Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug report: Publish pipeline #304

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

michaelfeil
Copy link

@michaelfeil michaelfeil commented Jul 20, 2024

Benefit: If someone submits a PR, they cannot steal the PYPI_API_TOKEN. This could potentially be any current contributor.
qdrant/qdrant-client#699

Adapted from:
https://github.com/pypa/gh-action-pypi-publish?tab=readme-ov-file#trusted-publishing

There are some steps that the admin of this repo need to do. Both are UI actions.

TODO:

  1. Pypi.org Follow pypi guide https://docs.pypi.org/trusted-publishers/adding-a-publisher/

This should roughly do it

- owner "qdrant"
- repository name "fastembed"
- workflow "publish.yml"
- environment name "publish" # The name of environment in the yaml needs to match the name of the github UI and what you put on pypi
  1. Github.com Create a environment named "publish" in github UI under environments.
    Below a screenshot of project github.com/michaelfeil/infinity and added e.g. me as Required Reviewer (e.g. if someone else pushes a tag to my repo, this stalls the github CI, and I get a notification to approve the publish.yml workflow)
    image

@michaelfeil michaelfeil changed the title Bug report: Pipeline Bug report: Publish pipeline Jul 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant