Adding azure-pipelines-pypi publishing yaml

ianhelle · web-flow · commit 801f9a5e8e73 · 2025-03-14T14:18:53.000-07:00
diff --git a/.azurepipelines/azure-pipelines-publish-pypi.yml b/.azurepipelines/azure-pipelines-publish-pypi.yml
@@ -0,0 +1,68 @@
+# MSTICPy PyPI Production pipeline
+
+# This pipeline is used to publish the MSTICPy package to PyPI
+name: 1ES-MSTICPy-Publish-$(date:yyyyMMdd)$(rev:.r)
+
+parameters:
+  Artifact: dist
+  Feed: testpypi
+
+resources:
+  repositories:
+  - repository: msticpy
+    name: microsoft/msticpy
+    type: git
+    ref: main
+  - repository: 1ESPipelineTemplates
+    type: git
+    name: 1ESPipelineTemplates/1ESPipelineTemplates
+    ref: refs/tags/release
+
+extends:
+  template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
+  parameters:
+    pool:
+      name: MSSecurity-1ES-Build-Agents-Pool
+      image: MSSecurity-1ES-Windows-2022
+      os: windows
+  variables:
+    - name: DistDir
+      value: $(Pipeline.Workspace)\${{ parameters.Artifact }}
+    - name: TWINE_PASSWORD
+      value: ${{ if eq(parameters.Feed, 'testpypi') }}${{ secrets.TEST_TWINE_PASSWORD }}${{ else }}${{ secrets.TWINE_PASSWORD }}
+
+  steps:
+  - checkout: self
+  
+  - task: UsePythonVersion@0
+    inputs:
+      versionSpec: '>=3.10'
+      architecture: 'x64'
+    displayName: 'Use latest Python'
+
+  - powershell: python -m pip install --upgrade pip
+    displayName: 'Upgrade pip'
+  - powershell: python -m pip install --upgrade build twine
+    displayName: 'Install build and twine'
+  - powershell: python -m pip install --upgrade keyring artifacts-keyring
+    displayName: 'Install keyring and artifacts-keyring'
+
+  - powershell: python -m build --sdist --wheel --outdir "$(DistDir)"
+    displayName: 'Build package wheel and sdist'
+
+  - task: PipAuthenticate@1
+    inputs:
+      artifactFeeds: 1ESToolsOrgFeed
+    displayName: 'Authenticate pip for internal feed'
+
+  - task: TwineAuthenticate@1
+    inputs:
+      artifactFeed: ${{ parameters.Feed }}
+    displayName: 'Authenticate Twine for PyPI feed'
+
+  - powershell: python -m twine upload --skip-existing --verbose "$(DistDir)/*"
+    displayName: 'Push to PyPI feed'
+    env:
+      TWINE_REPOSITORY: ${{ parameters.Feed }}
+      TWINE_USERNAME: __token__
+      TWINE_PASSWORD: $(TWINE_PASSWORD)
