Adding auto build and publish in pipy

[einar-lanfranco]

Hi Danny, this is what i use to build and publish the packager to pipy, you just need to add the api token from pipy to a Repository secrets in Settings -> Secrets and Variables -> Actions.

I use it in python-publis.yml in .github/workflows -> password: ${{ secrets.api_de_pip }}

And then: every time you push to main the python packages is built and every time you tag in github it automatically publish in pipy

Let me konw if it helps.

Note: When you are going to tag you need to update version in setup.py also to keep sync the pipy documentation.

[dannywillems]

Hi @einar-lanfranco!

Thanks for your contribution!

I highly appreciate the time you spent. However, I have been thinking about the security aspect of publishing automatically to pypi using GH Actions, in particular following the recent security issue that happened with Ledger and connect-kit. I would prefer to not do it. We are strict on security at LeakIX, and we want to restrict the rights to publish our packages available to the community.

Regarding your changes with flake, I am in favor of adding it. However, can you add in the poetry config file instead please?

Regarding the description missing on pypi, it is because the file pyproject.toml does not reference the README and other information, see the doc.