko
4820c8c9b0
Fix a space position in shabang 2019-08-23 13:13:19 +02:00
Sviatoslav Sydorenko
2c1fc8ad24
Add a space after shebang marker 2019-08-23 13:12:47 +02:00
Mathias Fussenegger
25d67dc298 Adapt to new yml based github actions
Co-Authored-By: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
Co-Authored-By: Pradyun Gedam <pradyunsg@gmail.com>
2019-08-23 10:53:21 +02:00