Skip to main content

Template for a Python package with a secure project host and package repository configuration.

Project description

Secure Python package template

Template for a Python package with a secure project host and package repository configuration.

Configuring your package repository

  • Upload a dummy v0.0 package under the desired package name using your PyPI username and password.
  • Create an API token that is scoped to only the package
  • Copy the value into your clipboard, it will be used later.

Configuring your project host

Protected branches

Protected tags

  • Settings > Tags > New rule
  • Use a pattern of *, even if you have a pattern like vX.Y.Z.
  • Select "Add rule"

Publish GitHub Environment

  • Settings > Environments > New Environment
  • Name the environment: publish
  • Add required reviewers, should be maintainers
  • Select "Save protection rules" button
  • Select "Protected Branches" in the deployment branches dropdown
  • Select "Add secret" in the environment secrets section
  • Add the PyPI API token value under PYPI_TOKEN

License

CC0-1.0

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

secure_package_template-0.1.0.tar.gz (1.2 kB view hashes)

Uploaded Source

Built Distribution

secure_package_template-0.1.0-py3-none-any.whl (2.1 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page