You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Most of the Pelican's plugins under the new pelican-plugins organization publish to PyPI via the command poetry publish -u __token__ -p $PYPI_PASSWORD, in their GitHub workflow. This implies that the PyPI associated project's password must be stored in the Environment secrets of the GitHub repository.
Some plugins have already migrated to using the pypa/gh-action-pypi-publish GitHub action for publishing to PyPI, like sitemap and featured-image. In this new scheme, there is no need to store the PyPI password in GitHub, but a new Trusted Publisher must be defined at PyPI. This can be done as follows, supposing PyPI project pelican-name is associated with the pelican-plugins/name repository at GitHub:
The workflow name must correspond to the file name in .gihub/workflows.
Once you fill out the form with those values and tap the “Add” button, then the name project should be all ready for publication via the gh-action-pypi-publish action (once again, assuming that the relevant workflow file changes have also been made). Note that the above trusted publisher configuration can be done in advance — before actually switching to that method in the GitHub Action workflow — without disrupting the current publication flow.
[Acknowledgments: The above text are the almost verbatim instructions that @justinmayer sent to me some time ago.]
The text was updated successfully, but these errors were encountered:
Most of the Pelican's plugins under the new pelican-plugins organization publish to PyPI via the command
poetry publish -u __token__ -p $PYPI_PASSWORD
, in their GitHub workflow. This implies that the PyPI associated project's password must be stored in the Environment secrets of the GitHub repository.Some plugins have already migrated to using the pypa/gh-action-pypi-publish GitHub action for publishing to PyPI, like sitemap and featured-image. In this new scheme, there is no need to store the PyPI password in GitHub, but a new Trusted Publisher must be defined at PyPI. This can be done as follows, supposing PyPI project pelican-
name
is associated with the pelican-plugins/name
repository at GitHub:Go to the following page:
https://pypi.org/manage/project/pelican-`name`/settings/publishing/
and fill in the form with these values:
Owner: pelican-plugins
Repository name:
name
Workflow name:
main.yml
Environment name: Deployment
The workflow name must correspond to the file name in
.gihub/workflows
.Once you fill out the form with those values and tap the “Add” button, then the
name
project should be all ready for publication via thegh-action-pypi-publish
action (once again, assuming that the relevant workflow file changes have also been made). Note that the above trusted publisher configuration can be done in advance — before actually switching to that method in the GitHub Action workflow — without disrupting the current publication flow.[Acknowledgments: The above text are the almost verbatim instructions that @justinmayer sent to me some time ago.]
The text was updated successfully, but these errors were encountered: