Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trusted publishing support for GitHub Actions + TestPyPI via uv publish #8584

Closed
nathanjmcdougall opened this issue Oct 26, 2024 · 5 comments · Fixed by #8632
Closed

Trusted publishing support for GitHub Actions + TestPyPI via uv publish #8584

nathanjmcdougall opened this issue Oct 26, 2024 · 5 comments · Fixed by #8632
Assignees
@konstin

Comments

@nathanjmcdougall
Copy link
Contributor

Currently, uv publish supports trusted publishing support via GitHub Actions with PyPI, but not with TestPyPI. For testing purposes, it would be great if support could be extended to TestPyPI.
@konstin
Copy link
Member

konstin commented Oct 28, 2024

The trusted publishing support exists for both TestPyPI and PyPI, is there anything specific not working?

@nathanjmcdougall
Copy link
Contributor Author

OK, that's great to hear, I guess in that case I just haven't worked out how to set up trusted publishing properly yet. I'm experimenting here:
https://github.com/nathanjmcdougall/postmodern-python-ci/blob/main/.github/workflows/release.yml

I get errors about missing credentials:

error: Failed to publish dist/postmodern_ci-0.1.0-py3-none-any.whl to https://upload.test.pypi.org/legacy/
Caused by: Failed to send POST request
Caused by: Missing credentials for https://upload.test.pypi.org/legacy/

My TestPyPI config is here:
image

I don't actually know where the TestPyPI upload endpoint is, I've tried manually using API tokens but I get the following:

Probably I need to do more work to diagnose my issue, so I'm closing for now. Any support appreciated but not expected.

@konstin
Copy link
Member

konstin commented Oct 28, 2024

The publish endpoint for TestPyPI is https://test.pypi.org/legacy/

@konstin
Copy link
Member

konstin commented Oct 28, 2024

To help with debugging trusted publishing, I recommend uv publish --trusted-publishing always, this will show errors earlier when there is a problem.

@nathanjmcdougall
Copy link
Contributor Author

nathanjmcdougall commented Oct 28, 2024
edited
Loading

Thanks, great to know the endpoint and the suggestion to --trusted-publishing was also helpful. The message I got was:

error: Failed to obtain token for trusted publishing
Caused by: environment variable not found

This was a tad cryptic without knowing the ins-and-outs of trusted publishing, but the issue was that I had not set id-token write permission, as described here. Once this was set, everything worked.

Thank you so much for your help.

konstin added a commit that referenced this issue Oct 28, 2024
@konstin
Hint about missing trusted publishing permission
e5566a2 
Fixes #8584
@konstin konstin mentioned this issue Oct 28, 2024
Merged
konstin added a commit that referenced this issue Oct 28, 2024
@konstin
Hint about missing trusted publishing permission
35db7f9 
Fixes #8584
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@konstin konstin

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Hint about missing trusted publishing permission astral-sh/uv
2 participants
@konstin @nathanjmcdougall