From 9e7511bd9810b797facb037632e88904a5519d78 Mon Sep 17 00:00:00 2001 From: Michael Feil <63565275+michaelfeil@users.noreply.github.com> Date: Fri, 19 Jul 2024 20:47:19 -0700 Subject: [PATCH] Update python-publish.yml --- .github/workflows/python-publish.yml | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml index ac1f1b89..da1dd47d 100644 --- a/.github/workflows/python-publish.yml +++ b/.github/workflows/python-publish.yml @@ -15,11 +15,19 @@ on: tags: - 'v*' # Push events to every version tag - jobs: deploy: runs-on: ubuntu-latest + environment: + name: publish + permissions: + # This permission is used for trusted publishing: + # https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/ + # + # Trusted publishing has to also be configured on PyPI for each package: + # https://docs.pypi.org/trusted-publishers/adding-a-publisher/ + id-token: write steps: - uses: actions/checkout@v2 @@ -33,8 +41,8 @@ jobs: poetry install - name: Build package run: poetry build - - name: Publish package - uses: pypa/gh-action-pypi-publish@27b31702a0e7fc50959f5ad993c78deac1bdfc29 + - name: Publish package distributions to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 with: - user: __token__ - password: ${{ secrets.PYPI_API_TOKEN }} + verbose: true + print-hash: true