Set trusted publishing logging to INFO/WARN (#1247)

* Set trusted publishing logging to INFO/WARN

Trusted publishing is the only part of the codebase using
`logger.debug()`, which can't be easily accessed from the CLI.
This PR changes these to either `logger.info` or `logger.warning()`,
such that all are visible with `--verbose`.

Signed-off-by: Pedro Kaj Kjellerup Nacht <[email protected]>

* Set all but one to WARN, add changelog

Signed-off-by: Pedro Kaj Kjellerup Nacht <[email protected]>

---------

Signed-off-by: Pedro Kaj Kjellerup Nacht <[email protected]>
Co-authored-by: Ian Stapleton Cordasco <[email protected]>

Author: pnacht

1247.misc.rst

@@ -0,0 +1 @@
+Log when performing built-in trusted publishing key exchange.

twine/auth.py

@@ -181,7 +181,7 @@ def _make_trusted_publishing_token(self) -> t.Optional[TrustedPublishingToken]:
             )
 
         if oidc_token is None:
-            logger.debug("This environment is not supported for trusted publishing")
+            logger.warning("This environment is not supported for trusted publishing")
             if self._tp_token and int(time.time()) > cast(
                 int, self._tp_token.get("expires", self._expires)
             ):
@@ -190,7 +190,7 @@ def _make_trusted_publishing_token(self) -> t.Optional[TrustedPublishingToken]:
             # while longer, let's continue using it instead of prompting
             return self._tp_token
 
-        logger.debug("Got OIDC token for audience %s", audience)
+        logger.warning("Got OIDC token for audience %s", audience)
 
         token_exchange_url = f"https://{repository_domain}/_/oidc/mint-token"
 
@@ -216,7 +216,7 @@ def _make_trusted_publishing_token(self) -> t.Optional[TrustedPublishingToken]:
                 f" reasons:\n\n{reasons}"
             )
 
-        logger.debug("Minted upload token for trusted publishing")
+        logger.warning("Minted upload token for trusted publishing")
         self._tp_token = cast(TrustedPublishingToken, mint_token_payload)
         self._expires = int(time.time()) + 900
         return self._tp_token
@@ -278,7 +278,7 @@ def password_from_keyring_or_trusted_publishing_or_prompt(self) -> str:
             return password
 
         if self.is_pypi() and self.username == TOKEN_USERNAME:
-            logger.debug(
+            logger.info(
                 "Trying to use trusted publishing (no token was explicitly provided)"
             )
             if (token := self.make_trusted_publishing_token()) is not None: