Skip to content

Commit

Permalink
Utilize PyPI's trusted publishing (#1107)
Browse files Browse the repository at this point in the history
PyPI and Test PyPI recently introduced trusted publshing for
repositories using GitHub Actions to publish.

Changes having already been made on the PyPI and Test PyPI sites
to trust our GitHub actions.

https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/

Signed-off-by: Eric Brown <[email protected]>
  • Loading branch information
ericwb authored Jan 30, 2024
1 parent c3a07e5 commit be5d6ac
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 4 deletions.
5 changes: 3 additions & 2 deletions .github/workflows/publish-to-pypi.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@ jobs:
build-n-publish:
name: Build and publish to PyPI
runs-on: ubuntu-latest
permissions:
# IMPORTANT: this permission is mandatory for trusted publishing
id-token: write
steps:
- uses: actions/checkout@v4
with:
Expand All @@ -25,5 +28,3 @@ jobs:
- name: Publish distribution to PyPI
if: startsWith(github.ref, 'refs/tags')
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.PYPI_PASSWORD }}
6 changes: 4 additions & 2 deletions .github/workflows/publish-to-test-pypi.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@ jobs:
build-n-publish:
name: Build and publish to Test PyPI
runs-on: ubuntu-latest
permissions:
# IMPORTANT: this permission is mandatory for trusted publishing
id-token: write
steps:
- uses: actions/checkout@v4
with:
Expand All @@ -25,5 +28,4 @@ jobs:
- name: Publish distribution to Test PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.TEST_PYPI_PASSWORD }}
repository_url: https://test.pypi.org/legacy/
repository-url: https://test.pypi.org/legacy/

0 comments on commit be5d6ac

Please sign in to comment.