Publish to PyPI (KSM Ansible) #13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish to PyPI (KSM Ansible) | |
| on: | |
| workflow_dispatch: | |
| jobs: | |
| publish-pypi: | |
| name: Publish KSM Ansible Pulugin to PyPI | |
| environment: prod | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 # To keep builds from running too long | |
| defaults: | |
| run: | |
| working-directory: ./integration/keeper_secrets_manager_ansible | |
| steps: | |
| - name: Get the source code | |
| uses: actions/checkout@v3 | |
| - name: Set up Python 3.9 | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: 3.9 | |
| - name: Retrieve secrets from KSM | |
| id: ksmsecrets | |
| uses: Keeper-Security/ksm-action@master | |
| with: | |
| keeper-secret-config: ${{ secrets.KSM_PYPI_PUBLISHER_PYPI_SDK_CONFIG }} | |
| secrets: | | |
| -aBWi3-yU_qvatNh0Eaqew/field/password > PYPI_API_TOKEN | |
| - name: Install dependencies | |
| run: | | |
| python3 -m pip install --upgrade setuptools pip wheel twine | |
| python3 -m pip install -r requirements.txt | |
| - name: Build and Publish | |
| env: | |
| TWINE_USERNAME: __token__ | |
| TWINE_PASSWORD: ${{ steps.ksmsecrets.outputs.PYPI_API_TOKEN }} | |
| run: | | |
| python3 setup.py build | |
| python3 setup.py sdist | |
| python3 -m twine upload --verbose dist/* |