gh-action-pypi-publish/twine-upload.sh

#! /usr/bin/env bash
set -Eeuo pipefail


if [[
    "$INPUT_USER" == "__token__" &&
    ! "$INPUT_PASSWORD" =~ ^pypi-
  ]]
then
    echo \
        ::warning file='# >>' PyPA publish to PyPI GHA'%3A' \
        POTENTIALLY INVALID TOKEN \
        '<< ':: \
        It looks like you are trying to use an API token to \
        authenticate in the package index and your token value does \
        not start with '"pypi-"' as it typically should. This may \
        cause an authentication error. Please verify that you have \
        copied your token properly if such an error occurs.
fi

if ( ! ls -A ${INPUT_PACKAGES_DIR%%/}/*.tar.gz &> /dev/null && \
     ! ls -A ${INPUT_PACKAGES_DIR%%/}/*.whl &> /dev/null )
then
    echo \
        ::warning file='# >>' PyPA publish to PyPI GHA'%3A' \
        MISSING DISTS \
        '<< ':: \
        It looks like there are no Python distribution packages to \
        publish in the directory "'${INPUT_PACKAGES_DIR%%/}/'". \
        Please verify that they are in place should you face this \
        problem.
fi

if [[ ${INPUT_VERIFY_METADATA,,} != "false" ]] ; then
    twine check ${INPUT_PACKAGES_DIR%%/}/*
fi

TWINE_EXTRA_ARGS=
if [[ ${INPUT_SKIP_EXISTING,,} != "false" ]] ; then
    TWINE_EXTRA_ARGS=--skip-existing
fi

if [[ ${INPUT_VERBOSE,,} != "false" ]] ; then
    TWINE_EXTRA_ARGS="--verbose $TWINE_EXTRA_ARGS"
fi

if [[ ${INPUT_PRINT_HASH,,} || ${INPUT_VERBOSE,,} != "false" ]] ; then
    python ./print-hash.py
fi

TWINE_USERNAME="$INPUT_USER" \
TWINE_PASSWORD="$INPUT_PASSWORD" \
TWINE_REPOSITORY_URL="$INPUT_REPOSITORY_URL" \
  exec twine upload ${TWINE_EXTRA_ARGS} ${INPUT_PACKAGES_DIR%%/}/*
Fix a space position in shabang 2019-08-23 19:13:19 +08:00			`#! /usr/bin/env bash`
Adapt to new yml based github actions Co-Authored-By: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua> Co-Authored-By: Pradyun Gedam <pradyunsg@gmail.com> 2019-08-21 04:48:52 +08:00			`set -Eeuo pipefail`

Emit a warning if the token looks invalid Resolves #9 2019-09-12 20:38:56 +08:00
			`if [[`
			`"$INPUT_USER" == "__token__" &&`
			`! "$INPUT_PASSWORD" =~ ^pypi-`
			`]]`
			`then`
Output warnings as GH Checks annotations 2020-06-04 07:06:14 +08:00			`echo \`
Add clarifying messages to annotation titles 2020-06-04 07:23:32 +08:00			`::warning file='# >>' PyPA publish to PyPI GHA'%3A' \`
			`POTENTIALLY INVALID TOKEN \`
			`'<< ':: \`
Emit a warning if the token looks invalid Resolves #9 2019-09-12 20:38:56 +08:00			`It looks like you are trying to use an API token to \`
			`authenticate in the package index and your token value does \`
			`not start with '"pypi-"' as it typically should. This may \`
			`cause an authentication error. Please verify that you have \`
			`copied your token properly if such an error occurs.`
			`fi`

Allow wildcards in INPUT_PACKAGES_DIR 2020-06-28 17:43:30 +08:00			`if ( ! ls -A ${INPUT_PACKAGES_DIR%%/}/*.tar.gz &> /dev/null && \`
			`! ls -A ${INPUT_PACKAGES_DIR%%/}/*.whl &> /dev/null )`
Print a warning if there's no dists to upload 2019-09-12 23:53:53 +08:00			`then`
Output warnings as GH Checks annotations 2020-06-04 07:06:14 +08:00			`echo \`
Add clarifying messages to annotation titles 2020-06-04 07:23:32 +08:00			`::warning file='# >>' PyPA publish to PyPI GHA'%3A' \`
			`MISSING DISTS \`
			`'<< ':: \`
Typos and brevity 2019-09-16 19:01:16 +08:00			`It looks like there are no Python distribution packages to \`
Invert quoting when rendering $INPUT_PACKAGES_DIR 2020-06-04 07:21:51 +08:00			`publish in the directory "'${INPUT_PACKAGES_DIR%%/}/'". \`
Output warnings as GH Checks annotations 2020-06-04 07:06:14 +08:00			`Please verify that they are in place should you face this \`
			`problem.`
Print a warning if there's no dists to upload 2019-09-12 23:53:53 +08:00			`fi`

Use metadata_verify instead of check 2020-06-03 23:04:52 +08:00			`if [[ ${INPUT_VERIFY_METADATA,,} != "false" ]] ; then`
Merge PR #33 This change implements running dists verification before performing actual upload. It is controlled by the input called `verify_metadata` which is on by default. 2020-06-03 23:40:16 +08:00			`twine check ${INPUT_PACKAGES_DIR%%/}/*`
feat: Add twine check before upload #30 2020-06-02 23:08:43 +08:00			`fi`

Expose `skip_existing` setting to the end-users 2020-06-20 03:30:53 +08:00			`TWINE_EXTRA_ARGS=`
			`if [[ ${INPUT_SKIP_EXISTING,,} != "false" ]] ; then`
			`TWINE_EXTRA_ARGS=--skip-existing`
			`fi`

🚑 Fix referring to `$INPUT_VERBOSE` var Resolves #41 2020-09-26 06:42:02 +08:00			`if [[ ${INPUT_VERBOSE,,} != "false" ]] ; then`
Update twine-upload.sh 2020-09-15 12:31:21 +08:00			`TWINE_EXTRA_ARGS="--verbose $TWINE_EXTRA_ARGS"`
			`fi`
Emit a warning if the token looks invalid Resolves #9 2019-09-12 20:38:56 +08:00
Move out the Python script from the shell script 2022-01-08 12:12:15 +08:00			`if [[ ${INPUT_PRINT_HASH,,} \|\| ${INPUT_VERBOSE,,} != "false" ]] ; then`
			`python ./print-hash.py`
			`fi`

Protect env vars in Twine invocation 2019-08-23 19:17:10 +08:00			`TWINE_USERNAME="$INPUT_USER" \`
			`TWINE_PASSWORD="$INPUT_PASSWORD" \`
			`TWINE_REPOSITORY_URL="$INPUT_REPOSITORY_URL" \`
Expose `skip_existing` setting to the end-users 2020-06-20 03:30:53 +08:00			`exec twine upload ${TWINE_EXTRA_ARGS} ${INPUT_PACKAGES_DIR%%/}/*`