Published packages should include tag and commit if available

[eblis]

Issue Kind

Change in current behaviour

Description

It would be very nice if publishing packages from Poetry behaved similarly to twine and it added the tag (if using semantic versioning) as well as the commit hash when packages are published to GitLab Python repository.

I'm not sure how twine does it, but I can see some small differences between poetry and twine when packages are published to GitLab Python repository.

This is how packages published by poetry look like (command was poetry publish --build):

And this is how pckages published by twine look like (commands were poetry publish && twine upload):

In both cases the CI_JOB_TOKEN token was used to access the repository and publish the packages. As you can see twine adds some extra information, like the tag (0.7.10) and commit (b76b08dc)

These properties (along with many others) are available in GitLab pipeline as environment variables:

CI_COMMIT_SHORT_SHA            b76b08dc
CI_COMMIT_TAG                  0.7.10
GITLAB_USER_NAME               CI_API_TOKEN

Impact

Having the extra information helps to easily find out which tag and commit was responsible for the package.

Workarounds

Not having that information is not a deal-breaker, but it would be nice to have and twine already does it somehow.

[Secrus]

If you are motivated to see this in Poetry, we would appreciate your contribution or at least analysis of the difference between twine and poetry workflows.

[alexandrehassan]

I was curious about this, so I made a quick gitlab repository to try and replicate this behaviour. The behaviour I got with poetry and twine was identical repo package registry, repo .gitlab-ci.yml.

It might be a poetry version or gitlab version thing.

• 0.2.1 is with poetry publish --repository gitlab
• 0.2.2 is with poetry publish --build --repository gitlab
• 0.2.3 is with poetry run twine upload --repository-url "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/pypi" dist/*