aio-libs / aiodns

Simple DNS resolver for asyncio
https://pypi.python.org/pypi/aiodns
MIT License
538 stars 69 forks source link

Update the GHA workflow for publishing to PyPI and eliminate discouraged practices #120

Open webknjaz opened 7 months ago

webknjaz commented 7 months ago

Hey, I noticed you're using my action for uploading to the PyPI, but its version is outdated — it was deprecated 2 years ago (https://github.com/pypa/gh-action-pypi-publish/commit/1bbe3c9) and doesn't contain modern features. I noticed that other actions referenced in the workflow also use deprecated versions that may stop working anytime now.

Follow https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/ to get it up-to-date. The GH doc is not as detailed: https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-pypi#updating-your-github-actions-workflow.

Action items:

~P.S. If you ever decide you want to host this project under @aio-libs (which would make sense for us given that aiohttp depends on it, but no pressure!) — let me know and I can make this happen.~

Moving aiodns under the @aio-libs umbrella:

saghul commented 7 months ago

Thank you!

The project doesn't need much maintenance but since I'm not using Python at work I think it would make sense to find a new home for it and @aio-libs makes perfect sense.

I'd be happy to move it there and continue maintaining it there.

webknjaz commented 7 months ago

Your call but I've gone ahead and invited you to the org! Whenever you're ready, give me the owner permission so I could do the transfer. You'll be free to set up accesses as you see fit and I typically help out with CI/CD/packaging/RTD/docs subdomain when needed, even though I don't normally maintain each project under the @aio-libs umbrella.

webknjaz commented 2 months ago

Hey @saghul, I've found an invitation to join the repository in my inbox that I missed in April… Would you mind re-sending it?

webknjaz commented 2 months ago

@saghul ^

saghul commented 2 months ago

Hey! Sure thing!

webknjaz commented 2 months ago

@saghul thanks, finally we're in sync :) Could you make sure to give me "Owner" so I could move it? I can't see the repo settings page for some reason...

saghul commented 2 months ago

Not sure how I can do that, WTF? Since this is my personal account I can only add you as a collaborator.

webknjaz commented 2 months ago

Oh… I forgot this is how it works. We need a “mule” account in between. So you probably need to transfer it to me, and I'd transfer it to the org then.

webknjaz commented 2 months ago

GH will keep the redirects on the HTTP and Git levels even with such a double move, by the way.

webknjaz commented 2 months ago

@saghul so I've got an idea of a mule-org and made one. Let's test using it as a trampoline instead...

saghul commented 2 months ago

Done!

webknjaz commented 2 months ago

I looked at the new "repo transfer" interface and realized that they seem to have a direct transfer possibility now... So I was probably overengineering here :)

webknjaz commented 2 months ago

@saghul now that it's in, could you give me “Owner” on PyPI, so I could transfer it over there and configure tokenless publishing for the later GHA->PyPI integration?

saghul commented 2 months ago

Same username there?

webknjaz commented 2 months ago

yep

webknjaz commented 2 months ago

@saghul plz let me know when you do that and I'll cross that item off my list ;) Everything else does not strictly require my involvement (or yours for that matter), so maybe @Dreamsorcerer or @bdraco would have a minute to pick up those items.

webknjaz commented 2 months ago

I've updated the checklist in the initial post.

saghul commented 2 months ago

Invited you to pypi!

webknjaz commented 2 months ago

Thanks! I moved it and adjusted the privileges (the org is the only owner, others are maintainers so they show up in the UI on the project page).

webknjaz commented 2 months ago

Configured trust on the PyPI side similar to other projects. Ideally, the unified workflow should move into ci-cd.yml.

saghul commented 2 months ago

Feel free to go ahead!