1
0
mirror of https://github.com/pypa/gh-action-pypi-publish synced 2024-11-30 21:22:28 +08:00
Commit Graph

30 Commits

Author SHA1 Message Date
Brendon Smith
8a35517545
Support nested composite actions
To reference metadata about composite actions, GitHub Actions provides
the `github.action_` context, including `github.action_path`,
`github.action_ref`, and `github.action_repository`.

GitHub Actions supports nested composite actions with a recursion limit
of 9 (9 nested composite actions). Unfortunately `github.action_` values
are not propagated correctly when running nested composite actions.
This is a bug in the GitHub Actions runner.

The suggested workaround is to use inputs to set the correct values.
This commit will implement the suggested workaround.

https://docs.github.com/en/actions/creating-actions/creating-a-composite-action
https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/accessing-contextual-information-about-workflow-runs#github-context
https://github.com/actions/runner/issues/2473#issuecomment-1776029708
https://github.com/pypa/gh-action-pypi-publish/issues/299
2024-11-11 22:43:13 -05:00
Sviatoslav Sydorenko
9b4dfb0c84
Pre-install Python if there's none
This is not usually the case for GitHub-hosted Runners but it might
happen with self-hosted runners.

Fixes #289.
2024-11-06 16:20:12 +01:00
Sviatoslav Sydorenko
dfcfeca43e
🧪 Use prefetched action to make trampoline
Previously, the action repository was being cloned from the remote
twice, unnecessarily. This patch eliminates this step and
uses the copy that was checked out on job start.

The generated trampoline action is still copied into the allowlisted
working directory so it can be referenced by the relative path
starting with `./`.

It is now output under
`./.github/.tmp/.generated-actions/run-pypi-publish-in-docker-container`
which mutates the end-user's workspace slightly but uses a path that
is unlikely to clash with somebody else's use.

Unfortunately, we cannot use randomized paths because the composite
action syntax does not allow accessing variables in `uses:`.

Fixes #292.
2024-11-06 15:47:43 +01:00
Brendon Smith
36965cb24a
Run smoke tests before Docker builds
https://github.com/pypa/gh-action-pypi-publish/pull/230#discussion_r1787027821
2024-11-04 16:35:15 -05:00
Brendon Smith
bacb62682c
Fail-fast in unsupported environments
https://github.com/pypa/gh-action-pypi-publish/pull/230#discussion_r1632406604

Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>
2024-11-04 16:35:14 -05:00
Brendon Smith
7ea8313fc2
Check repo ID instead of repo owner ID 2024-11-04 16:35:14 -05:00
Brendon Smith
f51682fb52
Check repo owner ID instead of repo name 2024-11-04 16:35:14 -05:00
Brendon Smith
a360fcb184
Dump action as JSON 2024-11-04 16:35:14 -05:00
Brendon Smith
a869dd36b2
Checkout github.head_ref and repo for PRs
https://github.com/actions/checkout/issues/27#issuecomment-535897113
https://github.com/actions/checkout/issues/1108
2024-11-04 16:35:14 -05:00
Brendon Smith
aed6c4b1b0
Generate Docker container action with Python 2024-11-04 16:35:13 -05:00
Brendon Smith
783267be69
Build Docker image and push to GHCR
Up to this point, the project has been set up as a Docker action
referencing the Dockerfile. The downside to using the Dockerfile for the
action is that the Docker image must be built every time the action is
used.

This commit will set up the project to build the Docker image and push
it to GitHub Container Registry (GHCR). This change will speed up user
workflows every time the action is used because the workflows will
simply pull the Docker image from GHCR instead of building again.

