Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CI -Separate out workflows for building pypi packages per test and release use cases #983

Merged
merged 1 commit into from
Nov 18, 2024
Merged

CI -Separate out workflows for building pypi packages per test and release use cases #983

merged 1 commit into from
Nov 18, 2024

Conversation

soapy1
Copy link
Contributor

@soapy1 soapy1 commented Nov 14, 2024
edited
Loading

Context

PR's coming from forks of users with improper github access have the "Builds and maybe upload PyPI package" workflow failing. For example:

The error produced is:

Error: Failed to get ID token: Error message: Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable

However, the workflow already has the required permissions set.

Description

This PR proposes separating out the 2 use cases for building pypi packages. These are

  1. building pypi packages for every pr to test the pr
  2. building pypi packages for a release to be uploaded to pypi (requires attestation)

Now, there are the worflows:

  • build_pypi_package
    • just builds and inspects the pypi package
    • runs on every pr
  • release
    • builds, inspects, attest, upload pypi package
    • only runs on releases

Refs:
https://docs.github.com/en/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#configuring-required-approval-for-workflows-from-public-forks
https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository

@soapy1
Seperate out workflows for building pypi packages per use case
a3a24d6 
Now, there are the worflows:
 * build_pypi_package
   * just builds and inspects the pypi package
   * runs on every pr
 * release
   * builds, inspects, attest, upload pypi package
   * only runs on releases
@netlify Netlify
Copy link

netlify bot commented Nov 14, 2024
edited
Loading

Deploy Preview for conda-store canceled.

Name Link
🔨 Latest commit a3a24d6
🔍 Latest deploy log https://app.netlify.com/sites/conda-store/deploys/6736773d87da7c00083e1c00

@soapy1 soapy1 mentioned this pull request Nov 14, 2024
Merged
3 tasks
@trallard trallard changed the title Seperate out workflows for building pypi packages per test and release use cases CI -Separate out workflows for building pypi packages per test and release use cases Nov 18, 2024
@trallard trallard merged commit 6be6ab5 into conda-incubator:main Nov 18, 2024
28 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@trallard trallard trallard approved these changes

Assignees
No one assigned
Labels
area: CI 👷🏽‍♀️ status: merge ready 🚀
Projects
conda-store 🐍
Status: Done 💪🏾
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@soapy1 @trallard