search

frankie567 / cookiecutter-hipster-pypackage

Cookiecutter template for a cutting-edge Python package: Hatch, ruff, mypy, GitHub Actions and more!
MIT License
37 stars 8 forks source link

Instructions for release? #4

Closed ahuang11 closed 8 months ago

ahuang11 commented 9 months ago

Should the README mention how to set up these HATCHINDEX* and GITHUB_TOKEN?

    - name: Build and publish on PyPI
      env:
        HATCH_INDEX_USER: {% raw %}${{ secrets.HATCH_INDEX_USER }}{% endraw %}
        HATCH_INDEX_AUTH: {% raw %}${{ secrets.HATCH_INDEX_AUTH }}{% endraw %}
      run: |
        hatch build
        hatch publish
    - name: Create release
      uses: ncipollo/release-action@v1
      with:
        draft: true
        body: {% raw %}${{ github.event.head_commit.message }}{% endraw %}
        artifacts: dist/*.whl,dist/*.tar.gz
        token: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %}

Also, this hangs for me.

hatch version patch
isort....................................................................Passed
black....................................................................Passed
check builtin type constructor use.......................................Passed
check for case conflicts.................................................Passed
check docstring is first.................................................Passed
check that executables have shebangs.................(no files to check)Skipped
check toml...........................................(no files to check)Skipped
detect private key.......................................................Passed
fix end of files.........................................................Passed
trim trailing whitespace.................................................Passed
codespell................................................................Passed
Vim: Warning: Output is not to a terminal
frankie567 commented 9 months ago

Hey 👋

You should create a token on your PyPI account: https://pypi.org/help/#apitoken Then, HATCH_INDEX_USER should be __token__ and HATCH_INDEX_AUTH the token you created.

I plan however to switch to the new Trusted Publisher method, which is cleaner and more secure. Working example here: https://github.com/frankie567/pwdlib/blob/2a847c1131a37eeffa1a47924eccf0dd4c3c3839/.github/workflows/build.yml#L56-L76

Regarding GITHUB_TOKEN, it's actually automatically available inside GitHub Actions, nothing to do: https://docs.github.com/en/actions/security-guides/automatic-token-authentication

ahuang11 commented 9 months ago

Thanks for elaborating.

I discovered the vim thing hanging can be worked around with git config --global core.editor "code --wait" to use VSCode as the default editor.

Now, I'm encountering this issue.

error: gpg failed to sign the data
error: unable to sign the tag
Traceback (most recent call last):
  File "<frozen runpy>", line 198, in _run_module_as_main
  File "<frozen runpy>", line 88, in _run_code
  File "/Users/airbook/Library/Application Support/hatch/env/virtual/testingo/TQepMv1D/testingo-build/lib/python3.11/site-packages/hatchling/__main__.py", line 6, in <module>
    sys.exit(hatchling())
             ^^^^^^^^^^^
  File "/Users/airbook/Library/Application Support/hatch/env/virtual/testingo/TQepMv1D/testingo-build/lib/python3.11/site-packages/hatchling/cli/__init__.py", line 26, in hatchling
    command(**kwargs)
  File "/Users/airbook/Library/Application Support/hatch/env/virtual/testingo/TQepMv1D/testingo-build/lib/python3.11/site-packages/hatchling/cli/version/__init__.py", line 41, in version_impl
    source.set_version(updated_version, version_data)
  File "/Users/airbook/Library/Application Support/hatch/env/virtual/testingo/TQepMv1D/testingo-build/lib/python3.11/site-packages/hatch_regex_commit/version_source.py", line 74, in set_version
    self.git.tag(self.config_tag_sign, tag_name, tag_message)
  File "/Users/airbook/Library/Application Support/hatch/env/virtual/testingo/TQepMv1D/testingo-build/lib/python3.11/site-packages/hatch_regex_commit/git.py", line 123, in tag
    subprocess.check_output(command)
  File "/opt/homebrew/Cellar/python@3.11/3.11.7_1/Frameworks/Python.framework/Versions/3.11/lib/python3.11/subprocess.py", line 466, in check_output
    return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/homebrew/Cellar/python@3.11/3.11.7_1/Frameworks/Python.framework/Versions/3.11/lib/python3.11/subprocess.py", line 571, in run
    raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['git', 'tag', 'v0.0.4', '--sign', '--message', 'Bump version 0.0.3 → 0.0.4']' returned non-zero exit status 128.
frankie567 commented 9 months ago

I also have VS Code as default Git editor. Normally, it opens a new file in VS Code. If you just save and close it, it should work. Maybe you quit VS Code?

ahuang11 commented 9 months ago

I think it's related to git signing, which I haven't setup.

frankie567 commented 9 months ago

Oh right! In this case, you can disable it: https://github.com/frankie567/hatch-regex-commit?tab=readme-ov-file#version-source-options

[tool.hatch.version]
# ...
tag_sign = false