search

italia / spid-compliant-certificates-python

Python native solution to generate and validate X.509 certificates according to Avviso SPID n.29 v3.
MIT License
23 stars 5 forks source link

Define repository secrets #3

Closed psmiraglia closed 3 years ago

psmiraglia commented 3 years ago

Is your feature request related to a problem? Please describe.

In order to publish on Docker Hub and PyPI some repository secrets should be created.

Describe the solution you'd like

Secrets to publish on Docker Hub

Secrets to publish on PyPI

Describe alternatives you've considered

None

Additional context

None

psmiraglia commented 3 years ago

@peppelinux PYPI_API_TOKEN is ready. What about DOCKERHUB_USERNAME and DOCKERHUB_TOKEN?

bfabio commented 3 years ago

@psmiraglia I added the two DockerHub secrets

Can you please rename the token at the pypi.org side to be compliant with our internal token naming policy? "github/italia/spid-compliant-certificates-python PYPI_API_TOKEN" would do

psmiraglia commented 3 years ago

@psmiraglia I added the two DockerHub secrets

👍

Can you please rename the token at the pypi.org side to be compliant with our internal token naming policy? "github/italia/spid-compliant-certificates-python PYPI_API_TOKEN" would do

My super powers are not enough. You should ask @peppelinux

psmiraglia commented 3 years ago

@bfabio @peppelinux some questions...

  1. Could you please check the Docker Hub configuration? I re-executed the workflow that build and push docker images but, despite a successful run, I can't see the image on dockerhub/italia.

  2. Could you please send me (in private) the value of DOCKERHUB_USERNAME?

  3. Was the repository italia/spid-compliant-certificates-python manually created? If so, I would ask you to rename it in italia/spid-compliant-certificates. Differentiation between python and shell will be made with the image versions (e.g. 0.1-python, 7.2-shell)

bfabio commented 3 years ago

@psmiraglia

  1. Could you please send me (in private) the value of DOCKERHUB_USERNAME?

This line should read italia/spid-compliant-certificates, as italia is an org and our username is different.

  1. Was the repository italia/spid-compliant-certificates-python manually created? If so, I would ask you to rename it in italia/spid-compliant-certificates. Differentiation between python and shell will be made with the image versions (e.g. 0.1-python, 7.2-shell)

It was, I created it earlier this morning, but it wasn't really needed and I can remove it.

Maybe I missing something, but If I can have my say on this, it seems kinda weird that two separate GitHub repos push to the same DockerHub image under a different tag. As a user I would expect github.com/italia/foobar to build italia/foobar on DockerHub.

psmiraglia commented 3 years ago

This line should read italia/spid-compliant-certificates, as italia is an org and our username is different.

Ok. I'm going to fix the workflow...

It was, I created it earlier this morning, but it wasn't really needed and I can remove it.

Ok

Maybe I missing something, but If I can have my say on this, it seems kinda weird that two separate GitHub repos push to the same DockerHub image under a different tag. As a user I would expect github.com/italia/foobar to build italia/foobar on DockerHub.

IMHO, the shell version of the tool does not really require a Docker image because it uses standard and very common shell commands.

@bfabio @peppelinux: If you agree with me, we could have only italia/spid-compliant-certificates Docker image, which is fueled by github/italia/spid-compliant-certificates-python.

peppelinux commented 3 years ago

Ok pypi Token updated with name "github/italia/spid-compliant-certificates-python PYPI_API_TOKEN" and also here, in project settings

psmiraglia commented 3 years ago

Ok. I'm going to fix the workflow...

14 #15

bfabio commented 3 years ago

@bfabio @peppelinux: If you agree with me, we could have only italia/spid-compliant-certificates Docker image, which is fueled by github/italia/spid-compliant-certificates-python.

It should be italia/spid-compliant-certificates-python on DockerHub, IMO

psmiraglia commented 3 years ago

It should be italia/spid-compliant-certificates-python on DockerHub, IMO

I think if we use -python, we indirectly say "we have Python and other languages images". This is why I would exclude -python from the image name.

bfabio commented 3 years ago

On the other end we'd have https://github.com/italia/spid-compliant-certificates with no relation with https://hub.docker.com/r/italia/spid-compliant-certificates, despite the name. That'd be pretty surprising, but I don't want to interject more than necessary and be blocking on this, so I'll trust your judgment guys :)

psmiraglia commented 3 years ago

@bfabio If you don't want to be blocking, review/approve #16 and create DOCKER_BASE_REPO secret! Hey you @peppelinux, where are you going? This is valid also for you... :stuck_out_tongue: :smile:

Jokes apart guys, take your time! About value for DOCKER_BASE_REPO, it should be clear. If not, ping me in private. You both know where I am...