From e1147791d2a80ea60acb2f18eff9de350756ab59 Mon Sep 17 00:00:00 2001 From: Charles Moore <122481442+moorec-aws@users.noreply.github.com> Date: Mon, 1 Apr 2024 20:05:38 +0000 Subject: [PATCH] feat!: public release (#83) Signed-off-by: Charles Moore <122481442+moorec-aws@users.noreply.github.com> --- .github/workflows/release_publish.yml | 21 ++------------------- .github/workflows/reuse_python_build.yml | 14 -------------- hatch.toml | 2 -- pyproject.toml | 4 ++-- 4 files changed, 4 insertions(+), 37 deletions(-) diff --git a/.github/workflows/release_publish.yml b/.github/workflows/release_publish.yml index 333ceba..3f88faf 100644 --- a/.github/workflows/release_publish.yml +++ b/.github/workflows/release_publish.yml @@ -41,11 +41,6 @@ jobs: permissions: id-token: write contents: write - env: - CODEARTIFACT_REGION: "us-west-2" - CODEARTIFACT_DOMAIN: ${{ secrets.CODEARTIFACT_DOMAIN }} - CODEARTIFACT_ACCOUNT_ID: ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} - CODEARTIFACT_REPOSITORY: ${{ secrets.CODEARTIFACT_REPOSITORY }} steps: - name: Checkout uses: actions/checkout@v4 @@ -88,17 +83,9 @@ jobs: echo EOF } >> $GITHUB_ENV - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_CODEARTIFACT_ROLE }} - aws-region: us-west-2 - mask-aws-account-id: true - # Tag must be made before building so the generated _version.py files have the correct version - name: Build run: | - export CODEARTIFACT_AUTH_TOKEN=$(aws codeartifact get-authorization-token --domain ${{ secrets.CODEARTIFACT_DOMAIN }} --domain-owner ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} --query authorizationToken --output text --region us-west-2) pip install --upgrade hatch hatch -v build @@ -187,9 +174,6 @@ jobs: - name: Install dependencies run: | - CODEARTIFACT_AUTH_TOKEN=$(aws codeartifact get-authorization-token --domain ${{ secrets.CODEARTIFACT_DOMAIN }} --domain-owner ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} --query authorizationToken --output text --region us-west-2) - echo "::add-mask::$CODEARTIFACT_AUTH_TOKEN" - echo CODEARTIFACT_AUTH_TOKEN=$CODEARTIFACT_AUTH_TOKEN >> $GITHUB_ENV pip install --upgrade hatch pip install --upgrade twine @@ -210,7 +194,6 @@ jobs: export TWINE_REPOSITORY_URL=`aws codeartifact get-repository-endpoint --domain ${{ secrets.CUSTOMER_DOMAIN }} --domain-owner ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} --repository ${{ secrets.CUSTOMER_REPOSITORY }} --format pypi --query repositoryEndpoint --output text` twine upload dist/* - # TODO: Uncomment this block to publish to PyPI once this package is public # # See https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-pypi - # - name: Publish to PyPI - # uses: pypa/gh-action-pypi-publish@release/v1 + - name: Publish to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 diff --git a/.github/workflows/reuse_python_build.yml b/.github/workflows/reuse_python_build.yml index a53a64d..1198297 100644 --- a/.github/workflows/reuse_python_build.yml +++ b/.github/workflows/reuse_python_build.yml @@ -19,10 +19,6 @@ jobs: os: [ubuntu-latest, windows-latest, macOS-latest] env: PYTHON: ${{ matrix.python-version }} - CODEARTIFACT_REGION: "us-west-2" - CODEARTIFACT_DOMAIN: ${{ secrets.CODEARTIFACT_DOMAIN }} - CODEARTIFACT_ACCOUNT_ID: ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} - CODEARTIFACT_REPOSITORY: ${{ secrets.CODEARTIFACT_REPOSITORY }} steps: - uses: actions/checkout@v4 if: ${{ !inputs.branch }} @@ -38,19 +34,9 @@ jobs: with: python-version: ${{ matrix.python-version }} - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_CODEARTIFACT_ROLE }} - aws-region: us-west-2 - mask-aws-account-id: true - - name: Install Hatch shell: bash run: | - CODEARTIFACT_AUTH_TOKEN=$(aws codeartifact get-authorization-token --domain ${{ secrets.CODEARTIFACT_DOMAIN }} --domain-owner ${{ secrets.CODEARTIFACT_ACCOUNT_ID }} --query authorizationToken --output text --region us-west-2) - echo "::add-mask::$CODEARTIFACT_AUTH_TOKEN" - echo CODEARTIFACT_AUTH_TOKEN=$CODEARTIFACT_AUTH_TOKEN >> $GITHUB_ENV pip install --upgrade hatch - name: Run Linting diff --git a/hatch.toml b/hatch.toml index 5053f19..049d3b9 100644 --- a/hatch.toml +++ b/hatch.toml @@ -24,14 +24,12 @@ lint = [ python = ["3.9", "3.10", "3.11"] [envs.default.env-vars] -PIP_INDEX_URL="https://aws:{env:CODEARTIFACT_AUTH_TOKEN}@{env:CODEARTIFACT_DOMAIN}-{env:CODEARTIFACT_ACCOUNT_ID}.d.codeartifact.{env:CODEARTIFACT_REGION}.amazonaws.com/pypi/{env:CODEARTIFACT_REPOSITORY}/simple/" SKIP_BOOTSTRAP_TEST_RESOURCES="True" [envs.codebuild.scripts] build = "hatch build" [envs.codebuild.env-vars] -PIP_INDEX_URL="" SKIP_BOOTSTRAP_TEST_RESOURCES="True" [envs.release] diff --git a/pyproject.toml b/pyproject.toml index 446e86f..1ab3ced 100755 --- a/pyproject.toml +++ b/pyproject.toml @@ -30,12 +30,12 @@ classifiers = [ # consume this library should be the ones that are more strictly limiting dependencies # if they want/need to. dependencies = [ - "boto3 >= 1.28.78,<2.0", + "boto3 >= 1.34.75,<2.0", # boto3 depends on botocore, but we're finding that if we leave botocore to be resolved # transitively then resolving the dependency closure of this package in conjunction with # other test dependencies in other packages can result in it taking 20+ minutes to resolve # dependencies in Python3.9. So, we explicitly include the botocore dependency here. - "botocore >= 1.31.78" + "botocore >= 1.34.75" ] [project.urls]