diff --git a/.github/workflows/publish-reusable.yml b/.github/workflows/publish-reusable.yml index 24bea0f..98ae9e7 100644 --- a/.github/workflows/publish-reusable.yml +++ b/.github/workflows/publish-reusable.yml @@ -15,9 +15,9 @@ on: description: 'This is the repository-url parameter for pypa/gh-action-pypi-publish' required: true type: string - environment: - description: 'PyPI/TestPyPI name and url are required' - type: environment + environment_name: + description: 'Name of environment that specifies PyPI/TestPyPI url' + type: string required: true secrets: GH_TOKEN: @@ -31,7 +31,7 @@ jobs: publish: name: Build runs-on: ubuntu-latest - environment: ${{ inputs.environment }} + environment: ${{ inputs.environment_name }} env: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} GITHUB_REPO: ${{ github.repository }} @@ -39,6 +39,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + with: + persist-credentials: false - name: Set up Python uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 diff --git a/.github/workflows/publish-to-testpypi.yaml b/.github/workflows/publish-to-testpypi.yaml index 173c406..d6b8926 100644 --- a/.github/workflows/publish-to-testpypi.yaml +++ b/.github/workflows/publish-to-testpypi.yaml @@ -10,6 +10,9 @@ on: jobs: publish: name: Publish wheel to TestPyPI + environment: + name: testpypi + url: https://test.pypi.org/p/seclab-taskflow-agent2 permissions: contents: write id-token: write # For trusted publishing @@ -18,8 +21,6 @@ jobs: version: ${{ inputs.version }} release_notes: ${{ github.head_ref }} repository_url: https://test.pypi.org/legacy/ - environment: - name: testpypi - url: https://test.pypi.org/p/seclab-taskflow-agent2 + environment: testpypi secrets: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}