From 6644b862bb4555ddcb375c794ec5161de4a248df Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Sat, 10 Feb 2024 19:00:57 -0600 Subject: [PATCH] Add missing changelog entries Add release workflow and update classifiers --- .github/workflows/release.yml | 79 +++++++++++++++++++++++++++++++++++ changelog/1028.misc.rst | 1 + changelog/1040.misc.rst | 1 + changelog/969.bugfix.rst | 1 + setup.cfg | 1 - 5 files changed, 82 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/release.yml create mode 100644 changelog/1028.misc.rst create mode 100644 changelog/1040.misc.rst create mode 100644 changelog/969.bugfix.rst diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..0f4cb886 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,79 @@ +name: Publish to PyPI + +on: + push: + tags: + - "*" + +permissions: + contents: read + +jobs: + build: + name: "Build dists" + runs-on: "ubuntu-latest" + environment: + name: "publish" + outputs: + hashes: ${{ steps.hash.outputs.hashes }} + + steps: + - name: "Checkout repository" + uses: "actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3" + + - name: "Setup Python" + uses: "actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b" + with: + python-version: "3.x" + + - name: "Install dependencies" + run: python -m pip install build + + - name: "Build dists" + run: | + SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct) \ + python -m build + + - name: "Generate hashes" + id: hash + run: | + cd dist && echo "::set-output name=hashes::$(sha256sum * | base64 -w0)" + + - name: "Upload dists" + uses: "actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce" + with: + name: "dist" + path: "dist/" + if-no-files-found: error + retention-days: 5 + + provenance: + needs: [build] + permissions: + actions: read + contents: write + id-token: write # Needed to access the workflow's OIDC identity. + uses: "slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.5.0" + with: + base64-subjects: "${{ needs.build.outputs.hashes }}" + upload-assets: true + compile-generator: true # Workaround for https://github.com/slsa-framework/slsa-github-generator/issues/1163 + + publish: + name: "Publish to PyPI" + if: startsWith(github.ref, 'refs/tags/') + needs: ["build", "provenance"] + permissions: + contents: write + id-token: write + runs-on: "ubuntu-latest" + + steps: + - name: "Download dists" + uses: "actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a" + with: + name: "dist" + path: "dist/" + + - name: "Publish dists to PyPI" + uses: "pypa/gh-action-pypi-publish@48b317d84d5f59668bb13be49d1697e36b3ad009" diff --git a/changelog/1028.misc.rst b/changelog/1028.misc.rst new file mode 100644 index 00000000..949564f6 --- /dev/null +++ b/changelog/1028.misc.rst @@ -0,0 +1 @@ +Warn about PGP signatures being ignored and deprecated by PyPI diff --git a/changelog/1040.misc.rst b/changelog/1040.misc.rst new file mode 100644 index 00000000..7b282cef --- /dev/null +++ b/changelog/1040.misc.rst @@ -0,0 +1 @@ +Use API tokens by default for PyPI diff --git a/changelog/969.bugfix.rst b/changelog/969.bugfix.rst new file mode 100644 index 00000000..fca96640 --- /dev/null +++ b/changelog/969.bugfix.rst @@ -0,0 +1 @@ +Use ``email.message`` instead of ``cgi`` as ``cgi`` has been deprecated diff --git a/setup.cfg b/setup.cfg index 86704c2e..4b4908ac 100644 --- a/setup.cfg +++ b/setup.cfg @@ -23,7 +23,6 @@ classifiers = Programming Language :: Python Programming Language :: Python :: 3 Programming Language :: Python :: 3 :: Only - Programming Language :: Python :: 3.7 Programming Language :: Python :: 3.8 Programming Language :: Python :: 3.9 Programming Language :: Python :: 3.10