New OIDC providers for Trusted Publishing

OK so for those just reading on the sidelines and wanting a quick way to construct a PyPI token for publishing several packages, here it is:

import pypitoken
token = pypitoken.Token.load("pypi-YourAccountScopedTokenHere")
token.restrict(project_names=["project1", "project2"])
print(token.dump()) # => pypi-NewTokenRestrictedToThoseProjects

Just like @dstufft said, it was quite easy (after I remembered to re-read his post and not try to do it myself with pymacaroons…).

I wish pypitoken had a CLI so it could be installed and used with pipx install pypitoken but I’m way too exhausted to do this myself.

(Is there a way to pin this reply to the start of the thread somehow? Maybe a bored mod could do it…)

10 Likes