From b798ac64700aabae4213c99c0673d8946e16c17b Mon Sep 17 00:00:00 2001 From: Bryce Willey Date: Tue, 31 Mar 2026 09:33:44 -0400 Subject: [PATCH] Use trusted publishing to publish to PyPI See https://github.com/SuffolkLITLab/ALActions/issues/73 for more info. --- .github/workflows/publish.yml | 52 +++++++++++++++++++++++++++++------ 1 file changed, 44 insertions(+), 8 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index b715480..2ff4461 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -1,13 +1,49 @@ -name: Publish Python 🐍 distributions 📦 to PyPI and TestPyPI +name: Publish Python distribution to PyPI -on: push +on: + push: + tags: + - "v*" + workflow_dispatch: jobs: - build-n-publish: - name: Build and publish Python 🐍 distributions 📦 to PyPI + build: + name: Build distribution runs-on: ubuntu-latest steps: - - uses: SuffolkLITLab/ALActions/publish@main - with: - PYPI_API_TOKEN: ${{ secrets.PYPI_API_TOKEN }} - VERSION_TO_PUBLISH: ${{ env.GITHUB_REF_NAME }} + - uses: actions/checkout@v6 + with: + persist-credentials: false + - name: Set up Python + uses: actions/setup-python@v6 + with: + python-version: "3.12" + - name: Install build tool + run: python3 -m pip install --user build + - name: Build a binary wheel and source tarball + run: python3 -m build + - name: Store distribution packages + uses: actions/upload-artifact@v4 + with: + name: python-package-distributions + path: dist/ + + publish-to-pypi: + name: Publish distribution to PyPI + if: ${{ startsWith(github.ref, 'refs/tags/') }} + needs: + - build + runs-on: ubuntu-latest + environment: + name: pypi + url: https://pypi.org/p/formfyxer + permissions: + id-token: write + steps: + - name: Download all distributions + uses: actions/download-artifact@v4 + with: + name: python-package-distributions + path: dist/ + - name: Publish distribution to PyPI + uses: pypa/gh-action-pypi-publish@release/v1