Skip to content
This repository was archived by the owner on Apr 29, 2026. It is now read-only.

Ci/pypi trusted publishing#14

Merged
Tatarinho merged 2 commits into
mainfrom
ci/pypi-trusted-publishing
Apr 22, 2026
Merged

Ci/pypi trusted publishing#14
Tatarinho merged 2 commits into
mainfrom
ci/pypi-trusted-publishing

Conversation

@Tatarinho
Copy link
Copy Markdown
Owner

@Tatarinho Tatarinho commented Apr 22, 2026

No description provided.

Michal Piotrowski added 2 commits April 22, 2026 20:07
Add PyPI publish workflow using trusted publishing (OIDC)
d76349f 
Triggers on v*.*.* tag pushes (and workflow_dispatch for manual reruns).
The 'build' job produces sdist + wheel with 'python -m build' and runs
'twine check' as a metadata sanity pass; the 'publish' job downloads
the dist artifact and uploads to PyPI via OIDC — no API token stored.

The 'publish' job runs inside a 'pypi' GitHub Environment so the
repository owner can attach required reviewers or branch protections
before real uploads go out.

Concurrency group 'publish' with cancel-in-progress: false prevents a
second tag push from killing an in-flight upload mid-stream.
Document release procedure in CONTRIBUTING.md
6216971 
New 'Releasing (maintainers only)' section covering the one-time PyPI
trusted publisher setup (pending publisher on PyPI + pypi environment
in GitHub) and the per-release tag-and-push flow that triggers the
publish.yml workflow.
@Tatarinho Tatarinho merged commit 10329a8 into main Apr 22, 2026
7 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Tatarinho