Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CI: Swap over to PyPI trusted publishing #3019

Merged
merged 1 commit into from
Apr 26, 2023
Merged

CI: Swap over to PyPI trusted publishing #3019

merged 1 commit into from
Apr 26, 2023

Conversation

dopplershift
Copy link
Member

@dopplershift dopplershift commented Apr 24, 2023
edited
Loading

Description Of Changes

Instead of using a fixed, shared API secret key, you configure a GitHub actions workflow (and environment) on PyPI to be allowed to publish to the project. Through this GitHub and PyPI exhange short-lived tokens for publication. Thankfully this is automatic when using the PyPA publication action that we've already been using.

I've already deactivated the previous API key (which was tied to my personal PyPI account) and removed it from our GitHub configs. Another benefit of this is that everything is tied to project infrastructure rather than individual users.

I've already configured our PyPI project to use our GitHub actions workflow and environment.

@dopplershift
CI: Swap over to PyPI trusted publishing
ac2f042 
Instead of using a fixed, shared API secret key, you configure a GitHub
actions workflow (and environment) on PyPI to be allowed to publish to
the project. Through this GitHub and PyPI exhange short-lived tokens for
publication.
@dopplershift dopplershift requested a review from a team as a code owner April 24, 2023 18:30
@dopplershift dopplershift requested review from dcamron and removed request for a team April 24, 2023 18:30
@dcamron dcamron merged commit 171ddb5 into Unidata:main Apr 26, 2023
@github-actions github-actions bot added this to the April 2023 milestone Apr 26, 2023
@dopplershift dopplershift deleted the trusted-release branch April 26, 2023 17:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dcamron dcamron dcamron approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.5.0
Development

Successfully merging this pull request may close these issues.
2 participants
@dopplershift @dcamron