search

aio-libs / aiopg

aiopg is a library for accessing a PostgreSQL database from the asyncio
http://aiopg.readthedocs.io
BSD 2-Clause "Simplified" License
1.39k stars 159 forks source link

Let's put `aiopg` under the `aio-libs` org on PyPI #904

Open webknjaz opened 8 months ago

webknjaz commented 8 months ago

See the details @ https://github.com/orgs/aio-libs/discussions/26.

For this, we'll need somebody with Owner privileges to either give me access on PyPI (the username there is the same — webknjaz) or be invited to the org by me (for that I'd need the username of such an individual).

As a bonus, this will also allow us to set up secretless publishing from GHA to PyPI and get rid of the in-repo secrets.

cc @popravich

Pliner commented 8 months ago

See the details @ https://github.com/orgs/aio-libs/discussions/26.

For this, we'll need somebody with Owner privileges to either give me access on PyPI (the username there is the same — webknjaz) or be invited to the org by me (for that I'd need the username of such an individual).

As a bonus, this will also allow us to set up secretless publishing from GHA to PyPI and get rid of the in-repo secrets.

cc @popravich

Hi @webknjaz,

I seem to have Owner privileges on PyPi (my username is Pliner there) and I have sent you the invite.

webknjaz commented 8 months ago

Thanks, I moved it and reduced the regular user account privileges. Will keep the issue open until the secretless publishing replaces the bot account so that publishing from GH remains working.

webknjaz commented 8 months ago

Here's examples of some other pure-python repo CI/CD setups: https://github.com/aio-libs/aiomonitor/blob/main/.github/workflows/ci-cd.yml / https://github.com/aio-libs/aiomysql/blob/master/.github/workflows/ci-cd.yml. I recommend following these examples. Make sure to integrate re-actors/alls-green and maybe re-actors/checkout-python-sdist. Use the same workflow filename ci-cd.yml — it's standardized across the org. There's also examples of publishing to (Test)PyPI in those repos that you can reproduce.

I set up the trust to the workflow named ci-cd.yml (which doesn't yet exist) and the environment called pypi on the PyPI side. If you follow the above examples, it'll just magically work.. I've added protection to the pypi environment so that the actual releases require a button click.

Now, the rest of the GHA configuration is on you. Close this issue, once that's complete.