Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Opt into uploading PEP 740 digital publish attestations to PyPI #1342

Merged
merged 2 commits into from
Sep 3, 2024
Merged

Opt into uploading PEP 740 digital publish attestations to PyPI #1342

merged 2 commits into from
Sep 3, 2024

Conversation

webknjaz
Copy link
Member

@webknjaz webknjaz commented Sep 2, 2024

Summary

This patch enables the release workflow to sign the artifacts digitally and attach said signatures to PyPI releases: pypa/gh-action-pypi-publish#236

@webknjaz webknjaz requested a review from hynek September 2, 2024 22:18
@webknjaz webknjaz enabled auto-merge September 2, 2024 22:18
hynek
hynek approved these changes Sep 3, 2024
View reviewed changes
Copy link
Member

@hynek hynek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎉

@webknjaz webknjaz added this pull request to the merge queue Sep 3, 2024
Merged via the queue into main with commit 3fb6f56 Sep 3, 2024
16 checks passed
@webknjaz webknjaz deleted the maintenance/pypi-digital-publish-attestations branch September 3, 2024 05:02
@hynek
Copy link
Member

hynek commented Sep 3, 2024
edited
Loading

this doesn't work:

Checking dist/attrs-24.2.1.dev14-py3-none-any.whl: PASSED
Checking dist/attrs-24.2.1.dev14.tar.gz: PASSED
Notice: Generating and uploading digital attestations
Error: Attestation generation failure: The following paths look like distributions but are not actually files: /github/workspace/dist/attrs-24.2.1.dev14.tar.gz, /github/workspace/dist/attrs-24.2.1.dev14-py3-none-any.whl

I'll have to revert.

hynek added a commit that referenced this pull request Sep 3, 2024
@hynek
Revert "Opt into uploading PEP 740 digital publish attestations to Py…
d13c897 
…PI (#1342)"

This reverts commit 3fb6f56.
@hynek hynek restored the maintenance/pypi-digital-publish-attestations branch September 3, 2024 05:06
@hynek
Copy link
Member

hynek commented Sep 3, 2024

I've restored the branch for the next attempts… the error is rather mysterious, maybe @woodruffw has an idea?

https://github.com/python-attrs/attrs/actions/runs/10676826709/job/29591009736#step:4:17

@webknjaz
Copy link
Member Author

webknjaz commented Sep 3, 2024

Oh no.. Perhaps, that check needs to be inverted.

@webknjaz
Copy link
Member Author

webknjaz commented Sep 3, 2024

@hynek it's fixed now!

@webknjaz webknjaz deleted the maintenance/pypi-digital-publish-attestations branch September 3, 2024 09:11
@webknjaz webknjaz restored the maintenance/pypi-digital-publish-attestations branch September 3, 2024 09:11
@webknjaz webknjaz deleted the maintenance/pypi-digital-publish-attestations branch September 3, 2024 09:18
@hynek
Copy link
Member

hynek commented Sep 3, 2024

Yay! I see no difference on PyPI?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hynek hynek hynek approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@webknjaz @hynek