Add publish.yml GitHub Action job to upload urdfdom-py to PyPI

[traversaro]

Implement ros/urdf_parser_py#85 (comment) . The package will be uploaded as soon as we tag a v1.2.1 release.

[haixuanTao]

Just aded macOS as I'm planning to use it on my Mac. :)

[haixuanTao]

Suggested change

	- ubuntu-24.04
	- ubuntu-24.04
	- macos-latest

this should be okay

[haixuanTao]

Suggested change

	name: Deploy to PyPI
	runs-on: ubuntu-24.04
	name: Deploy to PyPI
	runs-on: ${{ matrix.os }}
	strategy:
	fail-fast: false
	matrix:
	python-version:
	- 3.11
	os:
	- ubuntu-24.04
	- macos-latest

[traversaro]

The wheel is pure python, so I do not think we do not need to publish a different one for each os, just uploading it on Linux is fine and will produce a package that should work fine also on macos.

[haixuanTao]

ok! I wasn't sure about this, but you're probably right

[traversaro]

I tried to do a test upload to TestPyPI with Trusted Publishers in the https://github.com/traversaro/urdfdom-py-pypi/tree/staging branch, with all the releases in https://github.com/traversaro/urdfdom-py-pypi/releases . However, the upload somehow is failing with:

SHA256: 1a5a9b8a08452a64c9e25c4163bb7a3d062e61522aa135ce4e7e85cd9fc919da
MD5: 3ae60a82bfed709a5647f3c406ae6591
BLAKE2-256: 8c4d7513ea918de04606dcc25f733237dc8ca8a1c84610f7f5a296b3e5734802

WARNING  Only PyPI and TestPyPI support attestations; if you experience         
         failures, remove the --attestations flag and re-try this command       
Uploading distributions to https://test.pypi.org/legacy
INFO     dist/urdfdom_py-1.2.1-py3-none-any.whl (16.6 KB)                       
INFO     dist/urdfdom_py-1.2.1.tar.gz (18.1 KB)                                 
INFO     username set by command options                                        
INFO     password set by command options                                        
INFO     username: __token__                                                    
INFO     password: <hidden>                                                     
Uploading urdfdom_py-1.2.1-py3-none-any.whl
INFO     Response from https://test.pypi.org/legacy:                            
         400 Bad Request                                                        
INFO     <html>                                                                 
          <head>                                                                
           <title>400 Bad Request</title>                                       
          </head>                                                               
          <body>                                                                
           <h1>400 Bad Request</h1>                                             
           The server could not comply with the request since it is either      
         malformed or otherwise incorrect.<br/><br/>                            
         POST body may not contain duplicate keys (URL:                         
         &#x27;https://test.pypi.org/legacy&#x27;)                              
                                                                                
                                                                                
          </body>                                                               
         </html>                                                                
ERROR    HTTPError: 400 Bad Request from https://test.pypi.org/legacy           
         Bad Request                                                            

I am not sure what is going on @haixuanTao if you want to look on that I gave you access to both the repo and the TestPyPI urdfdom-py project.

[traversaro]

I am not sure what is going on @haixuanTao if you want to look on that I gave you access to both the repo and the TestPyPI urdfdom-py project.

Actually I could not found you on TestPyPI, do you have a user there (if I recall correctly the users are separated from PyPI).

[haixuanTao]

Lol, I'm not on test pypi. Let me create an account.

[haixuanTao]

There you go: https://test.pypi.org/user/haixuantao/

[traversaro]

I think you need some setting, now it gives me an error:

Error User 'haixuantao' does not have a verified primary email address and cannot be added as a Maintainer for project

[haixuanTao]

Indeed. I just verified it.

I think the issue with the CI is probably around how to pass the credentials. What I usually do is pass the credendials within a GitHub secret as an env variable.

[traversaro]

I think the issue with the CI is probably around how to pass the credentials. What I usually do is pass the credendials within a GitHub secret as an env variable.

Yes, I was trying to set up Trusted Publishers to avoid setting the secrets, as it worked in other repos. But whatever works is fine for me. I added you on TestPyPI.

[haixuanTao]

So, I don't think I can add secret on this GitHub project. FYI.

[traversaro]

So, I don't think I can add secret on this GitHub project. FYI.

Ah, annoying, I can't make you admin of a personal repo. Let me add the token myself.

[traversaro]

So, I don't think I can add secret on this GitHub project. FYI.

Ah, annoying, I can't make you admin of a personal repo. Let me add the token myself.

I created the PYPI_TOKEN (for PyPI) and TEST_PYPI_TOKEN (for TestPyPI) secrets.