Warehouse (the software implementing the PyPI service) expressly
disallows reuploading any file which is already present, and returns
an error if you attempt to do so. Under normal circumstances this is
desirable feedback, but if you're using this role to upload a batch
of files and encounter a network or service error partway through,
you can be left in a position where it's impossible to rerun the job
for those same artifacts later in order to correct the issue.
Add a pypi_twine_skip_existing boolean toggle to the pypi-upload
role, which will allow callers to indicate to twine that errors from
PyPI indicating a file is already present are to be treated as a
non-fatal condition so that it can proceed with uploading any which
do exist. Set its default to false, preserving the existing behavior
for the sake of backward compatibility.
In addition to the previously stated use case, this also makes it
possible to build different architecture-specific wheels in separate
jobs without needing to worry about deciding which one will include
the sdist, since they can all try to upload it safely.
Change-Id: I66a8ffce47eb5e856c3b481c20841b92e060b532
Simplify the update procedure by tagging the checkout with the current
unix timestamp, so we should always having an increasing version
number. This means we can do the test upload unconditionally in the
check gate. Given this runs very infrequently, this shouldn't be a
burden.
Change-Id: I12c222802297d760296d35651db8d22fedb6dab4
This does a full upload of the sandbox project to the test.pypi.org
service.
It uses the inline token with the caveats noted in the comment. Since
you can't upload the same version twice, always running this in the
check job will mean it will work the first time, but then fail (unless
something has been committed to the sandbox to update the version
number). As noted, the idea is that we develop the change and then do
one run that does a full test, and reviewers can check that before
committing. There's no real way to use a secret here because we
actually want this to run at check time, not in any post pipeline
where it would already be in production. We don't want to do
something like require committing something to sandbox every time you
run this in the check queue, etc. Given how much this is actually
updated (most of it hasn't been touched since 2019) I think this is a
reasonable compromise.
Change-Id: Ida4ad07c82a6301107c938565656988aba3bf250
Support an api_token argument. Accounts that have two-factor auth
will at some point require using API tokens to upload.
Change-Id: Id0c47d088d6e8febbae3c96caecc81ebe247754e
Modern PyPI no longer requires a separate register step, new
projects are registered at the time of upload, so drop the
registration tasks. Twine can also upload multiple artifacts in a
single invocation, and does so in the order in which they're
provided on the command line, thus there's no longer any need for
looping or different wheel and sdist tarball upload tasks.
Change-Id: I09acaf458af600137c72a70a8782c47b67937b60
With the arrival of ansible-lint 4, Jinja2 variable expansions must
include spaces before and after the variable name inside the
brackets.
Adjust the new violations accordingly and remove the rule
206 exclusion.
Change-Id: Ib3ff7b0233a5d5cf99772f9c2adc81861cf34ffa
...who would just reject them with
Binary wheel '...' has an unsupported platform tag 'linux_x86_64'.
anyway.
Change-Id: Ie656de99ec1a7b00490f99b89dfc33d5e73ad079
When uploading packages to a devPI instance, the role fails if
the packages are not registered first. Since this is not required
on PyPI, this adds the "pypi_register_first" option to the role
so that users can choose to do so.
Change-Id: I2b50362e485175d51840e49ffc09a734b44ec85d
Store .pypirc in tmpfs since it contains secrets, we do this for both
gpg and ssh keys.
Change-Id: Ie85bd6daf8650547842de99d3f7260c49f6d623d
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Since this file contains secrets, lets be extra safe and remove the
file after we've called twine.
Change-Id: I221a2e559430565c6a1a6852368445408d63f4b9
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Talking with fungi, the next version of pypi won't support asc files
being displayed. So, just revert for now. Also, this needs to be a
single twine command if we do want to support them.
This reverts commit 356c9807c3.
Change-Id: Ied130a1380ff2a404b9fdadb7c0cddd10cc757c5
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We don't actually need to conditionally check the result of find
because result.files will be an empty list if nothing is found.
Change-Id: I29a782df72064e602f072099dcba6ced3d4ea258
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Twine also supports asc files, so if found also upload them.
Change-Id: I12cc8b541ca136b64707efe7d94d7e5448238dc9
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Like we do for bindep and tox roles. Allow a user to manage the twine
binary outside of the upload-pypi role. This allows a user to better
control the path of the executable too.
Change-Id: I5c757b29e185ab76495abf3cfb2d853aada77a50
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Create a role to upload python artificats using twine
username and password are required, so remove them from
defaults. Install twine in the homedir by default if the twine command
is not found.
Upload wheels if found first, then tarballs.
Change-Id: I8857e2983e1175107164536d57e313a5b404bddb
Signed-off-by: Paul Belanger <pabelanger@redhat.com>