PyPI Publishing Setup Guide¶
Setting up GitHub Secrets for PyPI Publishing¶
The publish workflow now supports both API token authentication and trusted publishing. To use API tokens, you need to add the following secrets to your GitHub repository:
1. Generate PyPI API Tokens¶
For TestPyPI:¶
Go to https://test.pypi.org/manage/account/token/
Create a new API token with scope “Entire account” or project-specific
Copy the token (starts with
pypi-)
For PyPI:¶
Go to https://pypi.org/manage/account/token/
Create a new API token with scope “Entire account” or project-specific
Copy the token (starts with
pypi-)
2. Add Secrets to GitHub Repository¶
Go to your repository on GitHub: https://github.com/imewei/NLSQ
Navigate to Settings → Secrets and variables → Actions
Click “New repository secret”
Add the following secrets:
Name:
TEST_PYPI_API_TOKENValue: Your TestPyPI token (pypi-…)Name:
PYPI_API_TOKENValue: Your PyPI token (pypi-…)
3. Alternative: Trusted Publishing (Recommended)¶
For enhanced security, you can set up trusted publishing instead:
For TestPyPI:¶
Go to https://test.pypi.org/manage/project/nlsq/settings/publishing/
Add a new trusted publisher:
Owner:
imeweiRepository:
NLSQWorkflow name:
publish.ymlEnvironment:
testpypi
For PyPI:¶
Go to https://pypi.org/manage/project/nlsq/settings/publishing/
Add a new trusted publisher:
Owner:
imeweiRepository:
NLSQWorkflow name:
publish.ymlEnvironment:
pypi
Testing the Workflow¶
Manual trigger to TestPyPI:¶
gh workflow run publish.yml --field test_pypi=true
Create a release (publishes to PyPI):¶
git tag v0.1.1
git push origin v0.1.1
gh release create v0.1.1 --title "v0.1.1" --notes "Release notes here"
Verification¶
After publishing, verify the package:
TestPyPI:¶
pip install -i https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple/ nlsq
PyPI:¶
pip install nlsq