Feature/publish python package

[catcombo]

I prepared changes in pyproject.toml and CI for publishing spec2sdk to PyPI as we did for https://github.com/moneymeets/youtrack-sdk/ My only concerns are PyPI credentials. PyPI changed requirements and I had to switch to authorization token instead of basic authorization when I deployed one of my personal package in the last time. Probably, we should switch to authorization token here and in the YouTrack SDK as well. Can you login to PyPI and check if my statement is true? If this is true, we can use POETRY_PYPI_TOKEN_PYPI instead of POETRY_HTTP_BASIC_PYPI_* in the publish.yml.

[felix11h]

My only concerns are PyPI credentials. PyPI changed requirements and I had to switch to authorization token instead of basic authorization when I deployed one of my personal package in the last time. Probably, we should switch to authorization token here and in the YouTrack SDK as well. Can you login to PyPI and check if my statement is true? If this is true, we can use POETRY_PYPI_TOKEN_PYPI instead of POETRY_HTTP_BASIC_PYPI_* in the publish.yml.

I have tried to log in, it says the user does not exist. Maybe something about the saved credentials we have is incorrect? I can't say more about this at the moment as I wasn't involved in setting this up, but will clarify with Marcel once he is back.

In general, I'm definitely in favour of using the recommended authorization with PyPI.

[felix11h]

Can you login to PyPI and check if my statement is true? If this is true, we can use POETRY_PYPI_TOKEN_PYPI instead of POETRY_HTTP_BASIC_PYPI_* in the publish.yml.

We were able to log in, and it turns out that we are already using the token for authorization. I guess it's indeed confusing that the environment variables are called POETRY_HTTP_BASIC_PYPI_*. We can set the token as action secret under the name of POETRY_PYPI_TOKEN_PYPI if you prefer (https://python-poetry.org/docs/configuration#pypi-tokenname).

[catcombo]

Can you login to PyPI and check if my statement is true? If this is true, we can use POETRY_PYPI_TOKEN_PYPI instead of POETRY_HTTP_BASIC_PYPI_* in the publish.yml.

We were able to log in, and it turns out that we are already using the token for authorization. I guess it's indeed confusing that the environment variables are called POETRY_HTTP_BASIC_PYPI_*. We can set the token as action secret under the name of POETRY_PYPI_TOKEN_PYPI if you prefer (https://python-poetry.org/docs/configuration#pypi-tokenname).

I prefer to use token. It's more secure. I'll updated PR to use POETRY_PYPI_TOKEN_PYPI instead of POETRY_HTTP_BASIC_PYPI_*.

[marns93]

We need to add the variable POETRY_PYPI_TOKEN_PYPI with Pulumi first (PR: https://github.com/moneymeets/moneymeets-pulumi/pull/712).
Furthermore, I would prefer to update youtrack-sdk as well for consistency.

[felix11h]

Deployed the update the Action secrets (https://github.com/moneymeets/moneymeets-pulumi/pull/712), publishing can be tested/merged.

[catcombo]

/rebase