actions
/
gh-action-pypi-publish
Template
mirror of https://github.com/pypa/gh-action-pypi-publish
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Check for Trusted Publishing in magic link logic

This commit is contained in:
Facundo Tuesca 2024-09-27 20:47:02 +02:00
parent 897895f1e1
commit a1ce3844ac
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
twine-upload.sh
View File

@ -73,7 +73,11 @@ MAGIC_LINK_MESSAGE="::warning title=Create a Trusted Publisher::\
A new Trusted Publisher for the currently running publishing workflow can be created \ A new Trusted Publisher for the currently running publishing workflow can be created \
by accessing the following link(s) while logged-in as an owner of the package(s):" by accessing the following link(s) while logged-in as an owner of the package(s):"
if [[ ! "${INPUT_REPOSITORY_URL}" =~ pypi\.org || ${#PACKAGE_NAMES[@]} -eq 0 ]] ; then
[[ "${INPUT_USER}" == "__token__" && -z "${INPUT_PASSWORD}" ]] \
&& TRUSTED_PUBLISHING=true || TRUSTED_PUBLISHING=false
if [[ "${TRUSTED_PUBLISHING}" == true || ! "${INPUT_REPOSITORY_URL}" =~ pypi\.org || ${#PACKAGE_NAMES[@]} -eq 0 ]] ; then
TRUSTED_PUBLISHING_MAGIC_LINK_NUDGE="" TRUSTED_PUBLISHING_MAGIC_LINK_NUDGE=""
else else
if [[ "${INPUT_REPOSITORY_URL}" =~ test\.pypi\.org ]] ; then if [[ "${INPUT_REPOSITORY_URL}" =~ test\.pypi\.org ]] ; then
@ -90,8 +94,6 @@ else
echo "${MAGIC_LINK_MESSAGE}" >> $GITHUB_STEP_SUMMARY echo "${MAGIC_LINK_MESSAGE}" >> $GITHUB_STEP_SUMMARY
fi fi
[[ "${INPUT_USER}" == "__token__" && -z "${INPUT_PASSWORD}" ]] \
&& TRUSTED_PUBLISHING=true || TRUSTED_PUBLISHING=false
if [[ "${INPUT_ATTESTATIONS}" != "false" ]] ; then if [[ "${INPUT_ATTESTATIONS}" != "false" ]] ; then
# Setting `attestations: true` without Trusted Publishing indicates # Setting `attestations: true` without Trusted Publishing indicates