From 9f81f10d630fc28a4120bbb2ab087ce1035ce0e0 Mon Sep 17 00:00:00 2001 From: Konstantin Chernyshev Date: Sun, 29 Oct 2023 09:42:52 +0100 Subject: [PATCH] ci(pypi): use Trusted publishing --- .github/workflows/publish.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index a9d7fbf..9272cdd 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -45,6 +45,11 @@ jobs: release-python-package: needs: update-version-and-changelog-files runs-on: ubuntu-latest + environment: + name: pypi + url: https://pypi.org/p/manytask-checker + permissions: + id-token: write # IMPORTANT: this permission is mandatory for trusted publishing steps: - uses: actions/checkout@v3 - uses: actions/setup-python@v4 @@ -60,9 +65,6 @@ jobs: python -m pip wheel . --no-deps --wheel-dir dist - name: Publish to PyPI uses: pypa/gh-action-pypi-publish@release/v1 - with: - password: ${{ secrets.PYPI_TOKEN }} - packages_dir: dist # release-github-pages: # runs-on: ubuntu-latest