From b25bf7cd60c16c258a95c1d8be3ab44e7dd20bcd Mon Sep 17 00:00:00 2001 From: Teemu R Date: Sat, 21 Oct 2023 22:53:20 +0200 Subject: [PATCH] Use trusted publisher setup for CI (#1852) --- .github/workflows/publish.yml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index d2510e0f0..82b98aa83 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -7,13 +7,17 @@ jobs: build-n-publish: name: Build release packages runs-on: ubuntu-latest + environment: publish + permissions: # for trusted publishing + id-token: write steps: - uses: actions/checkout@master + - name: Setup python - uses: actions/setup-python@v3 + uses: actions/setup-python@v4 with: - python-version: 3.9 + python-version: "3.x" - name: Install pypa/build run: >- @@ -32,6 +36,4 @@ jobs: . - name: Publish release on pypi - uses: pypa/gh-action-pypi-publish@master - with: - password: ${{ secrets.PYPI_API_TOKEN }} + uses: pypa/gh-action-pypi-publish@release/v1