Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Seemingly wrong specification of GitHub Action for publishing to PyPI / TestPyPI #1108

Closed
lmcmicu opened this issue Jul 17, 2022 · 3 comments · Fixed by #1113
Closed

Seemingly wrong specification of GitHub Action for publishing to PyPI / TestPyPI #1108

lmcmicu opened this issue Jul 17, 2022 · 3 comments · Fixed by #1113

Comments

@lmcmicu
Copy link

lmcmicu commented Jul 17, 2022
edited by webknjaz
Loading

The code at this link:

    - name: Publish distribution 📦 to Test PyPI
      uses: pypa/gh-action-pypi-publish@master
      with:
        password: ${{ secrets.TEST_PYPI_API_TOKEN }}
        repository_url: https://test.pypi.org/legacy/
    - name: Publish distribution 📦 to PyPI
      if: startsWith(github.ref, 'refs/tags')
      uses: pypa/gh-action-pypi-publish@master
      with:
        password: ${{ secrets.PYPI_API_TOKEN }}

Does not match the usage from the README of the GitHub Action's website. Further it does not work.

In particular the above code has the following problems:

  1. The user: __token__ field is missing.
  2. The specified action should not be taken from the master branch. It should point to a release. Currently the latest is @release/v1.
@pradyunsg
Copy link
Member

@webknjaz ^

@webknjaz
Copy link
Member

Further it does not work.

It does work. If it doesn't do what you expect, maybe you've saved the token in the repo secret incorrectly (hint: check for trailing/leading spaces — it's the only problem I've seen people face; re-saving the token correctly is the solution).

  • The user: __token__ field is missing.

It's unnecessary, it's already __token__ by default if unspecified. Maybe it's worth updating the action's README, though, not to include the user: entry at all in the snippets and add a separate section on "what if I want to specify non-API-token credentials?". I'd be open to merging such a PR.

  • The specified action should not be taken from the master branch. It should point to a release. Currently the latest is @release/v1.

I guess so. Although, it's just an example. I don't remember if I've come up with the release-tracking branch concept by the time I wrote the tutorial document. Feel free to send a PR updating this. Although, we'd have to remember to update the tutorial if I'll ever decide to make a v2 API for that action. I think I've left it pointing to the default branch just to avoid the burden of having to remember to update the tutorial document 🤷‍♂️

webknjaz added a commit to pypa/gh-action-pypi-publish that referenced this issue Jul 25, 2022
@webknjaz
Drop __token__ from README code usage snippets
5fb2f04 
This patch reduces the emphasis on the `__token__` value of the `user`
input since it's default anyway. It also adds a separate paragraph
showing how to specify a custom username if the need be.

Ref: pypa/packaging.python.org#1108
webknjaz added a commit to webknjaz/packaging.python.org that referenced this issue Jul 25, 2022
@webknjaz
Use the release-branch in GHA publish snippets
1f35bc3 
Resolves pypa#1108
@webknjaz webknjaz mentioned this issue Jul 25, 2022
Merged
@webknjaz
Copy link
Member

This will be fixed by #1113.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Use the release-branch in GHA publish snippets webknjaz/packaging.python.org
3 participants
@webknjaz @pradyunsg @lmcmicu