From 8d9150ec7e1139198eefba9efe025da3d606b6d9 Mon Sep 17 00:00:00 2001 From: jzizka91 Date: Tue, 13 Feb 2024 14:22:13 +0100 Subject: [PATCH 1/2] modify publish workflow to allow pypi-trusted-publishing --- .github/workflows/publish.yaml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 9280ed0..481eaf2 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -13,11 +13,13 @@ env: concurrency: group: "publish" cancel-in-progress: false - jobs: publish-python: runs-on: ubuntu-22.04 # convco needs GLIBC_2.32 which is not in 20.04 environment: publish + # IMPORTANT: trusted publishing requires permission: id-token: write! Without it, the trusted publishing will not work! + # If the permission is the only one that is set, all other permissions are automatically set to none, which may cause permissions issues within the job. + permissions: write-all outputs: new_version: ${{ steps.set-vars.outputs.new_version }} steps: @@ -49,7 +51,7 @@ jobs: echo "old version: $old_version" echo "new version: $new_version" echo "new tag: $new_tag" - - name: Release and publish + - name: Release # Only run if the version has changed. # Only start publishing automatically when the major version is 1 or higher. if: ${{ env.OLD_VERSION != env.NEW_VERSION && env.NEW_MAJOR_VERSION >= 1 }} @@ -71,11 +73,12 @@ jobs: --notes-file ${{ env.CHANGELOG_FILE }} \ ${{ env.FULL_CHANGELOG_FILE }} ######################################## - # Publish to PyPI + # Build package ######################################## - poetry config http-basic.pypi ${{ secrets.PYPI_USERNAME}} ${{ secrets.PYPI_PASSWORD }} poetry version ${{ env.NEW_VERSION }} - poetry publish --build + poetry build + - name: Publish + uses: pypa/gh-action-pypi-publish@release/v1 build-docs: runs-on: ubuntu-22.04 From f540b6ee25f6cac375988800ba942ea1c0504f96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20Bel=C3=A1k?= Date: Tue, 13 Feb 2024 14:54:47 +0100 Subject: [PATCH 2/2] fix: include readme in pyproject.toml --- pyproject.toml | 1 + 1 file changed, 1 insertion(+) diff --git a/pyproject.toml b/pyproject.toml index 152539a..165cc69 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -7,6 +7,7 @@ description = "Effective data visualization and reporting tool" authors = ["Michal Belak "] include = ["example-datasets/*.csv"] exclude = ["tests"] +readme = "README.md" [tool.poetry.dependencies] python = ">=3.8, <3.12"