Merge pull request #196 from woodruffw-forks/ww/notice-to-debug

This replaces the use of `::notice` in each authentication case with `::debug`, reducing the user confusion caused by the these messages. It also simplifies the message in the Trusted Publishing case to make it less ambiguous. Closes #192.
pypa · Dec 20, 2023 · c12cc61 · c12cc61
2 parents 2f6f737 + 674fb78
commit c12cc61
Showing 1 changed file with 3 additions and 7 deletions.
diff --git a/twine-upload.sh b/twine-upload.sh
@@ -56,23 +56,19 @@ https://docs.pypi.org/trusted-publishers"
 if [[ "${INPUT_USER}" == "__token__" && -z "${INPUT_PASSWORD}" ]] ; then
     # No password supplied by the user implies that we're in the OIDC flow;
     # retrieve the OIDC credential and exchange it for a PyPI API token.
-    echo \
-        '::notice::Attempting to perform trusted publishing exchange' \
-        'to retrieve a temporary short-lived API token for authentication' \
-        "against ${INPUT_REPOSITORY_URL} due to __token__ username with no" \
-        'supplied password field'
+    echo "::debug::Authenticating to ${INPUT_REPOSITORY_URL} via Trusted Publishing"
     INPUT_PASSWORD="$(python /app/oidc-exchange.py)"
 elif [[ "${INPUT_USER}" == '__token__' ]]; then
     echo \
-        '::notice::Using a user-provided API token for authentication' \
+        '::debug::Using a user-provided API token for authentication' \
         "against ${INPUT_REPOSITORY_URL}"
 
     if [[ "${INPUT_REPOSITORY_URL}" =~ pypi\.org ]]; then
         echo "${TRUSTED_PUBLISHING_NUDGE}"
     fi
 else
     echo \
-        '::notice::Using a username + password pair for authentication' \
+        '::debug::Using a username + password pair for authentication' \
         "against ${INPUT_REPOSITORY_URL}"
 
     if [[ "${INPUT_REPOSITORY_URL}" =~ pypi\.org ]]; then