From 9d32fcd1222e13beabdb78537edc188ab9baf2db Mon Sep 17 00:00:00 2001 From: Simon Willison Date: Mon, 5 Feb 2024 14:47:53 -0800 Subject: [PATCH] Deploy to PyPI with trusted publisher --- .github/workflows/publish.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 3eebcf3..e4ffd86 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -30,23 +30,23 @@ jobs: pytest deploy: runs-on: ubuntu-latest + environment: release + permissions: + id-token: write needs: [test] steps: - uses: actions/checkout@v4 - - name: Set up Python ${{ matrix.python-version }} + - name: Set up Python uses: actions/setup-python@v5 with: - python-version: ${{ matrix.python-version }} - cache: 'pip' - cache-dependency-path: setup.py + python-version: '3.12' + cache: pip + cache-dependency-path: '**/setup.py' - name: Install dependencies run: | - pip install setuptools wheel twine build - - name: Publish - env: - TWINE_USERNAME: __token__ - TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }} + pip install setuptools wheel build + - name: Build run: | python -m build - twine upload dist/* - + - name: Publish + uses: pypa/gh-action-pypi-publish@release/v1