Closed Josverl closed 5 months ago
Honestly, I don't know if there are some boundaries when using OIDC. Maybe try wikh the suggested action: pypi-publish
hmm, I adopted poetry just because I did not want to keep a shack full of different tools up-to date for different steps in the same process. and I think its quite achievable
The simple for of the question is : is it possible to configure this action to use the poetry arguments
-u, --username=USERNAME The username to access the repository. < this will be "__token__"
-p, --password=PASSWORD The password to access the repository. < this will be "${{ steps.mint.outputs.api-token }}"
and assuming so , and how to I provide the values to that ?
I tried using the pypi_token:
parameter for your action - but that does not appear to be used for the --password value , or the --username is set to a different value than __token__
I tried to follow though/reverse engineer the actions's logic, but I get lost
Ok, I think I see what was the issue with your first try with repository_username and repository_password.
It was the right approach, but adding username and password also requires adding the repository name and url. Check here. I assume your action fails, because you don't provided the repository information and it is expected. Please try to specify all the four values:
Please share your results when you try this :relaxed:
Did it solve your issue?
Hey @Josverl :) I checked OIDC a bit deeper, and here are my findings:
Check the details here: https://docs.pypi.org/trusted-publishers/using-a-publisher/ under The manual way section. Closing this issue since there won't be any development regarding it until pypi releases another (and recommended) way of using OIDC as a third party.
How can I publish using PyPI trusted publishers / OIDC ?
I tried using a separate action to get a token, that runs without a problem ,
but publishing still fails on auth with
HTTP Error 403: Invalid or non-existent authentication information.
accoding to the pypi docs the username is supposed to be "token", but I cannot find how to make this work with this action
also fails
logs >