cookie icon indicating copy to clipboard operation
cookie copied to clipboard
verified publisher icon scientific-python

feat: Use Trusted Publishers with GitLab CI/CD

Open matthewfeickert opened this issue 1 year ago • 1 comments

  • PyPI Trusted Publisher support now includes GitLab CI/CD, so use generated OIDC tokens to publish to TestPyPI or PyPI as needed in GitLab pipelines.
    • c.f. https://blog.pypi.org/posts/2024-04-17-expanding-trusted-publisher-support/

matthewfeickert avatar Apr 17 '24 21:04 matthewfeickert

Since twine 6.1.0, uploading with Trusted Publishing on GitLab CI/CD is automatically detected, and doesn't need any of the manual steps that were needed before (other than adding the id_tokens section). For example:

publish-job:
  stage: deploy
  image: python:3-bookworm
  id_tokens:
    PYPI_ID_TOKEN:
      aud: pypi
  script:
    - python -m pip install -U twine
    - twine upload python_pkg/dist/*

See the updated docs here: https://docs.pypi.org/trusted-publishers/using-a-publisher/#gitlab-cicd

facutuesca avatar May 02 '25 22:05 facutuesca