Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

📦 Migrate release workflow to Trusted Publishing #2149

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

📦 Migrate release workflow to Trusted Publishing #2149

wants to merge 1 commit into from
+113 −14

Conversation

webknjaz
Copy link
Member

Resolves #2147.

Contributor checklist
  • Included tests for the changes.
  • PR title is short, clear, and ready to be included in the user-facing changelog.
Maintainer checklist
  • Verified one of these labels is present: backwards incompatible, feature, enhancement, deprecation, bug, dependency, docs or skip-changelog as they determine changelog listing.
  • Assign the PR to an existing or new milestone for the target version (following Semantic Versioning).

@webknjaz webknjaz added the skip-changelog Avoid listing in changelog label Dec 17, 2024
@webknjaz webknjaz requested a review from jezdez December 17, 2024 00:49
webknjaz
webknjaz commented Dec 17, 2024
View reviewed changes
.github/workflows/release.yml
timeout-minutes: 2 # docker+network are slow sometimes

environment:
name: pypi
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jezdez we need to configure a trusted publishing entry on PyPI. It should point to this repository and this workflow name. It should also have the exact string pypi in the environment entry.
I'm assuming the Jazzband bot account has Owner privileges. They are necessary to proceed. The Maintainer role would not have proper level of access. (We might have to ask @nvie if that's the case)

Additionally, please go to the repository settings, open the Environments page and create one called pypi. Add required reviewers and save. Don't disallow self-reviews.
I imagine you'll add folks who currently have release privileges. Bear in mind that there's max of 6 entries. These can be individual accounts or teams. It sometimes makes more sense to group people into teams.

@webknjaz webknjaz mentioned this pull request Dec 17, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jezdez jezdez Awaiting requested review from jezdez

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
skip-changelog Avoid listing in changelog
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[TODO] Migrate the release process to Trusted Publishing
1 participant
@webknjaz