From c9be773e212f6d0b505a2eb52d9a4fde63a476c1 Mon Sep 17 00:00:00 2001 From: Charles Moore <122481442+moorec-aws@users.noreply.github.com> Date: Mon, 1 Apr 2024 17:08:47 +0000 Subject: [PATCH] feat!: public release (#101) Signed-off-by: Charles Moore <122481442+moorec-aws@users.noreply.github.com> --- .github/workflows/release_publish.yml | 21 ++------------------ .github/workflows/reuse_python_build.yml | 25 ------------------------ hatch.toml | 6 ------ 3 files changed, 2 insertions(+), 50 deletions(-) diff --git a/.github/workflows/release_publish.yml b/.github/workflows/release_publish.yml index 248edbc..0ef8e4d 100644 --- a/.github/workflows/release_publish.yml +++ b/.github/workflows/release_publish.yml @@ -41,11 +41,6 @@ jobs: permissions: id-token: write contents: write - env: - CODEARTIFACT_REGION: "us-west-2" - CODEARTIFACT_DOMAIN: ${{ secrets.CODEARTIFACT_DOMAIN }} - CODEARTIFACT_ACCOUNT_ID: ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} - CODEARTIFACT_REPOSITORY: ${{ secrets.CODEARTIFACT_REPOSITORY }} steps: - name: Checkout uses: actions/checkout@v4 @@ -88,17 +83,9 @@ jobs: echo EOF } >> $GITHUB_ENV - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_CODEARTIFACT_ROLE }} - aws-region: us-west-2 - mask-aws-account-id: true - # Tag must be made before building so the generated _version.py files have the correct version - name: Build run: | - export CODEARTIFACT_AUTH_TOKEN=$(aws codeartifact get-authorization-token --domain ${{ secrets.CODEARTIFACT_DOMAIN }} --domain-owner ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} --query authorizationToken --output text --region us-west-2) pip install --upgrade hatch hatch build @@ -167,9 +154,6 @@ jobs: - name: Install dependencies run: | - CODEARTIFACT_AUTH_TOKEN=$(aws codeartifact get-authorization-token --domain ${{ secrets.CODEARTIFACT_DOMAIN }} --domain-owner ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} --query authorizationToken --output text --region us-west-2) - echo "::add-mask::$CODEARTIFACT_AUTH_TOKEN" - echo CODEARTIFACT_AUTH_TOKEN=$CODEARTIFACT_AUTH_TOKEN >> $GITHUB_ENV pip install --upgrade hatch pip install --upgrade twine @@ -190,10 +174,9 @@ jobs: export TWINE_REPOSITORY_URL=`aws codeartifact get-repository-endpoint --domain ${{ secrets.CUSTOMER_DOMAIN }} --domain-owner ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} --repository ${{ secrets.CUSTOMER_REPOSITORY }} --format pypi --query repositoryEndpoint --output text` twine upload dist/* - # TODO: Uncomment this block to publish to PyPI once this package is public # # See https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-pypi - # - name: Publish to PyPI - # uses: pypa/gh-action-pypi-publish@release/v1 + - name: Publish to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 PublishToInternal: needs: Release diff --git a/.github/workflows/reuse_python_build.yml b/.github/workflows/reuse_python_build.yml index a1e0dc1..a5a325f 100644 --- a/.github/workflows/reuse_python_build.yml +++ b/.github/workflows/reuse_python_build.yml @@ -22,10 +22,6 @@ jobs: os: ["ubuntu-latest", "windows-latest", "macos-latest"] env: PYTHON: ${{ matrix.python-version }} - CODEARTIFACT_REGION: "us-west-2" - CODEARTIFACT_DOMAIN: ${{ secrets.CODEARTIFACT_DOMAIN }} - CODEARTIFACT_ACCOUNT_ID: ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} - CODEARTIFACT_REPOSITORY: ${{ secrets.CODEARTIFACT_REPOSITORY }} steps: - uses: actions/checkout@v4 if: ${{ !inputs.branch }} @@ -40,27 +36,6 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_CODEARTIFACT_ROLE }} - aws-region: us-west-2 - mask-aws-account-id: true - - - name: Setup CodeArtifact Unix - if: ${{ matrix.os == 'ubuntu-latest' || matrix.os == 'macos-latest' }} - run: | - CODEARTIFACT_AUTH_TOKEN=$(aws codeartifact get-authorization-token --domain ${{ secrets.CODEARTIFACT_DOMAIN }} --domain-owner ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} --query authorizationToken --output text --region us-west-2) - echo "::add-mask::$CODEARTIFACT_AUTH_TOKEN" - echo CODEARTIFACT_AUTH_TOKEN=$CODEARTIFACT_AUTH_TOKEN >> $GITHUB_ENV - - - name: CodeArtifact Setup Windows - if: ${{ matrix.os == 'windows-latest'}} - run: | - $CODEARTIFACT_AUTH_TOKEN=$(aws codeartifact get-authorization-token --domain ${{ secrets.CODEARTIFACT_DOMAIN }} --domain-owner ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} --query authorizationToken --output text --region us-west-2) - echo "::add-mask::$CODEARTIFACT_AUTH_TOKEN" - echo CODEARTIFACT_AUTH_TOKEN=$CODEARTIFACT_AUTH_TOKEN >> $env:GITHUB_ENV - name: Install Dependencies run: pip install --upgrade -r requirements-development.txt diff --git a/hatch.toml b/hatch.toml index f78b2de..b418f5b 100644 --- a/hatch.toml +++ b/hatch.toml @@ -23,15 +23,9 @@ lint = [ [[envs.all.matrix]] python = ["3.9", "3.10", "3.11"] -[envs.default.env-vars] -PIP_INDEX_URL="https://aws:{env:CODEARTIFACT_AUTH_TOKEN}@{env:CODEARTIFACT_DOMAIN}-{env:CODEARTIFACT_ACCOUNT_ID}.d.codeartifact.{env:CODEARTIFACT_REGION}.amazonaws.com/pypi/{env:CODEARTIFACT_REPOSITORY}/simple/" - [envs.codebuild.scripts] build = "hatch build" -[envs.codebuild.env-vars] -PIP_INDEX_URL="" - [envs.release] detached = true