Changes:

- Add required metadata to Dockerfile
- Build container image with GitHub Actions
- Push container image to GHCR

Docker actions support pulling in pre-built Docker images. The downside
is that there's no way to specify the correct Docker tag because the
GitHub Actions `image` and `uses:` keys don't accept any context.
For example, if a user's workflow has
`uses: pypa/gh-action-pypi-publish@release/v1.8`, then the action should
pull in a Docker image built from the `release/v1.8` branch, something
like `ghcr.io/pypa/gh-action-pypi-publish:release-v1.8` (Docker tags
can't have `/`). The workaround is to switch the top-level `action.yml`
to a composite action that then calls the Docker action, substituting
the correct image name and tag.
2024-11-04 16:35:13 -05:00
William Woodruff
0126dcac8e
action: enable attestations by default
Signed-off-by: William Woodruff <william@trailofbits.com>
2024-10-28 14:31:58 -04:00
William Woodruff
8a08d61689
Expose PEP 740 attestations functionality
PR #236

This patch adds PEP 740 attestation generation to the workflow: when the Trusted Publishing flow is used, this will generate a publish attestation for each distribution being uploaded. These generated attestations are then fed into `twine`, which newly supports them via `--attestations`.

Ref: https://github.com/pypi/warehouse/issues/15871
2024-09-01 02:50:29 +02:00
Asher Foa
e4b9031741 password input is no longer required, since not specifying it implies trusted publishing
Signed-off-by: Asher Foa <1268088+asherf@users.noreply.github.com>
2023-04-27 11:31:44 -04:00
Jay Chung
d5417dc8be 🐛Correct default upload URL
close: #130
2023-03-16 16:39:57 +08:00
William Woodruff
2b46bad8cb
OIDC beta support
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
2023-03-15 17:08:09 -04:00
Sviatoslav Sydorenko
22b4d1f125
🐛 Make kebab options fall back for snake_case
The previous release didn't take into account the action defaults so
the promised fallbacks for the old input names didn't work. This patch
corrects that mistake.
2023-03-11 03:06:39 +01:00
Sviatoslav Sydorenko
f131721e84
🎨 Convert action inputs to use kebab-case
Up until now, the action input names followed the snake_case naming
pattern that is well familiar to the pythonistas. But in GitHub
actions, the de-facto standard is using kebab-case, which is what
this patch achieves.
This style helps make the keys in YAML better standardized and
distinguishable from other identifiers.
The old snake_case names remain functional for the time being and will
not be removed until at least v3 release of this action.
2023-03-11 01:24:52 +01:00
Sviatoslav Sydorenko
fedca4a9a8
🎨Use explicit strings for action input defaults 2022-12-06 21:44:30 +01:00
meowmeowcat
77ee113713 Move out the Python script from the shell script 2022-01-08 12:12:15 +08:00
meowmeowcat
e5cc29fe08 Show hash values of files uploaded 2022-01-08 00:24:27 +08:00
Subin Modeel
cf69e2047c Update twine-upload.sh 2020-09-25 13:14:20 -04:00
Sviatoslav Sydorenko
00ef3b8182
Expose skip_existing setting to the end-users 2020-06-19 21:30:53 +02:00
Henry Schreiner
9bda1cadd0 Use metadata_verify instead of check 2020-06-03 11:05:45 -04:00
Henry Schreiner
176ae50c06 feat: Add twine check before upload #30 2020-06-02 14:44:35 -04:00
Samuel Williams
a8ddac2458 Fix typo in inputs
d7872a6165 changed the name of an input from `dist` to `packages-dir`,
but unfortunately it looks like GitHub actions expect underscores rather
than dashes, so deploys are currently broken with the following errors:

```
Run pypa/gh-action-pypi-publish@master
  with:
    user: __token__
    password: ***
    packages-dir: dist
  env:
    pythonLocation: /opt/hostedtoolcache/Python/3.8.0/x64
/usr/bin/docker run --name [...] -e INPUT_PACKAGES-DIR [...]

/app/twine-upload.sh: line 22: INPUT_PACKAGES_DIR: unbound variable

This patch replaces the dash with an underscore.

Resolves #20
2019-12-06 23:15:10 +00:00
Sviatoslav Sydorenko
d7872a6165
Change dist param to packages-dir 2019-12-06 13:38:52 +01:00
Jesse Farebrother
4f4304928f Custom dist 2019-12-05 16:25:02 -07:00
Sviatoslav Sydorenko
2e00539ed7
Dedent sequence items in YAML 2019-08-23 13:11:24 +02:00
Mathias Fussenegger
25d67dc298 Adapt to new yml based github actions
Co-Authored-By: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
Co-Authored-By: Pradyun Gedam <pradyunsg@gmail.com>
2019-08-23 10:53:21 +02:00