Merge pull request #142 from trail-of-forks/tob-indicate-oidc

Add explanation of why the OIDC publishing was chosen to the log output.
This commit is contained in:
Sviatoslav Sydorenko 2023-04-03 02:07:09 +02:00 committed by GitHub
commit 69efb8cbfb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 1 deletions

View File

@ -17,6 +17,12 @@ Trusted publisher (OIDC) exchange failure:
{message} {message}
You're seeing this because the action wasn't given the inputs needed to
perform password-based or token-based authentication. If you intended to
perform one of those authentication methods instead of trusted
publishing, then you should double-check your secret configuration and variable
names.
Read more about trusted publishers at https://docs.pypi.org/trusted-publishers/ Read more about trusted publishers at https://docs.pypi.org/trusted-publishers/
""" """

View File

@ -46,7 +46,8 @@ if [[ "${INPUT_USER}" == "__token__" && -z "${INPUT_PASSWORD}" ]] ; then
echo \ echo \
'::notice::Attempting to perform OIDC credential exchange' \ '::notice::Attempting to perform OIDC credential exchange' \
'to retrieve a temporary short-lived API token for authentication' \ 'to retrieve a temporary short-lived API token for authentication' \
"against ${INPUT_REPOSITORY_URL}" "against ${INPUT_REPOSITORY_URL} due to __token__ username with no" \
'supplied password field'
INPUT_PASSWORD="$(python /app/oidc-exchange.py)" INPUT_PASSWORD="$(python /app/oidc-exchange.py)"
elif [[ "${INPUT_USER}" == '__token__' ]]; then elif [[ "${INPUT_USER}" == '__token__' ]]; then
echo \ echo \