Merge pull request #19 from epics-containers/dev

Further code review changes

Author: gilesknap

.github/workflows/code.yml

@@ -115,8 +115,6 @@ jobs:
         run: |
           docker run --name test build bash /project/.github/workflows/container_tests.sh
           docker cp test:/project/dist .
-          docker cp test:/project/requirements.txt .
-          docker cp test:/project/requirements_dev.txt .
           docker cp test:/project/cov.xml .
 
       - name: Upload coverage to Codecov
@@ -140,11 +138,8 @@ jobs:
       - name: Upload build files
         uses: actions/upload-artifact@v3
         with:
-          name: build_files
-          path: |
-            dist
-            requirements.txt
-            requirements_dev.txt
+          name: dist
+          path: dist/*
 
   sdist:
     needs: container
@@ -158,7 +153,7 @@ jobs:
         # Replace this with the cli command if different to the repo name
         # (In the python3-pip-skeleton-cli this is already renamed)
         run: |
-          pip install build_files/dist/*.gz
+          pip install dist/*.gz
           python3-pip-skeleton --version
 
   release:
@@ -176,14 +171,13 @@ jobs:
         uses: softprops/action-gh-release@1e07f4398721186383de40550babbdf2b84acfc5 # v0.1.14
         with:
           files: |
-            build_files/*
-            build_files/dist/*
+            dist/*
           generate_release_notes: true
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Publish to PyPI
         env:
           TWINE_USERNAME: __token__
-          TWINE_PASSWORD: ${{ secrets.pypi_token }}
-        run: pipx run twine upload build_files/dist/*
+          TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }}
+        run: pipx run twine upload dist/*/whl dist/*.tar.gz

.github/workflows/container_tests.sh

@@ -2,19 +2,14 @@
 set -x
 
 cd /project
-
-python -m venv /tmp/venv
-source /tmp/venv/bin/activate
+source /venv/bin/activate
 
 touch requirements_dev.txt
 pip install -r requirements_dev.txt -e .[dev]
-pip freeze --exclude-editable > requirements_dev.txt
+pip freeze --exclude-editable > dist/requirements_dev.txt
 
 pipdeptree
 
-# ensure non-zero length requirements.txt
-echo "# runtime dependencies" >> requirements.txt
-
 git config --global user.email "[email protected]"
 git config --global user.name "Your Name"
 

.github/workflows/docs.yml

@@ -9,7 +9,6 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: ["ubuntu-latest"]
         python: ["3.10"]
 
     runs-on: ubuntu-latest

.github/workflows/linkcheck.yml

@@ -10,7 +10,6 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: ["ubuntu-latest"]
         python: ["3.10"]
 
     runs-on: ubuntu-latest

Dockerfile

@@ -30,9 +30,10 @@ ENV PATH=/venv/bin:$PATH
 RUN cd /project && \
     pip install --upgrade pip && \
     pip install -r requirements.txt dist/*.whl && \
-    pip freeze  > requirements.txt && \
+    pip freeze  > dist/requirements.txt && \
     # we don't want to include our own wheel in requirements - remove with sed
-    sed -i '/file:\/\//d' requirements.txt
+    # and replace with a comment to avoid a zero length asset upload later
+    sed -i '/file:/s/^/# Requirements for /' dist/requirements.txt
 
 FROM python:3.10-slim as runtime
 

README.rst

@@ -19,7 +19,7 @@ It integrates the following tools:
 
 - pip and setuptools_scm for version management
 - Pre-commit with black, flake8 and isort for static analysis
-- Pytest for tests and code [email protected]:dls-controls/python3-pip-skeleton.gitcoverage
+- Pytest for code and coverage
 - Sphinx for tutorials, how-to guides, explanations and reference documentation
 - GitHub Actions for code and docs CI and deployment to PyPI and GitHub Pages
 - tox -p: runs pre-commit, pytest, mypy and make docs

docs/how-to.rst

@@ -12,3 +12,4 @@ Practical step-by-step guides for the more experienced user.
     how-to/existing
     how-to/update
     how-to/excalidraw
+    how-to/pypi

docs/how-to/existing.rst

@@ -4,7 +4,7 @@ How to adopt the skeleton in an existing repo
 If you have an existing repo and would like to adopt the skeleton structure
 then you can use the commandline tool to merge the skeleton into your repo::
 
-    python3-pip-skeleton existing /path/to/existing/repo
+    python3-pip-skeleton existing /path/to/existing/repo --org my_github_user_or_org
 
 This will:
 
@@ -16,6 +16,9 @@ This will:
 - Push that merge branch back to the existing repo
 - Merge with the currently checked out branch, leaving you to fix the conflicts
 
+.. note::
+
+    To enable publishing to PyPI see `../how-to/pypi` 
 
 Example merge
 -------------

docs/how-to/pypi.rst

@@ -0,0 +1,25 @@
+Creating a PyPI Token
+=====================
+
+To publish your package on PyPI requires a PyPI account and for GitHub Actions
+to have a PyPI token authorizing access to that account.
+
+The simplest approach is to set up a PyPI token that is scoped to your PyPI account
+and add it to the secrets for your GitHub Organization (or user). This means
+that all new projects created in the Organization will automatically gain
+permission to publish to PyPI.
+
+Alternatively you can create a project scoped token for each project. This 
+is more work but more secure as a bad actor that obtains the key can only 
+affect a single project.
+
+If you do not already have a PyPI account use this link: create_account_.
+
+To learn how to create a token and store it in Github see: adding_a_token_.
+You can ignore the other sections of the page regarding Github Actions because
+these are already provided by skeleton. Note that skeleton uses ``PYPI_TOKEN``
+as the secret name instead of ``PYPI_API_TOKEN`` described in the link.
+
+
+.. _create_account: https://pypi.org/account/register/
+.. _adding_a_token: https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/#saving-credentials-on-github

docs/tutorials/new.rst

@@ -31,6 +31,15 @@ You can then run any entry points declared in setup.cfg e.g.::
 will run the python interpreter with access to all the packages you need to
 develop your repo.
 
+PyPI Token
+----------
+
+The Github Actions Continuous Integration will publish your package to PyPI.
+To do so you need a PyPI account and and a PyPI Token configured in your 
+project or github Organization. 
+
+see `../how-to/pypi`
+
 Running the tests
 -----------------