Merge branch 'Publish' into main

Relkci · web-flow · commit 7852f637811e · 2025-11-15T01:05:00.000-07:00
diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml
@@ -0,0 +1,85 @@
+name: Auto-bump version, release, and publish
+
+on:
+  push:
+    branches:
+      - Publish
+
+permissions:
+  contents: write
+
+jobs:
+  bump-release-publish:
+    name: Auto-bump version and publish
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install build twine toml
+
+      - name: Auto-increment version
+        id: bump
+        run: |
+          python - << 'PY'
+          import toml
+          from pathlib import Path
+
+          path = Path("pyproject.toml")
+          data = toml.loads(path.read_text())
+
+          version = data["project"]["version"]
+
+          major, minor, patch = version.split(".")
+          patch = str(int(patch) + 1)
+          new_version = ".".join([major, minor, patch])
+
+          data["project"]["version"] = new_version
+
+          path.write_text(toml.dumps(data))
+
+          print(f"Bumped version: {version} -> {new_version}")
+
+          # Export for later steps
+          with open(Path("$GITHUB_OUTPUT"), "a") as f:
+              f.write(f"new_version={new_version}\n")
+          PY
+
+      - name: Commit updated version
+        run: |
+          git config user.name "github-actions"
+          git config user.email "actions@github.com"
+          git add pyproject.toml
+          git commit -m "Auto-bump version to ${{ steps.bump.outputs.new_version }}"
+          git push
+
+      - name: Build distributions
+        run: |
+          python -m build
+
+      - name: Publish to PyPI
+        env:
+          TWINE_USERNAME: "__token__"
+          TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
+        run: |
+          twine upload dist/*
+
+      - name: Create GitHub release
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: v${{ steps.bump.outputs.new_version }}
+          name: nessus-plugin-hosts v${{ steps.bump.outputs.new_version }}
+          generate_release_notes: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/pyproject.toml b/pyproject.toml
@@ -4,47 +4,19 @@ version = "1.0.0"
 description = "Hunts Jenkins jobs and builds for sensitive information in Jenkins environment variables"
 readme = "README.md"
 requires-python = ">=3.7"
+keywords = [ "jenkins", "security", "environment-variables", "pentest", "infosec",]
+classifiers = [ "Development Status :: 4 - Beta", "Intended Audience :: Information Technology", "Intended Audience :: System Administrators", "Topic :: Security", "Topic :: Software Development :: Testing", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.7", "Programming Language :: Python :: 3.8", "Programming Language :: Python :: 3.9", "Programming Language :: Python :: 3.10", "Programming Language :: Python :: 3.11",]
+dependencies = [ "requests", "alive-progress",]
+[[project.authors]]
+name = "Defensive Origins"
 
-authors = [
-  { name = "Defensive Origins" }
-]
-
-keywords = [
-  "jenkins",
-  "security",
-  "environment-variables",
-  "pentest",
-  "infosec"
-]
-
-classifiers = [
-  "Development Status :: 4 - Beta",
-  "Intended Audience :: Information Technology",
-  "Intended Audience :: System Administrators",
-  "Topic :: Security",
-  "Topic :: Software Development :: Testing",
-  "Programming Language :: Python :: 3",
-  "Programming Language :: Python :: 3.7",
-  "Programming Language :: Python :: 3.8",
-  "Programming Language :: Python :: 3.9",
-  "Programming Language :: Python :: 3.10",
-  "Programming Language :: Python :: 3.11",
-]
-
-dependencies = [
-  "requests",
-  "alive-progress",
-]
+[build-system]
+requires = [ "setuptools>=61.0",]
+build-backend = "setuptools.build_meta"
 
-# These map to CLI commands installed by pip
 [project.scripts]
 jenkins-env-hunter = "JenkinsEnvHunter:main"
 jenkins-check-noauth = "CheckNoAuth:main"
 
-[build-system]
-requires = ["setuptools>=61.0"]
-build-backend = "setuptools.build_meta"
-
-# Tell setuptools to include the two top-level modules as installable
 [tool.setuptools]
-py-modules = ["JenkinsEnvHunter", "CheckNoAuth"]
+py-modules = [ "JenkinsEnvHunter", "CheckNoAuth",]
