weiji14
commented
3 years ago
- We should rename them to better names,
TEST_PYPI_API_TOKENandPYPI_API_TOKENfollowing the official guide.
Ok, renaming TEST_PYPI_PASSWORD -> TEST_PYPI_API_TOKEN and PYPI_PASSWORD -> PYPI_API_TOKEN sounds good, I can do it in PR #900.
- The workflow always fails on forks, because forks don't have these secrets. We should skip the workflow for forks.
You sure we want to hardcode disabling Github Actions workflows for forks? I know we can add a if: github.repository == 'GenericMappingTools/pygmt' line to the workflow, but:
1) it will be hard for fork users to re-enable tests, unless they have good knowledge of Github Actions 2) fork users can disable tests themselves anyway at https://docs.github.com/en/github/administering-a-repository/disabling-or-limiting-github-actions-for-a-repository. 3) I thought tests will only run if people keep their fork/branch in sync with GenericMappingTools/pygmt? I.e. if they use the pull bot.
seisman
Description of the problem
The
publish-to-pypi.ymlworkflow uploads the PyGMT packages to PyPI and/or TestPyPI.During the release v0.3.0, we found an issue with the workflow and had a quick fix in #900.
When I reiviwed the workflow, I found two more issues:
test_pypi_passwordandpypi_passwordin thepypa/gh-action-pypi-publishaction. https://github.com/GenericMappingTools/pygmt/blob/65b099a5873b4f9e76d7fccdbc8882d9b37870e3/.github/workflows/publish-to-pypi.yml#L54-L64The names of these two secrets are confusing. They are API tokens (generated by me, if I remember correctly), not someone's passwords. We should rename them to better names,
TEST_PYPI_API_TOKENandPYPI_API_TOKENfollowing the official guide.