build: move almost everything to pyproject.toml (#70)

* build: move almost everything to pyproject.toml This requires a `MANIFEST.in`, since `setuptools` apparently can't specify package data in `pyproject.toml`. Yet. Signed-off-by: William Woodruff <[email protected]> * pyproject: remove MANIFEST.in, embed package-data I was wrong! Signed-off-by: William Woodruff <[email protected]> * workflows/ci: remove reference to pip-audit sigstore uses click, so this isn't relevant. Signed-off-by: William Woodruff <[email protected]> * setup.py: Fix typo Signed-off-by: Alex Cameron <[email protected]> Co-authored-by: Alex Cameron <[email protected]>
sigstore · May 5, 2022 · 2178a1c · 2178a1c
1 parent 4e2b59a
commit 2178a1c
Show file tree

Hide file tree

Showing 4 changed files with 86 additions and 83 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -66,11 +66,6 @@ jobs:
     steps:
       - uses: actions/checkout@v2
       - uses: actions/setup-python@v2
-        # NOTE(ww): Important: use pip-audit's minimum supported Python version
-        # in this check, since Python can change the `--help` rendering in
-        # `argparse` between major versions.
-        with:
-          python-version: "3.7"
       - name: deps
         run: make dev
       - name: check-readme

diff --git a/Makefile b/Makefile
@@ -27,13 +27,15 @@ endif
 all:
 	@echo "Run my targets individually!"
 
-.PHONY: dev
-dev:
-	test -d env || python3 -m venv env
-	. env/bin/activate && \
-		pip install --upgrade pip && \
-		pip install -e .[dev]
+env/pyvenv.cfg: setup.py pyproject.toml
+	# Create our Python 3 virtual environment
+	rm -rf env
+	python3 -m venv env
+	./env/bin/python -m pip install --upgrade pip
+	./env/bin/python -m pip install -e .[dev]
 
+.PHONY: dev
+dev: env/pyvenv.cfg
 
 .PHONY: run
 run:

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,3 +1,78 @@
+[build-system]
+requires = ["setuptools>=61.0.0", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "sigstore"
+dynamic = ["version"]
+description = "A tool for signing Python package distributions"
+readme = "README.md"
+license = { file = "LICENSE" }
+authors = [
+  { name = "Sigstore Authors", email = "[email protected]" }
+]
+classifiers = [
+  "License :: OSI Approved :: Apache Software License",
+  "Programming Language :: Python :: 3 :: Only",
+  "Programming Language :: Python :: 3",
+  "Programming Language :: Python :: 3.7",
+  "Programming Language :: Python :: 3.8",
+  "Programming Language :: Python :: 3.9",
+  "Programming Language :: Python :: 3.10",
+  "Development Status :: 4 - Beta",
+  "Intended Audience :: Developers",
+  "Topic :: Security",
+  "Topic :: Security :: Cryptography",
+]
+dependencies = [
+  "click>=8",
+  "cryptography",
+  "pem",
+  "pydantic",
+  "pyjwt",
+  "pyOpenSSL",
+  "requests",
+  "securesystemslib",
+]
+requires-python = ">=3.7"
+
+[project.scripts]
+sigstore = "sigstore._cli:main"
+
+[project.urls]
+Homepage = "https://pypi.org/project/sigstore/"
+Issues = "https://github.com/sigstore/sigstore-python/issues"
+Source = "https://github.com/sigstore/sigstore-python"
+
+[project.optional-dependencies]
+dev = [
+  "build",
+  "bump",
+  "flake8",
+  "black",
+  "isort",
+  "pytest",
+  "pytest-cov",
+  "pretend",
+  "coverage[toml]",
+  "interrogate",
+  "pdoc3",
+  "mypy",
+  "types-cryptography",
+  "types-requests",
+  "types-pyOpenSSL",
+  "types-pyjwt",
+]
+
+[tool.setuptools]
+packages = ["sigstore"]
+
+[tool.setuptools.dynamic]
+version = { attr = "sigstore.__version__" }
+
+[tool.setuptools.package-data]
+sigstore = ["_store/*"]
+
 [tool.isort]
 multi_line_output = 3
 known_first_party = "sigstore"

diff --git a/setup.py b/setup.py
@@ -13,76 +13,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-import importlib
+"""Shim for editable installs."""
+from setuptools import setup
 
-from setuptools import find_packages, setup
-
-version = importlib.import_module("sigstore._version")
-
-with open("./README.md") as f:
-    long_description = f.read()
-
-setup(
-    name="sigstore",
-    version=version.__version__,
-    license="Apache-2.0",
-    author="Sigstore Authors",
-    author_email="[email protected]",
-    description="A tool for signing Python package distributions",
-    long_description=long_description,
-    long_description_content_type="text/markdown",
-    url="https://github.com/sigstore/sigstore-python",
-    packages=find_packages(),
-    package_data={"sigstore": ["_store/*"]},
-    include_package_data=True,
-    entry_points={
-        "console_scripts": [
-            "sigstore = sigstore._cli:main",
-        ]
-    },
-    platforms="any",
-    python_requires=">=3.7",
-    install_requires=[
-        "click>=8",
-        "cryptography",
-        "pem",
-        "pydantic",
-        "pyjwt",
-        "pyOpenSSL",
-        "requests",
-        "securesystemslib",
-    ],
-    extras_require={
-        "dev": [
-            "build",
-            "bump",
-            "flake8",
-            "black",
-            "isort",
-            "pytest",
-            "pytest-cov",
-            "pretend",
-            "coverage[toml]",
-            "interrogate",
-            "pdoc3",
-            "mypy",
-            "types-cryptography",
-            "types-requests",
-            "types-pyOpenSSL",
-            "types-pyjwt",
-        ]
-    },
-    classifiers=[
-        "License :: OSI Approved :: Apache Software License",
-        "Programming Language :: Python :: 3 :: Only",
-        "Programming Language :: Python :: 3",
-        "Programming Language :: Python :: 3.7",
-        "Programming Language :: Python :: 3.8",
-        "Programming Language :: Python :: 3.9",
-        "Programming Language :: Python :: 3.10",
-        "Development Status :: 4 - Beta",
-        "Intended Audience :: Developers",
-        "Topic :: Security",
-        "Topic :: Security :: Cryptography",
-    ],
-)
+setup()