This document summarizes the changes made to fix the GitHub Actions workflow for PyPI publishing.
-
Cache Implementation
- Added proper caching for pip dependencies
- Configured cache paths for requirements files
- Implemented smart cache invalidation based on dependencies
-
Attestation Improvements
- Added verbose output and hash verification
- Improved logging for package validation
- Added security-related permissions
-
Package Structure and Configuration
- Fixed package discovery with proper setuptools configuration
- Implemented dynamic dependencies via requirements.txt
- Added proper keywords handling
- Fixed licensing information
- Enhanced version detection across both pyproject.toml and setup.py
-
Workflow Reliability
- Added package verification step before publishing
- Improved error handling and reporting
- Added version consistency check between pyproject.toml and setup.py
- Enhanced trigger conditions to include setup.py changes
The changes align with Python packaging best practices:
- Using modern
pyproject.tomlfor package configuration - Dynamic dependency management with requirements.txt
- Proper package discovery with setuptools
- SPDX license identifiers instead of classifiers
- Comprehensive package metadata
To manually test the workflow:
- Go to the GitHub Actions tab for your repository
- Select the "Upload Python Package" workflow
- Click "Run workflow"
- You have two options:
- Force Publish: Automatically enabled to run the workflow without requiring version changes
- Version Override: Optionally provide a specific version number to use (will update both pyproject.toml and setup.py files)
- Click "Run workflow" and monitor the execution
The workflow will automatically:
- Verify versions match between pyproject.toml and setup.py
- Update version numbers if an override is provided
- Build, validate, and publish the package
- Generate a summary report with publishing details
If publishing still fails:
- Check PyPI configuration in your GitHub repository settings
- Verify trusted publisher configuration on PyPI
- Ensure proper GitHub Environments setup
- Validate PyPI project name matches the name in your configuration files