Skip to content

[build] remove maintainer password from PyPI publish workflow in lieu of trusted publisher attestation #467

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
zacharyburnett wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

[build] remove maintainer password from PyPI publish workflow in lieu of trusted publisher attestation #467

zacharyburnett wants to merge 1 commit into from

Conversation

@zacharyburnett
Copy link
Collaborator

@zacharyburnett zacharyburnett commented Mar 12, 2025
edited
Loading

Resolves SCSB-199

Tasks

  • Update or add relevant roman_datamodels tests.
  • Update relevant docstrings and / or docs/ page.
  • Does this PR change any API used downstream? (If not, label with no-changelog-entry-needed.)
News fragment change types:
  • changes/<PR#>.feature.rst: new feature
  • changes/<PR#>.bugfix.rst: fixes an issue
  • changes/<PR#>.doc.rst: documentation change
  • changes/<PR#>.removal.rst: deprecation or removal of public API
  • changes/<PR#>.misc.rst: infrastructure or miscellaneous change

@zacharyburnett zacharyburnett self-assigned this Mar 12, 2025
@zacharyburnett zacharyburnett marked this pull request as ready for review March 12, 2025 14:44
@zacharyburnett zacharyburnett requested a review from a team as a code owner March 12, 2025 14:44
@codecov
Copy link

codecov bot commented Mar 12, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 97.84%. Comparing base (087a60d) to head (44e554e).
Report is 161 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #467      +/-   ##
==========================================
+ Coverage   97.56%   97.84%   +0.28%     
==========================================
  Files          30       40      +10     
  Lines        2788     4313    +1525     
==========================================
+ Hits         2720     4220    +1500     
- Misses         68       93      +25

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@braingram
Copy link
Collaborator

braingram commented Mar 12, 2025

Is there any way to test this (like a mock release to test pypi)? If not, does @jhunkeler or someone else have permissions to see and confirm the pypi settings?

@zacharyburnett zacharyburnett changed the title [build] remove explicit token in lieu of trusted publisher attestation when publishing to PyPI [build] remove maintainer password from PyPI publish workflow in lieu of trusted publisher attestation Mar 12, 2025
@zacharyburnett zacharyburnett marked this pull request as draft March 12, 2025 16:42
@PaulHuwe
Copy link
Collaborator

PaulHuwe commented Mar 29, 2025

@zacharyburnett Is there an update for this ticket?

@zacharyburnett
Copy link
Collaborator Author

zacharyburnett commented Mar 31, 2025

@zacharyburnett Is there an update for this ticket?

this is on hold unfortunately, there's an upstream issue in pypa/warehouse that has to be resolved first

@WilliamJamieson WilliamJamieson force-pushed the build/trusted_publisher branch from aaffe54 to 44e554e Compare July 2, 2025 15:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PaulHuwe PaulHuwe PaulHuwe approved these changes

Assignees

@zacharyburnett zacharyburnett

Labels

DO NOT MERGE no-changelog-entry-needed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@zacharyburnett @braingram @PaulHuwe