-
Type: Task
-
Resolution: Done
-
Priority: Unknown
-
Affects Version/s: None
-
Component/s: None
-
None
Context
We should use PyPI trusted publishing to publish our artifacts, removing the need for local credentials.
Definition of done
python-bsonjs release artifacts can be published without local credentials by any member of the dbx-python team.
Pitfalls
This will require us to build the wheels in GitHub Actions, and then publish them from a GitHub Actions Environment. When we later add artifact signing, the signing credential will need to be added as an Environment Secret.
- is related to
-
PYTHON-4045 Use PyPI Trusted Publishing
- Closed