From 0950a96e5a2d724e7f852f5c45715bf56fdf36f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Janek=20Nouvertn=C3=A9?= <25355197+provinzkraut@users.noreply.github.com> Date: Sat, 16 Sep 2023 10:30:05 +0200 Subject: [PATCH] infra: Enable publishing with PyPI trusted publishers --- .github/workflows/publish.yaml | 12 ++++++++---- CONTRIBUTING.rst | 5 +++-- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 165a23b3..9fbfdef3 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -6,7 +6,11 @@ on: jobs: publish-release: + name: upload release to PyPI runs-on: ubuntu-latest + environment: release + permissions: + id-token: write steps: - name: Check out repository uses: actions/checkout@v4 @@ -18,11 +22,11 @@ jobs: uses: snok/install-poetry@v1 - name: Install dependencies run: poetry install --no-interaction --no-root --no-dev - - name: publish + - name: build shell: bash - run: | - poetry config pypi-token.pypi ${{ secrets.PYPI_TOKEN }} - poetry publish --build --no-interaction + run: poetry build + - name: Publish package distributions to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 build-docs: permissions: contents: write diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst index 6ec0615a..d9fc5f67 100644 --- a/CONTRIBUTING.rst +++ b/CONTRIBUTING.rst @@ -75,6 +75,7 @@ Creating a new release 4. In GitHub go to the `releases tab `_ 5. Pick "`Draft a new release `_" 6. Give it a title and a tag, both ``vX.X.X`` -7. Fill in the release description, you can let GitHub do it for you and then edit as needed. +7. Fill in the release description. You can let GitHub do it for you and then edit as needed. 8. Publish the release. -9. Look under the action pane and make sure the release action runs correctly +9. Go to `Actions `_ and approve the workflow +10. Check that the workflow runs successfully