From c97f090f47b4f5d08a198ae3c379d5b285651b5e Mon Sep 17 00:00:00 2001 From: Katelyn FitzGerald <7872563+kafitzgerald@users.noreply.github.com> Date: Fri, 20 Sep 2024 11:28:11 -0600 Subject: [PATCH 1/4] update PyPI workflow for switch to trusted publishing --- .github/workflows/pypi.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/pypi.yaml b/.github/workflows/pypi.yaml index 6ca9def..018aca9 100644 --- a/.github/workflows/pypi.yaml +++ b/.github/workflows/pypi.yaml @@ -1,18 +1,19 @@ name: Upload geocat-datafiles to PyPI on: - release: - types: - - published + workflow_dispatch: + jobs: test-build: if: github.repository == 'NCAR/geocat-datafiles' runs-on: ubuntu-latest + permissions: + id-token: write steps: - uses: actions/checkout@v2 - name: Set up Python uses: actions/setup-python@v2 with: - python-version: '3.x' + python-version: '3.10' - name: Install dependencies run: | python -m pip install --upgrade pip @@ -24,6 +25,7 @@ jobs: - name: Test the artifacts run: | python -m twine check dist/* + publish: needs: test-build if: startsWith(github.ref, 'refs/tags') @@ -33,7 +35,7 @@ jobs: - name: Set up Python uses: actions/setup-python@v2 with: - python-version: '3.x' + python-version: '3.10' - name: Install dependencies run: | python -m pip install --upgrade pip @@ -48,7 +50,5 @@ jobs: - name: Publish package to PyPI uses: pypa/gh-action-pypi-publish@v1.4.2 with: - user: __token__ - password: ${{ secrets.PYPI_GEOCAT_DATAFILES }} skip_existing: true - verbose: true \ No newline at end of file + verbose: true From 17a88125bad0781b8bb5cf9246d5ffd2d23de659 Mon Sep 17 00:00:00 2001 From: Katelyn FitzGerald <7872563+kafitzgerald@users.noreply.github.com> Date: Thu, 26 Sep 2024 11:53:56 -0600 Subject: [PATCH 2/4] roll back changes made only for consistency in pypi.yaml --- .github/workflows/pypi.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pypi.yaml b/.github/workflows/pypi.yaml index e7a57fb..b3ff803 100644 --- a/.github/workflows/pypi.yaml +++ b/.github/workflows/pypi.yaml @@ -1,6 +1,9 @@ name: Upload geocat-datafiles to PyPI on: workflow_dispatch: + release: + types: + - published jobs: test-build: @@ -13,7 +16,7 @@ jobs: - name: Set up Python uses: actions/setup-python@v5 with: - python-version: '3.10' + python-version: '3.x' - name: Install dependencies run: | python -m pip install --upgrade pip From fe63455e53cbebf71486fb592f30d1caba928314 Mon Sep 17 00:00:00 2001 From: Katelyn FitzGerald <7872563+kafitzgerald@users.noreply.github.com> Date: Thu, 26 Sep 2024 11:55:27 -0600 Subject: [PATCH 3/4] one more change to revert in pypi.yaml --- .github/workflows/pypi.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pypi.yaml b/.github/workflows/pypi.yaml index b3ff803..17a468c 100644 --- a/.github/workflows/pypi.yaml +++ b/.github/workflows/pypi.yaml @@ -38,7 +38,7 @@ jobs: - name: Set up Python uses: actions/setup-python@v5 with: - python-version: '3.10' + python-version: '3.x' - name: Install dependencies run: | python -m pip install --upgrade pip From af56f275a2a26658e986f88ccf7e18c2610dac9a Mon Sep 17 00:00:00 2001 From: Katelyn FitzGerald <7872563+kafitzgerald@users.noreply.github.com> Date: Thu, 26 Sep 2024 11:56:07 -0600 Subject: [PATCH 4/4] update pypi.yaml --- .github/workflows/pypi.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/pypi.yaml b/.github/workflows/pypi.yaml index 17a468c..fda3229 100644 --- a/.github/workflows/pypi.yaml +++ b/.github/workflows/pypi.yaml @@ -1,6 +1,5 @@ name: Upload geocat-datafiles to PyPI on: - workflow_dispatch: release: types: - published