From ff4a2e9fe5f7e60535097806ea77a69e2e3a9f78 Mon Sep 17 00:00:00 2001 From: Vladisalv Sovrasov Date: Tue, 18 Mar 2025 23:20:51 +0900 Subject: [PATCH 1/2] Prepare workflows for trusted publishing --- .github/workflows/build-package-pypi.yaml | 2 -- .github/workflows/build-package-test-pypi.yaml | 2 -- .github/workflows/build-package.yaml | 18 +++++------------- 3 files changed, 5 insertions(+), 17 deletions(-) diff --git a/.github/workflows/build-package-pypi.yaml b/.github/workflows/build-package-pypi.yaml index d49360e2..bf6e7963 100644 --- a/.github/workflows/build-package-pypi.yaml +++ b/.github/workflows/build-package-pypi.yaml @@ -13,6 +13,4 @@ jobs: enable_dev_dependencies: 0 runner: ubuntu-latest secrets: - PYPI_USER: ${{ secrets.PYPI_USERNAME }} - PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }} PYPI_HOST: pypi.org diff --git a/.github/workflows/build-package-test-pypi.yaml b/.github/workflows/build-package-test-pypi.yaml index a7a4d4a3..d86f5def 100644 --- a/.github/workflows/build-package-test-pypi.yaml +++ b/.github/workflows/build-package-test-pypi.yaml @@ -16,6 +16,4 @@ jobs: enable_dev_dependencies: 1 runner: ubuntu-latest secrets: - PYPI_USER: ${{ secrets.TEST_PYPI_USERNAME }} - PYPI_PASSWORD: ${{ secrets.TEST_PYPI_PASSWORD }} PYPI_HOST: test.pypi.org diff --git a/.github/workflows/build-package.yaml b/.github/workflows/build-package.yaml index cab5bf40..8e352b25 100644 --- a/.github/workflows/build-package.yaml +++ b/.github/workflows/build-package.yaml @@ -10,16 +10,10 @@ on: required: true type: string secrets: - PYPI_USER: - required: true - PYPI_PASSWORD: - required: true PYPI_HOST: required: true env: - PYPI_USER: ${{ secrets.PYPI_USER }} - PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }} PYPI_HOST: ${{ secrets.PYPI_HOST }} ENABLE_DEV_DEPENDENCIES: ${{ inputs.enable_dev_dependencies }} @@ -71,13 +65,11 @@ jobs: path: dist - name: Publish SDK package to pypi - run: | - if [[ $PYPI_HOST = "test.pypi.org" ]]; then - twine upload -r testpypi dist/* -u $PYPI_USER -p $PYPI_PASSWORD - else - twine upload dist/* -u $PYPI_USER -p $PYPI_PASSWORD - fi - + uses: pypa/gh-action-pypi-publish@67339c736fd9354cd4f8cb0b744f2b82a74b5c70 # v1.12.3 + if: ${{ secrets.PYPI_HOST == 'test.pypi.org' }} + with: + repository-url: https://test.pypi.org/ + verbose: true - name: Clean up dist directory if it was created if: ${{ always() }} From dba32f1032b697e0ebf7e8d569aeaf8bc700eb81 Mon Sep 17 00:00:00 2001 From: Vladisalv Sovrasov Date: Thu, 20 Mar 2025 22:22:48 +0900 Subject: [PATCH 2/2] Update pypi host var in publish script --- .github/workflows/build-package.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-package.yaml b/.github/workflows/build-package.yaml index 8e352b25..12a512e8 100644 --- a/.github/workflows/build-package.yaml +++ b/.github/workflows/build-package.yaml @@ -66,7 +66,7 @@ jobs: - name: Publish SDK package to pypi uses: pypa/gh-action-pypi-publish@67339c736fd9354cd4f8cb0b744f2b82a74b5c70 # v1.12.3 - if: ${{ secrets.PYPI_HOST == 'test.pypi.org' }} + if: ${{ PYPI_HOST == 'test.pypi.org' }} with: repository-url: https://test.pypi.org/ verbose: true