twine icon indicating copy to clipboard operation
twine copied to clipboard

Published 20 hours ago verified publisher icon pypa

Allow specifying gpg-identity (et al.) via environment variable.

Open htgoebel opened this issue 7 years ago • 3 comments

If one uses twine directly, passing the requires gpg-identity as argument is straightforward.

But when using twine via a tool like https://github.com/zestsoftware/zest.releaser, passing the identity would require the tool to accept an appropriate option to forward it to twine. Same for other options like --sign-with.

Please add support for passing this by environment variables. As far as I understand the code, this should be easy to implement. Thanks.

htgoebel avatar Nov 11 '17 11:11 htgoebel

Please add support for passing this by environment variables. As far as I understand the code, this should be easy to implement. Thanks.

I'd be happy to review and merge a pull request that does this.

I do think we should also be considering how this could be abused, though.

sigmavirus24 avatar Nov 12 '17 13:11 sigmavirus24

TWINE_IDENTITY would be a good variable name.

It should also be configurable in the config file (.pypirc) on a per-repository basis.

sbliven avatar Jun 03 '20 04:06 sbliven

This is probably low priority since pypi is moving strongly away from GPG signatures (#616)

sbliven avatar Jun 03 '20 05:06 sbliven