This repository is configured for GitHub-driven releases. Treat GitHub Actions as the release authority and PyPI as the final distribution step.
Do releases in this order:
- make sure all GitHub Actions build jobs are green
- confirm the generated wheels and source distribution look correct in GitHub artifacts
- confirm the GitHub Release step works correctly
- only then enable or use PyPI publishing
Do not treat PyPI as the first validation step. If GitHub builds are failing, fix CI first and keep PyPI publishing disabled or unconfigured until the workflow is stable.
This repository is configured for PyPI Trusted Publishing through GitHub Actions.
The workflow already has the required OIDC permission in build.yml, so you do not need to store a long-lived PyPI API token if you use the recommended setup.
Use this sequence:
- get GitHub Actions builds working reliably
- configure Trusted Publishing on PyPI
- push a new release tag
- let GitHub Actions publish automatically after the build, package check, and GitHub Release steps succeed
- go to https://pypi.org/account/register/
- verify your email address
- enable two-factor authentication on PyPI
- log in
Open:
Add a new pending publisher with these values:
- PyPI project name: pjsua2-python
- Owner: srthorat
- Repository name: pjsua2-python
- Workflow name: build.yml
- Environment name: leave empty unless you intentionally use a GitHub Environment for releases
This tells PyPI that only this GitHub repository and this workflow may publish the pjsua2-python project.
Before you depend on PyPI publishing, check the GitHub side first:
- the Build Wheels workflow completes successfully for all platforms
- the package-check job builds the sdist and passes twine check
- the github-release job creates a GitHub Release and uploads all expected files
- release artifacts include platform wheels, source tarball, and SHA256SUMS.txt
If any of those steps fail, do not proceed to PyPI publishing yet.
When GitHub Actions is working correctly:
- bump pjsua2/_version.py if needed
- push the commit to main
- create a matching tag such as v2.15.2
- push the tag
Example:
git tag v2.15.2
git push origin v2.15.2The release workflow will then:
- build all platform wheels
- build and validate the source distribution
- create the GitHub Release
- publish to PyPI if Trusted Publishing is configured correctly
After a successful publish:
- open https://pypi.org/project/pjsua2-python/
- confirm the new version is listed
- confirm wheels exist for the expected platforms
- confirm the source distribution is present
If you want a safer dry run, configure TestPyPI before real PyPI.
- create an account at https://test.pypi.org/account/register/
- open https://test.pypi.org/manage/account/publishing/
- add the same pending publisher values:
- project: pjsua2-python
- owner: srthorat
- repository: pjsua2-python
- workflow: build.yml
If you later want a separate TestPyPI workflow, add one explicitly rather than mixing test and production publishing in the same release path.
Common causes of PyPI publish failures:
- Trusted Publishing values do not match the repository exactly
- the project name on PyPI does not match pjsua2-python
- the version already exists on PyPI
- one or more platform build jobs failed earlier in the workflow
- GitHub Release packaging failed before the PyPI step
- Trusted Publishing was configured after the tag run had already started
Because the current builds are still failing, keep the focus on GitHub Actions until the workflow is green end to end.
Recommended immediate order:
- fix all GitHub build failures
- confirm release artifacts are correct on GitHub
- configure Trusted Publishing on PyPI
- publish with a fresh version tag