Allow publishing to pypi when tags are pushed

[GiacomoPope]

So the goal of this PR is to get the project ready so that new tags push the project to pypi too.

Maybe I need to do more for this to work, and the CI seems to be failing for something adjacent?

Edit: failure is because https://coveralls.io is down right now.

[webknjaz]

PyPI?

[webknjaz]

PyPI? Did you mean

Suggested change

	GITHUB_TOKEN: ${{ secrets.PYPI_API_TOKEN }}
	GITHUB_TOKEN: ${{ github.token }}

[GiacomoPope]

I'm just using the API secret from pypi and the above is the name I gave it?

[webknjaz]

@GiacomoPope the above PYPI_API_TOKEN string is the name of the secret in the repo settings, yes. Passing it to GH CLI will make it incapable of making API calls to GH because for GH API, it's invalid. GitHub token has nothing to do with PyPI. ${{ github.token }} contains an automatically assigned token that exists @ GHA.

[GiacomoPope]

So do I need to add the API token elsewhere, or is having secrets.PYPI_API_TOKEN populated enough to have gthub.token use the right token?

[GiacomoPope]

For example, I have this:

kyber-py/.github/workflows/ci.yml

Line 183 in 7b1c1b2

GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

for the coveralls API token

[tomato42]

not familiar with the github actions workflows to publish to pypi so can't say one way or the other if it's correct; "passes sniff test" is the best I can do 🙂

[tomato42]

shouldn't this be "1.0.0" ?

we have https://github.com/GiacomoPope/kyber-py/releases/tag/v1.0 ...

[GiacomoPope]

Yeah I agree

[webknjaz]

Perhaps, something newer since the repo advanced since?

Suggested change

	version = "0.1.0"
	version = "1.0.1.dev0"

[GiacomoPope]

what's the meaning of the dev0 part? I would be ok with 1.0.1

[webknjaz]

There's newer syntax available now:

Suggested change

	if: startsWith(github.ref, 'refs/tags/') # only publish to PyPI on tag pushes
	if: github.ref_type == 'tag' # only publish to PyPI on tag pushes