Document additional Trusted Publishers (#15192)

* docs/user: empty sections for more publishers

Signed-off-by: William Woodruff <[email protected]>

* Fix headings

* Add provider TODOs to using-a-publisher.md

* Move images into provider-specific directories

* Update GitHub screenshots

* Fix asset links

* Update admonition to match

* Remove unnecessary quoting

* Google Trusted Publishing docs (#15195)

* Google Trusted Publishing docs

* Update docs/user/trusted-publishers/security-model.md

Co-authored-by: Facundo Tuesca <[email protected]>

* Update docs/user/trusted-publishers/security-model.md

Co-authored-by: Facundo Tuesca <[email protected]>

* Apply suggestions from code review

Co-authored-by: William Woodruff <[email protected]>

* Apply suggestions from code review

---------

Co-authored-by: Facundo Tuesca <[email protected]>
Co-authored-by: William Woodruff <[email protected]>

* Add Google screenshots

* Fix provider-specific screenshots

* Add GitLab Trusted Publishing docs (#15283)

* Add GitLab Trusted Publishing docs

* Add screenshots to GitLab Trusted Publishing docs

* Fix instructions for GitLab CI with Trusted Publishing

* Add activestate OIDC docs (#15548)

* First draft of ActiveState Trusted Publishing docs

* Add ActiveState Security Model and Considerations

* Adding examples

* Add link to ActiveState hosted OIDC docs

* Add updated docs from Andrew

* MD tweaks and some images

* Add remaining screenshots and embbed them in MD

* Tweaking instructions for publishing

* Update warehouse/templates/manage/account/publishing.html

Co-authored-by: William Woodruff <[email protected]>

* Review edit

Co-authored-by: Dustin Ingram <[email protected]>

* Review edits

Co-authored-by: Dustin Ingram <[email protected]>

* Review edits

Co-authored-by: Dustin Ingram <[email protected]>

* Review edits

Co-authored-by: Dustin Ingram <[email protected]>

* Review edits

Co-authored-by: Dustin Ingram <[email protected]>

* Translations

* Fix build script tokens, link to supported platforms

* Revise and reformat ActiveState using instructions

---------

Co-authored-by: Pete Garcin <[email protected]>
Co-authored-by: William Woodruff <[email protected]>
Co-authored-by: Dustin Ingram <[email protected]>

* Slugify tab anchors

* Add blogpost announcing more trusted publishers (#15656)

* Fix old byline

* Add blogpost announcing more trusted publishers

* Update docs/blog/posts/2024-04-20-expanding-trusted-publisher-support.md

Co-authored-by: Mike Fiedler <[email protected]>

* Apply suggestions from code review

---------

Co-authored-by: Mike Fiedler <[email protected]>

* Updating ActiveState publishing docs (#15739)

* Updating ActiveState publishing docs

* Update docs/user/trusted-publishers/using-a-publisher.md

Co-authored-by: Dustin Ingram <[email protected]>

---------

Co-authored-by: Dustin Ingram <[email protected]>

* Update publish date

* Update line for consistency

* Update tabbed headings to not appear in ToC

* Wrap long lines

* Consistency fix

* Line break

* Strip out leading $

* Make note conform

* Translations

* Add border to images

* Update screenshot

* Dark mode CSS doesn't work as expected

* Add alt text

* Update publication date

* Fix ActiveState getting started Trusted Publisher links (#15801)

* Fix ActiveState getting started Trusted Publisher links

* REALLY fix ActiveState getting started Trusted Publisher links

---------

Signed-off-by: William Woodruff <[email protected]>
Co-authored-by: William Woodruff <[email protected]>
Co-authored-by: Facundo Tuesca <[email protected]>
Co-authored-by: William Woodruff <[email protected]>
Co-authored-by: Carey Hoffman <[email protected]>
Co-authored-by: Pete Garcin <[email protected]>
Co-authored-by: Mike Fiedler <[email protected]>
Co-authored-by: Pete Garcin <[email protected]>

Author: 6 people

docs/blog/posts/2023-04-20-introducing-trusted-publishers.md

@@ -112,8 +112,7 @@ providing valuable feedback to improve this feature along the way.
 
 ---
 
-_Dustin Ingram is a maintainer of the Python Package Index and a director of
-the Python Software Foundation._
+_Dustin Ingram is a maintainer of the Python Package Index._
 
 [^1]: Currently, information such as this are provided by the uploader and are not verified as accurate by PyPI.
 [OpenID Connect (OIDC)]: https://openid.net/connect/

docs/blog/posts/2024-04-17-expanding-trusted-publisher-support.md

@@ -0,0 +1,66 @@
+---
+title: Expanding Trusted Publisher Support
+description: Announcing additional Trusted Publishing providers
+authors:
+  - di
+date: 2024-04-17
+tags:
+  - publishing
+  - security
+  - oidc
+---
+
+Starting today, PyPI package maintainers can publish via Trusted Publishing
+from three additional providers:
+
+ * GitLab CI/CD
+ * Google Cloud
+ * ActiveState
+
+These providers join existing support for publishing from GitHub Actions without
+long-lived passwords or API tokens, which [we announced last year], and bring
+support for Trusted Publishing to even more hosted providers.
+
+<!-- more -->
+
+### About Trusted Publishing
+
+Trusted Publishing is our term for using the [OpenID Connect (OIDC)] standard
+to exchange short-lived identity tokens between a trusted third-party service
+and PyPI. This method can be used in automated environments and eliminates the
+need to use username/password combinations or long-lived, manually generated
+API tokens to authenticate with PyPI when publishing.
+
+Instead, maintainers can configure PyPI to trust an identity provided by a
+given OpenID Connect Identity Provider (IdP). This allows allows PyPI to verify
+and delegate trust to that identity, which is then authorized to request
+short-lived, tightly-scoped API tokens from PyPI. These API tokens never need
+to be stored or shared, rotate automatically by expiring quickly, and provide a
+verifiable link between a published package and its source.
+
+### Get started today
+
+To get started with using trusted publishers on PyPI, see our documentation
+here: <https://docs.pypi.org/trusted-publishers/>.
+
+### Acknowledgements
+
+Funding for work implementing Google Cloud and GitLab support was provided by
+the Google Open Source Security Team, and much of the development work was
+performed by [Trail of Bits], with special thanks to contributors [William
+Woodruff] and [Facundo Tuesca].
+
+ActiveState support was provided by ActiveState, with special thanks to
+contributors [Carey Hoffman] and [Pete Garcin].
+
+---
+
+_Dustin Ingram is a maintainer of the Python Package Index._
+
+[we announced last year]: 2023-04-20-introducing-trusted-publishers.md
+[William Woodruff]: https://github.com/woodruffw
+[Facundo Tuesca]: https://github.com/facutuesca
+[Carey Hoffman]: https://github.com/th3coop
+[Pete Garcin]: https://github.com/rawktron
+[OpenID Connect (OIDC)]: https://openid.net/connect/
+[Trail of Bits]: https://www.trailofbits.com/

docs/mkdocs-user-docs.yml

@@ -14,6 +14,7 @@ markdown_extensions:
   - pymdownx.superfences
   - pymdownx.tabbed:
       alternate_style: true
+      slugify: !!python/object/apply:pymdownx.slugs.slugify {kwds: {case: lower}}
   - tables
 theme:
   name: material