Skip to content

Commit

Permalink
Dev: Started using the trusted publisher concept of Pypi
Browse files Browse the repository at this point in the history
Signed-off-by: Andreas Maier <[email protected]>
  • Loading branch information
andy-maier committed Oct 10, 2024
1 parent 08a0a2e commit 58ddf3a
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 8 deletions.
14 changes: 6 additions & 8 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,9 @@ jobs:
name: Build and publish to PyPI
if: startsWith(github.ref, 'refs/tags')
runs-on: ubuntu-latest
permissions:
id-token: write
contents: write
steps:

#-------- Info gathering and checks
Expand Down Expand Up @@ -139,18 +142,13 @@ jobs:
- name: Display the distribution directory
run: |
ls -l dist
# - name: Publish distribution to TestPyPI
# uses: pypa/gh-action-pypi-publish@release/v1
# with:
# packages_dir: dist
# password: ${{ secrets.TEST_PYPI_API_TOKEN }}
# repository_url: https://test.pypi.org/legacy/
- name: Publish distribution to PyPI
if: startsWith(github.ref, 'refs/tags')
uses: pypa/gh-action-pypi-publish@release/v1
with:
packages_dir: dist
password: ${{ secrets.PYPI_API_TOKEN }}
packages-dir: dist
# Pypi has a trusted publisher defined, so we do not need a password:
# https://pypi.org/manage/project/zhmcclient/settings/publishing/

#-------- Creation of Github release
- name: Determine whether release on Github exists for the pushed tag
Expand Down
2 changes: 2 additions & 0 deletions changes/noissue.2.cleanup.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
Dev: Started using the trusted publisher concept of Pypi in order to avoid
dealing with Pypi access tokens.

0 comments on commit 58ddf3a

Please sign in to comment.