Skip to content

Commit

Permalink
ci(release): Use trusted publisher instead of api token [skip ci]
Browse files Browse the repository at this point in the history
  • Loading branch information
julienloizelet committed Feb 8, 2024
1 parent 2b10bee commit 6a779a9
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 32 deletions.
28 changes: 0 additions & 28 deletions .github/workflows/pypi_publish.yml

This file was deleted.

11 changes: 7 additions & 4 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,12 @@ jobs:

name: Publish to PyPI
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/p/cscapi
permissions:
# IMPORTANT: this permission is mandatory for trusted publishing
id-token: write
if: success() && github.event.inputs.publish-to-pypi == 'true'
needs: [ create-release ]

Expand All @@ -122,7 +128,4 @@ jobs:
- name: Build package
run: python -m build
- name: Publish package to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
uses: pypa/gh-action-pypi-publish@release/v1

0 comments on commit 6a779a9

Please sign in to comment.