From f5461b6e6a0c87fe7b81ac731b51fb593a06dcdf Mon Sep 17 00:00:00 2001 From: Marc-Antoine Schmidt Date: Mon, 16 Oct 2023 21:48:38 -0400 Subject: [PATCH] Trusted publisher (#319) * test publishing * removed too many stuff * temporarily limiting the number of wheels * add pypi and revert temporary changes * changelog * revert previous changes --- .github/workflows/build-wheels.yml | 15 ++++++++++----- CHANGELOG.rst | 3 +++ 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-wheels.yml b/.github/workflows/build-wheels.yml index b0f12d62..ecc1b4cd 100644 --- a/.github/workflows/build-wheels.yml +++ b/.github/workflows/build-wheels.yml @@ -69,6 +69,11 @@ jobs: if: github.event_name == 'release' && github.event.action == 'published' needs: [build_wheels, build_sdist] runs-on: ubuntu-latest + environment: + name: release + url: https://test.pypi.org/p/tabmat + permissions: + id-token: write steps: - uses: actions/download-artifact@v3 with: @@ -77,14 +82,17 @@ jobs: - uses: pypa/gh-action-pypi-publish@v1.8.10 with: - user: __token__ - password: ${{ secrets.GH_TESTPYPI_UPLOAD }} repository-url: https://test.pypi.org/legacy/ upload_pypi: if: github.event_name == 'release' && github.event.action == 'published' needs: [build_wheels, build_sdist, upload_testpypi] runs-on: ubuntu-latest + environment: + name: release + url: https://pypi.org/p/tabmat + permissions: + id-token: write steps: - uses: actions/download-artifact@v3 with: @@ -92,6 +100,3 @@ jobs: path: dist - uses: pypa/gh-action-pypi-publish@v1.8.10 - with: - user: __token__ - password: ${{ secrets.GH_PYPI_UPLOAD }} diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 2218319a..b94bf213 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -10,6 +10,9 @@ Changelog Unreleased ---------- +**Other changes:** + +- Pypi release is now done using trusted publisher. 3.1.12 - 2023-10-16 -------------------