Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable trusted publishing for Python packages. #294

Merged
merged 2 commits into from
May 30, 2023
Merged

Enable trusted publishing for Python packages. #294

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9a87a75
Enable trusted publishing for Python packages.
obi1kenobi May 30, 2023
fb7f538
Remove unused secret.
obi1kenobi May 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 0 additions & 2 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -442,5 +442,3 @@ jobs:
- pre-publish-checks
- attempt-publish-trustfall-core
uses: ./.github/workflows/publish-python.yml
secrets:
PYPI_TOKEN: ${{ secrets.MATURIN_PYPI_TOKEN }}
48 changes: 29 additions & 19 deletions .github/workflows/publish-python.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,6 @@ name: Publish Python bindings

on:
workflow_call:
secrets:
PYPI_TOKEN:
required: true

concurrency:
group: publish-python
Expand All @@ -14,8 +11,8 @@ env:
CARGO_TERM_COLOR: always

jobs:
publish:
name: publish python trustfall
tag:
name: tag the version
runs-on: ubuntu-latest
needs:
- should-publish
Expand All @@ -25,20 +22,6 @@ jobs:
# - musllinux
if: needs.should-publish.outputs.is_new_version == 'yes' && github.ref == 'refs/heads/main'
steps:
- uses: actions/download-artifact@v2
with:
name: wheels
- uses: actions/setup-python@v4
with:
python-version: "3.11"
- name: Publish to PyPi
env:
TWINE_USERNAME: __token__
TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }}
run: |
set -euxo pipefail
pip install --upgrade twine
twine upload --skip-existing *
- uses: actions/checkout@v3
with:
persist-credentials: true
Expand All @@ -49,6 +32,33 @@ jobs:
git tag "pytrustfall-v$CURRENT_VERSION"
git push origin "pytrustfall-v$CURRENT_VERSION"

publish:
name: publish python trustfall
runs-on: ubuntu-latest
needs:
- should-publish
- tag
- macos
- windows
- linux
# - musllinux
if: needs.should-publish.outputs.is_new_version == 'yes' && github.ref == 'refs/heads/main'
permissions:
# This permission is used for trusted publishing:
# https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/
#
# Trusted publishing is configured on PyPI for the `trustfall` Python package.
id-token: write
steps:
- uses: actions/download-artifact@v2
with:
name: wheels
- name: Publish package distributions to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
verbose: true
print-hash: true

macos:
runs-on: macos-latest
needs:
Expand Down
2 changes: 1 addition & 1 deletion pytrustfall/pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[project]
name = "trustfall"
description = "If GraphQL were more like SQL: a query language for any combination of data sources."
description = "A query engine for any combination of data sources. Query your files and APIs as if they were databases!"
readme = "README.md"
requires-python = ">=3.9"
authors = [
Expand Down