Use twine environment variables if set #3353
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The reflex publish command utilizes twine under the covers to publish to PyPI. However, reflex will effectively ignore twine environment variables and expect token or username/password to be passed via the CLI. This change adds TWINE_USERNAME and TWINE_PASSWORD as default values for username and password. This has two postive effects; it excludes passing secrets in a command line, and it just utilizes variables already potentially set as env vars. This addresses the issue in reflex-dev#3343 so that a user can avoid secrets in the command line. It's not the most ideal solution, which would be to fetch secrets from a file, but it is much better than CLI arguments. Note: if the user wants to pass a token securely, they can still set the TWINE_USERNAME to __token__ and TWINE_PASSWORD to the token (with the pypi- prefix) Closes reflex-dev#3343 Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
|
Let me know if you'd prefer different environment variable names. |
masenf
approved these changes
May 21, 2024
benedikt-bartscher
pushed a commit
to benedikt-bartscher/reflex
that referenced
this pull request
Jun 3, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The reflex publish command utilizes twine under the covers to publish to PyPI. However, reflex will effectively ignore twine environment variables and expect token or username/password to be passed via the CLI.
This change adds TWINE_USERNAME and TWINE_PASSWORD as default values for username and password. This has two postive effects; it excludes passing secrets in a command line, and it just utilizes variables already potentially set as env vars.
This addresses the issue in #3343 so that a user can avoid secrets in the command line. It's not the most ideal solution, which would be to fetch secrets from a file, but it is much better than CLI arguments.
Note: if the user wants to pass a token securely, they can still set the TWINE_USERNAME to token and TWINE_PASSWORD to the token (with the pypi- prefix)
Closes #3343
All Submissions:
Type of change
Please delete options that are not relevant.
New Feature Submission:
Changes To Core Features: