Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: pypa/gh-action-pypi-publish
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.8.1
Choose a base ref
...
head repository: pypa/gh-action-pypi-publish
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.8.3
Choose a head ref
  • 4 commits
  • 2 files changed
  • 4 contributors

Commits on Mar 21, 2023

  1. oidc-exchange: avoid splitting the error message

    Signed-off-by: William Woodruff <[email protected]>
    woodruffw committed Mar 21, 2023

    Verified

    This commit was signed with the committer’s verified signature.
    dmtucker David Tucker
    Copy the full SHA
    ea29ccc View commit details
  2. Merge pull request #134 from trail-of-forks/tob-better-errors

    oidc-exchange: avoid splitting the error message
    webknjaz authored Mar 21, 2023

    Verified

    This commit was signed with the committer’s verified signature.
    dmtucker David Tucker
    Copy the full SHA
    f3ce18f View commit details

Commits on Mar 22, 2023

  1. twine-upload: increase detail on console notices

    Signed-off-by: William Woodruff <[email protected]>
    
    Co-authored-by: Sviatoslav Sydorenko <[email protected]>
    woodruffw and webknjaz committed Mar 22, 2023
    Copy the full SHA
    ae29550 View commit details
  2. Merge PR #136 into unstable/v1

    This patch improves the logging detalization of which authentication
    mode is selected when the action runs. It uses the `::notice` workflow
    command to surface this detail to the workflow run summary page as
    annotations.
    webknjaz committed Mar 22, 2023
    Copy the full SHA
    48b317d View commit details
Showing with 13 additions and 5 deletions.
  1. +1 −4 oidc-exchange.py
  2. +12 −1 twine-upload.sh
5 changes: 1 addition & 4 deletions oidc-exchange.py
Original file line number Diff line number Diff line change
@@ -55,10 +55,7 @@ def die(msg: str) -> NoReturn:
with _GITHUB_STEP_SUMMARY.open("a", encoding="utf-8") as io:
print(msg, file=io)

# NOTE: `msg` is Markdown formatted, so we emit only the header line to
# avoid clogging the console log with a full Markdown formatted document.
header = msg.splitlines()[0]
print(f"::error::OIDC exchange failure: {header}", file=sys.stderr)
print(f"::error::OIDC exchange failure: {msg}", file=sys.stderr)
sys.exit(1)


13 changes: 12 additions & 1 deletion twine-upload.sh
Original file line number Diff line number Diff line change
@@ -43,8 +43,19 @@ INPUT_PRINT_HASH="$(get-normalized-input 'print-hash')"
if [[ "${INPUT_USER}" == "__token__" && -z "${INPUT_PASSWORD}" ]] ; then
# No password supplied by the user implies that we're in the OIDC flow;
# retrieve the OIDC credential and exchange it for a PyPI API token.
echo "::notice::In OIDC flow"
echo \
'::notice::Attempting to perform OIDC credential exchange ' \
'to retrieve a temporary short-lived API token for authentication ' \
"against ${INPUT_REPOSITORY_URL}"
INPUT_PASSWORD="$(python /app/oidc-exchange.py)"
elif [[ "${INPUT_USER}" == '__token__' ]]; then
echo \
'::notice::Using a user-provided API token for authentication ' \
"against ${INPUT_REPOSITORY_URL}"
else
echo \
'::notice::Using a username + password pair for authentication ' \
"against ${INPUT_REPOSITORY_URL}}"
fi

if [[