Skip to content

Commit

Permalink
ci: Use PyPI trusted publisher
Browse files Browse the repository at this point in the history 
This commit updates the CI release workflow to use the PyPI "trusted
publisher" package publishing mechanism.

Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
  • Loading branch information
@stephanosio
stephanosio committed Oct 3, 2024
1 parent 66ba177 commit 4a93758
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,13 @@ jobs:

release:
name: Release
environment: release
needs: [ ci ]
runs-on: ubuntu-20.04

permissions:
id-token: write

steps:
- name: Download build artifacts
uses: actions/download-artifact@v4
Expand All @@ -37,5 +41,4 @@ jobs:
- name: Publish package to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.PYPI_API_TOKEN }}
packages-dir: assets/

0 comments on commit 4a93758

Please sign in to comment.