Switch to "Trusted Publishers" for deployment to PyPI
See https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers and https://github.com/marketplace/actions/pypi-publishmaster
parent
886d53c85d
commit
c490e6b772
|
@ -22,7 +22,7 @@ jobs:
|
|||
- name: Install dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
python -m pip install setuptools flake8 pytest
|
||||
python -m pip install setuptools flake8 pytest wheel
|
||||
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
|
||||
- name: Lint with flake8
|
||||
run: |
|
||||
|
@ -30,6 +30,15 @@ jobs:
|
|||
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
|
||||
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
|
||||
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
|
||||
- name: Build
|
||||
run: |
|
||||
python setup.py sdist
|
||||
python setup.py bdist_wheel
|
||||
- name: Store distribution packages
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: dist
|
||||
path: dist/
|
||||
- name: Tests and coverage
|
||||
run: |
|
||||
if [ -f requirements-test.txt ]; then pip install -r requirements-test.txt; fi
|
||||
|
@ -46,20 +55,17 @@ jobs:
|
|||
needs: build
|
||||
if: startsWith(github.ref, 'refs/tags/v')
|
||||
|
||||
environment:
|
||||
name: pypi
|
||||
url: https://pypi.org/p/python-vipacess
|
||||
permissions:
|
||||
# IMPORTANT: this permission is mandatory for trusted publishing
|
||||
id-token: write
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
- name: Download distribution packages
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
python-version: '3.x'
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip install setuptools wheel twine
|
||||
name: dist
|
||||
path: dist/
|
||||
- name: Deploy to PyPI
|
||||
env:
|
||||
TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }}
|
||||
TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
|
||||
run: |
|
||||
python setup.py sdist bdist_wheel
|
||||
twine upload dist/*
|
||||
uses: pypa/gh-action-pypi-publish@release/v1
|
||||
|
|
|
@ -15,6 +15,10 @@
|
|||
# limitations under the License.
|
||||
|
||||
|
||||
import unittest
|
||||
import os
|
||||
IS_GITHUB_CI = os.getenv('GITHUB_ACTIONS')
|
||||
|
||||
# Python 2/3 compatibility
|
||||
try:
|
||||
import urllib.parse as urlparse
|
||||
|
@ -132,6 +136,7 @@ def provision_valid_token(token_model, attr, not_attr, check_sync=False):
|
|||
sleep(2 * test_otp_token['period'])
|
||||
assert sync_token(test_otp_token, test_token_secret)
|
||||
|
||||
@unittest.skipIf(IS_GITHUB_CI, reason='Network-based tests are unreliable in GitHub Actions CI')
|
||||
def test_check_TOTP_token_models():
|
||||
# Only try syncing one TOTP token, because it requires a delay.
|
||||
# Can we parallelize away? (https://nose.readthedocs.io/en/latest/doc_tests/test_multiprocess/multiprocess.html
|
||||
|
@ -142,10 +147,12 @@ def test_check_TOTP_token_models():
|
|||
first = False
|
||||
|
||||
|
||||
@unittest.skipIf(IS_GITHUB_CI, reason='Network-based tests are unreliable in GitHub Actions CI')
|
||||
def test_check_HOTP_token_models():
|
||||
for token_model in ('UBHE',):
|
||||
yield provision_valid_token, token_model, 'counter', 'period', True
|
||||
|
||||
@unittest.skipIf(IS_GITHUB_CI, reason='Network-based tests are unreliable in GitHub Actions CI')
|
||||
def test_check_token_detects_invalid_token():
|
||||
test_token = {'id': 'SYMC26070843', 'period': 30}
|
||||
test_token_secret = b'ZqeD\xd9wg]"\x12\x1f7\xc7v6"\xf0\x13\\i'
|
||||
|
|
Loading…
Reference in New Issue