Jonathan Giannuzzi
Jonathan Giannuzzi
For publishing to PyPI, we should use trusted publishing, which won't require adding any credentials. For snapshots, shouldn't we restrict it to the default branch (`master`) or to at least...
I noticed a few misconfigurations on the repo that I fixed: - the team had `admin` access instead of `write` access - the branch protection rule for `master` allowed admin...
I'm going to add the secrets in the next hour
the 4 secrets have been added to the `snapshot` environment
The environments are actually configured as requested: - `snapshot` is allowed for the `master` branch - `release` is allowed for the `v*` tags Looking at the latest version of the...
@EnricoMi my bad, I used an earlier version of this key! I have just fixed it and launched a re-run of the failed workflow.
to be clear, this is the corresponding public key: https://keyserver.ubuntu.com/pks/lookup?search=EAAF05B3FE3D5DA2&fingerprint=on&op=index
@EnricoMi it is now failing further, during the actual upload to maven central: https://github.com/G-Research/spark-extension/actions/runs/13697578341/job/38490757224#step:9:5664 Could it be that you haven't transferred the ownership to the `gresearch` user?
> Have you also updated the key for the `release` environment? Just in case that used the old key as well. yes, I did update both!
alright, this is now fully working: https://github.com/G-Research/spark-extension/actions/runs/13770006431 I had to update the token (`OSSRH_USERNAME` and `OSSRH_PASSWORD`) to be the one from **OSSRH** instead of the one from the **Central Portal**...