Is your feature request related to a problem? Please describe.
It is going to be much easier to manage publication of the Virtual Ecosystem as part of the GH actions workflow using trusted publishing, rather than relying on authentication using PyPI tokens. For a start, those tokens need to be stored securely but also shared amongst team members who want to make a release.
@dalonsoa pointed to a similar approach here:
#401 (review)
https://github.com/EnergySystemsModellingLab/MUSE_OS/blob/develop/.github/workflows/publish.yml
Describe the solution you'd like
Set up a GH workflow to publish when a release is made. I think the sequence is basically:
- Create a new release branch from
develop
- Review and merge that branch into
main
- Tag the new release with the version number
- Create a new release from that tag.
- That release creation sparks the workflow which re-runs the standard testing, builds the package and uses trusted publishing to push it to TestPyPI.
- That could then also publish to PyPI - but for the moment lets not. I have a vague preference for making a second action that needs to be triggered manually ('workflow_dispatch') for the final PyPI submission, but I haven't thought that through.
Is your feature request related to a problem? Please describe.
It is going to be much easier to manage publication of the Virtual Ecosystem as part of the GH actions workflow using trusted publishing, rather than relying on authentication using PyPI tokens. For a start, those tokens need to be stored securely but also shared amongst team members who want to make a release.
@dalonsoa pointed to a similar approach here:
#401 (review)
https://github.com/EnergySystemsModellingLab/MUSE_OS/blob/develop/.github/workflows/publish.yml
Describe the solution you'd like
Set up a GH workflow to publish when a release is made. I think the sequence is basically:
developmain