Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: Switch to Trusted Publisher method for PyPI #769

Closed
wants to merge 2 commits into from
Closed

ci: Switch to Trusted Publisher method for PyPI #769

wants to merge 2 commits into from

Conversation

timmc-edx
Copy link
Member

Testing out the Trusted Publisher method for PyPI:
https://docs.pypi.org/trusted-publishers/

This should allow us to avoid using an org-wide secret, in favor of
short-lived tokens generated by GitHub.

Preceded by a refactor commit to clean up the workflow files first.

Merge checklist:
Check off if complete or not applicable:

  • Version bumped
  • Changelog record added
  • Documentation updated (not only docstrings)
  • Fixup commits are squashed away
  • Unit tests added/updated
  • Manual testing instructions provided
  • Noted any: Concerns, dependencies, migration issues, deadlines, tickets

@timmc-edx
ci: Clean up publishing workflows
38437d4 
This is in prep for more substantive changes to the PyPI call.

- Adjust formatting and naming, fix syntax (quote numeric string)
- Remove some differences: Remove default x64 arch value; use newer LTS
  Ubuntu
@timmc-edx
ci: Switch to Trusted Publisher method for PyPI
ea5080f 
Testing out the Trusted Publisher method for PyPI:
https://docs.pypi.org/trusted-publishers/

This should allow us to avoid using an org-wide secret, in favor of
short-lived tokens generated by GitHub.
@timmc-edx
Copy link
Member Author

Hmm, this requires more config than I realized: https://docs.pypi.org/trusted-publishers/adding-a-publisher/

@timmc-edx timmc-edx closed this Oct 10, 2024
@timmc-edx timmc-edx deleted the timmc/publish-token branch October 10, 2024 21:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@timmc-edx