Commit Graph

30 Commits

Author SHA1 Message Date
Sander Roet b655c9d564
change ${{ github.action_path }} to $GITHUB_ACTION_PATH
workaround for ${{ github.action_path }} not working inside containers
2024-11-19 11:46:32 +01:00
Sviatoslav Sydorenko 9b4dfb0c84
Pre-install Python if there's none
This is not usually the case for GitHub-hosted Runners but it might
happen with self-hosted runners.

Fixes #289.
2024-11-06 16:20:12 +01:00
Sviatoslav Sydorenko dfcfeca43e
🧪 Use prefetched action to make trampoline
Previously, the action repository was being cloned from the remote
twice, unnecessarily. This patch eliminates this step and
uses the copy that was checked out on job start.

The generated trampoline action is still copied into the allowlisted
working directory so it can be referenced by the relative path
starting with `./`.

It is now output under
`./.github/.tmp/.generated-actions/run-pypi-publish-in-docker-container`
which mutates the end-user's workspace slightly but uses a path that
is unlikely to clash with somebody else's use.

Unfortunately, we cannot use randomized paths because the composite
action syntax does not allow accessing variables in `uses:`.

Fixes #292.
2024-11-06 15:47:43 +01:00
Brendon Smith 36965cb24a
Run smoke tests before Docker builds
https://github.com/pypa/gh-action-pypi-publish/pull/230#discussion_r1787027821
2024-11-04 16:35:15 -05:00
Brendon Smith bacb62682c
Fail-fast in unsupported environments
https://github.com/pypa/gh-action-pypi-publish/pull/230#discussion_r1632406604

Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>
2024-11-04 16:35:14 -05:00
Brendon Smith 7ea8313fc2
Check repo ID instead of repo owner ID 2024-11-04 16:35:14 -05:00
Brendon Smith f51682fb52
Check repo owner ID instead of repo name 2024-11-04 16:35:14 -05:00
Brendon Smith a360fcb184
Dump action as JSON 2024-11-04 16:35:14 -05:00
Brendon Smith a869dd36b2
Checkout `github.head_ref` and repo for PRs
https://github.com/actions/checkout/issues/27#issuecomment-535897113
https://github.com/actions/checkout/issues/1108
2024-11-04 16:35:14 -05:00
Brendon Smith aed6c4b1b0
Generate Docker container action with Python 2024-11-04 16:35:13 -05:00
Brendon Smith 783267be69
Build Docker image and push to GHCR
Up to this point, the project has been set up as a Docker action
referencing the Dockerfile. The downside to using the Dockerfile for the
action is that the Docker image must be built every time the action is
used.

This commit will set up the project to build the Docker image and push
it to GitHub Container Registry (GHCR). This change will speed up user
workflows every time the action is used because the workflows will
simply pull the Docker image from GHCR instead of building again.

Changes:

- Add required metadata to Dockerfile
- Build container image with GitHub Actions
- Push container image to GHCR

Docker actions support pulling in pre-built Docker images. The downside
is that there's no way to specify the correct Docker tag because the
GitHub Actions `image` and `uses:` keys don't accept any context.
For example, if a user's workflow has
`uses: pypa/gh-action-pypi-publish@release/v1.8`, then the action should
pull in a Docker image built from the `release/v1.8` branch, something
like `ghcr.io/pypa/gh-action-pypi-publish:release-v1.8` (Docker tags
can't have `/`). The workaround is to switch the top-level `action.yml`
to a composite action that then calls the Docker action, substituting
the correct image name and tag.
2024-11-04 16:35:13 -05:00
William Woodruff 0126dcac8e
action: enable attestations by default
Signed-off-by: William Woodruff <william@trailofbits.com>
2024-10-28 14:31:58 -04:00
William Woodruff 8a08d61689
Expose PEP 740 attestations functionality
PR #236

This patch adds PEP 740 attestation generation to the workflow: when the Trusted Publishing flow is used, this will generate a publish attestation for each distribution being uploaded. These generated attestations are then fed into `twine`, which newly supports them via `--attestations`.

Ref: https://github.com/pypi/warehouse/issues/15871
2024-09-01 02:50:29 +02:00
Asher Foa e4b9031741 password input is no longer required, since not specifying it implies trusted publishing
Signed-off-by: Asher Foa <1268088+asherf@users.noreply.github.com>
2023-04-27 11:31:44 -04:00
Jay Chung d5417dc8be 🐛Correct default upload URL
close: #130
2023-03-16 16:39:57 +08:00
William Woodruff 2b46bad8cb
OIDC beta support
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
2023-03-15 17:08:09 -04:00
Sviatoslav Sydorenko 22b4d1f125
🐛 Make kebab options fall back for snake_case
The previous release didn't take into account the action defaults so
the promised fallbacks for the old input names didn't work. This patch
corrects that mistake.
2023-03-11 03:06:39 +01:00
Sviatoslav Sydorenko f131721e84
🎨 Convert action inputs to use kebab-case
Up until now, the action input names followed the snake_case naming
pattern that is well familiar to the pythonistas. But in GitHub
actions, the de-facto standard is using kebab-case, which is what
this patch achieves.
This style helps make the keys in YAML better standardized and
distinguishable from other identifiers.
The old snake_case names remain functional for the time being and will
not be removed until at least v3 release of this action.
2023-03-11 01:24:52 +01:00
Sviatoslav Sydorenko fedca4a9a8
🎨Use explicit strings for action input defaults 2022-12-06 21:44:30 +01:00
meowmeowcat 77ee113713 Move out the Python script from the shell script 2022-01-08 12:12:15 +08:00
meowmeowcat e5cc29fe08 Show hash values of files uploaded 2022-01-08 00:24:27 +08:00
Subin Modeel cf69e2047c Update twine-upload.sh 2020-09-25 13:14:20 -04:00
Sviatoslav Sydorenko 00ef3b8182
Expose `skip_existing` setting to the end-users 2020-06-19 21:30:53 +02:00
Henry Schreiner 9bda1cadd0 Use metadata_verify instead of check 2020-06-03 11:05:45 -04:00
Henry Schreiner 176ae50c06 feat: Add twine check before upload #30 2020-06-02 14:44:35 -04:00
Samuel Williams a8ddac2458 Fix typo in inputs
d7872a6165 changed the name of an input from `dist` to `packages-dir`,
but unfortunately it looks like GitHub actions expect underscores rather
than dashes, so deploys are currently broken with the following errors:

```
Run pypa/gh-action-pypi-publish@master
  with:
    user: __token__
    password: ***
    packages-dir: dist
  env:
    pythonLocation: /opt/hostedtoolcache/Python/3.8.0/x64
/usr/bin/docker run --name [...] -e INPUT_PACKAGES-DIR [...]

/app/twine-upload.sh: line 22: INPUT_PACKAGES_DIR: unbound variable

This patch replaces the dash with an underscore.

Resolves #20
2019-12-06 23:15:10 +00:00
Sviatoslav Sydorenko d7872a6165
Change `dist` param to `packages-dir` 2019-12-06 13:38:52 +01:00
Jesse Farebrother 4f4304928f Custom dist 2019-12-05 16:25:02 -07:00
Sviatoslav Sydorenko 2e00539ed7
Dedent sequence items in YAML 2019-08-23 13:11:24 +02:00
Mathias Fussenegger 25d67dc298 Adapt to new yml based github actions
Co-Authored-By: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
Co-Authored-By: Pradyun Gedam <pradyunsg@gmail.com>
2019-08-23 10:53:21 +02:00